{"report_id":"9cd66a01-df11-4b71-ad73-22fb8cd3622c","version":6,"status":"done","tags":[],"date":"2026-01-05T19:28:38Z","url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"104.21.51.15","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"title":"Wintakeo: Most Popular Online Crypto Casino Based on Blockchain","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"104.21.51.15","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T19:28:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"wintakeo.com","ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-23","domain_rank":0,"first_seen":"2026-01-01T04:35:39.549088Z","last_seen":"2026-01-01T04:35:39.549088Z","alert_count":219,"request_count":73,"received_data":9931245,"sent_data":33026,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/30731-b4906d3166248ccd.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a278de30bdaee7c2a859ec4fe00720a5","sha1":"dfee7e7f7f6bb86b057a87c026fe85debcf3ff9e","sha256":"f1b31f7cc90eae6ec6abd1c9b5e2cab892957933851bdc043acaec409ca136d2","sha512":"77f9c98385a0189d3c4ac23bef30048bcab4c2915cda68f96181e386575b3e523fb4d6ad1d1b99f6dcc89b18122b8e0548ee2628d6f8d948571592754b9ff4e9","ssdeep":"3072:92ydhg+1uKewJ0Byiw1QRi8B6a3bmicWAM7c3jiPYFEcFBKKMhEmDhwZ8:92ydhxQRB0Dz7vMKmDmZ8","tlshash":"bd15b4985bb553fcf405f7f48a2ba4b43f6a38f67a42c4b8c3a91c15d4520ad89a5cc3","size":935432,"data":"","first_seen":"2025-11-16T06:53:31.123844Z","last_seen":"2026-06-06T23:03:42.288792Z","times_seen":13658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/4533-f395ffa838284060.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee9db6fa10bb1c67f00c87e94b814976","sha1":"0d01b17f0ea726d7f9c7f8c904483412f5710412","sha256":"0f9e9be2b568b3b30d7ce4702b884bb8c11564d3f23f7d3a4ea66590b4d3c54e","sha512":"086abb12db5cb003dddb7e5e76ecd277e6fb164ff2daf2b0aef81479d7cd615fabe6308d11c1b39a7dc4732cf95940f965c8568c32dd55a43066d61d55e93bab","ssdeep":"12288:t1ejROPdqUIWqs72hjWjLtqaF3MnIMnFJjVdod1Yldmb:jejROPdiWqs72hjWjRZMnIMnFJjVdZ6b","tlshash":"7d651a0d8b9c33f12bde32953a8a4d3fd65cb134a351c566a4d9e36a118cce4513bbe8","size":1508571,"data":"","first_seen":"2026-01-05T19:28:49.684494Z","last_seen":"2026-01-05T19:28:49.684494Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/53090-a64743b05c92b22e.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"15925877203605d5f2355beb36d57347","sha1":"17da103edacb7e181adbf9304938d039a200c1d7","sha256":"a986f72fb7dc330235296b864ba0f244f1126b2eff777b8a13ae36875dc96157","sha512":"ad516778c2e0dcaa482b03f5ab7a44fea87ce340ae85aba921277db245d9e6c5a49f70a27eeb99b6bef662c873647590edc83e75c63116c4e456045245b91568","ssdeep":"384:hC/SLOZgztFl6pfisYkxdZEAXtwdt4DvWmV9PvTLsb6r7/:Y/SCZ4Fl6pfisYyZEhdt4yIWbU/","tlshash":"0862c6e0d362fad8ed6785d5f12ea906b11f2f988b19c074f6b85c2053181c4ba27b9d","size":15666,"data":"","first_seen":"2025-10-16T04:05:32.826709Z","last_seen":"2026-06-06T23:03:42.227021Z","times_seen":11965,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-06-07T07:33:59.596382Z","times_seen":39775,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/webpack-2ad475b2cb7994f2.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec0a82ee93d62d37c4a996800bbffe41","sha1":"894e71ede6ab8448ca94df2c74635ebd677004ad","sha256":"b76fe409d0ea4bfd26608e455fe5238751e45de69d4e5d213830b0f5608925f7","sha512":"2e8c5e44f3d0d7ec85c093de04da77d638aafd1cc94e19646486983673a6587b521a5b7dab5736566ebf608ac123c91e7b7e92a4f3aa48cb3826f7f297d7b3b6","ssdeep":"384:yHjhDiavHhyIc48SNIgWiatVzUqzmyYrDRweq9M2r7NwHZ7KR1fAl/0XSt:yIavUIf8SiIatVwqMDR34M2r7eZ7cfAt","tlshash":"8c925dbd731cecea2c3005c2ac1764e46508b1227d0a4cd1b1dae77604b5d75e76afb6","size":19353,"data":"","first_seen":"2026-01-03T12:45:26.790221Z","last_seen":"2026-05-26T05:03:28.679664Z","times_seen":304,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/4bd1b696-ad7506e6ce5b48e8.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"15510eac41ab1d5ef4d07adf66470336","sha1":"af7eb0a2168918b5999e83b71a10ba52809f38df","sha256":"e5b9e2570593ab1e59ae6a397baec8491e4c3d5e4628aa1439940ac0e2aee2fe","sha512":"116e3ef82cb1608f729f9731bf3ba61a1a75624fec0adf57d0536e5f7e1abae6c939e93af5bbde399079cc1634b5ffda250a76f08571d2e30c88eceecd05b22a","ssdeep":"3072:btfjLiM+NFCC4YQbCCAaI/02UHCgwLRE4:btfj2ld4Y40fUHQRE4","tlshash":"0df3f7e83d99e2116eb342a7109f2803737c262b240d4c60a615fd9db5b845bb17bfde","size":168420,"data":"","first_seen":"2025-06-09T17:09:55.347659Z","last_seen":"2026-06-07T03:18:35.729991Z","times_seen":14209,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/82849-e1ace10340da2839.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09e0a34842cd0e30fd0a103b73b7933a","sha1":"75567ccf60797bc81d69dc734f9774ad1342143f","sha256":"f12d043b9839790120fa75ba522fb17716f8f3b3df5b822bf0aee7b5af0c2f96","sha512":"38b09073805dbff075ac0462501410af1fd66fcf52c051eb6e8cde616c99d6e2676e62db25e9cbeb38c425428a40be07f807c2c09e108bb846ad9feffbfed49e","ssdeep":"1536:4UcXlryCtX55mQPVpmsuIurLJmvU340MLsUDG3BZN2EaZxVcGR5c7dhP3Whj21mR:3+T","tlshash":"2304d5debba0a2f4f005e7f8d7124468366b39fe6e52ca68c3a91d15e90108cdd59dc3","size":180485,"data":"","first_seen":"2025-12-06T12:30:49.949747Z","last_seen":"2026-05-26T05:03:28.607533Z","times_seen":6511,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-06-07T08:10:51.4865Z","times_seen":155250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/73345-c6c417d67f761339.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb597de485c3029dc93b6f3225acc0d7","sha1":"d3a6bc9d6749ea9f0ddd1b1862c90303f3ec3254","sha256":"3513d69dd757c29044eb92ab6a908ba6755e0845c38105ab2e196b0c75b96583","sha512":"1420716788ac11ed76547147942bdf2329c1bcfe8770745c3bbce32f99ca5c5866e20253ced9e0ebc4597003f7404825de2b601f8d24b5c2fce1125eadf0ad63","ssdeep":"6144:bV5sFqdfuGDdF0pL8sS65eILs3QKQmiOB0lDz:bispi9mVB0lP","tlshash":"ef644a9c7682b474939b016a807f0107f37e2d57240e4824f270d9ee7975e99a2b7fb8","size":325834,"data":"","first_seen":"2025-10-16T04:05:32.880573Z","last_seen":"2026-06-06T23:03:42.238414Z","times_seen":14097,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/dc112a36-4dd9553e3950a789.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b0312e3e2ff7226227ee081f6693db1","sha1":"823c7003795d9623f8992900a6f337f599bb7eda","sha256":"dccd0125f7ca7c6c5f3f8ae7d813743257cb55899fcab2d63b70fdf06b2a05e2","sha512":"612eb966b9409ee719588a9f82170d4d6c9b5c075b85981a1ac0dc0fb8119997de7f6a139ba2908d7ccfe0ab342f452e39ca15ec3d9fafdc1c2a7d36cda06d87","ssdeep":"3072:Hbyz4KjrqQmINGbpJGDc0Lf1c/X6Rpbdt0myoQj7sOU1IMi9wD5yojt:HijOQmINGbpJGDc0Lf1c/qD0erI5BEt","tlshash":"295419597254343805c540a9906f094bf736292e246ac49cb36cf4efa8bdecd31beb79","size":305838,"data":"","first_seen":"2025-07-19T01:07:13.417114Z","last_seen":"2026-06-06T23:03:42.266306Z","times_seen":14190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/twq.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","size":308,"data":"","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-06T23:03:42.321534Z","times_seen":16170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/67369-222f9a02bd61134d.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2d0f562c7d0aa123fc3b9110ba41409","sha1":"f8bb86ad9fcaaa9e6ba32d21119269d241b07992","sha256":"d814d64b251229e3895cc3d5c3c489f46e7a104b067562ca5512cfb197a2c9fa","sha512":"8b59f7093d20c00b2f06ef065a8429b308c7e09c88ac86f78afe14cf0fdf667b6c3e9b87153d14b690112863830a4ce309b2a88d55eb5f665aaca41133a7b57b","ssdeep":"24576:sNgvIh/V45VPyzLW3fx2/cp6lKxivBIVV/7x6XomFnoMBnxBqym/cpXlKxUvBIVh:V4G5q3/eIGYo6Ymk/eVGGo6YmC4MOqZ","tlshash":"a636931c8b6601fdaf586d81ca4770658fe286536fd789fc9abb7e104bb069f0301e61","size":4883419,"data":"","first_seen":"2025-12-13T06:46:52.602302Z","last_seen":"2026-06-06T23:03:42.323051Z","times_seen":13100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/49080-aa8410705e183b35.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"69b80d969aaad07036978bda468796f5","sha1":"e06516d12bff2faa89329f83289d27d4ac369917","sha256":"5f09712195529d437bc348578aca6c679da21c9bab03b7d1012f70a672a5e017","sha512":"bb02ebc1b0fecb6ec0cde686fa78655706bf3f50939f8e7b52347e7aa9811af62fd5e477fda50bd35febb5fab3c591e88fdcac416da22b22d3c1b90f3d9220d6","ssdeep":"384:OQLgSjUuqTsJIMnocJPYVrBNfF17KGYJy/t3F:mSjUsIXcuzcpy/tV","tlshash":"a96209a0b580bd360367499180ff4706b335593a5c1f9498b7b8ccd562b4ece41eaf8e","size":15261,"data":"","first_seen":"2025-10-16T04:05:32.818988Z","last_seen":"2026-05-26T05:03:28.592629Z","times_seen":6852,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/layout-26c77a77a9c24f22.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fffa9d16a9bf85ea640f77077d9a00ad","sha1":"9e7b4496282ca0f157b9373ddc9243098e4e9786","sha256":"79749b136d4250f187be376a46efd60b8e3e3fb67075cd615c7488ebfad40855","sha512":"93266d1292729a6a1de26d3df6c15a5068f62053d89f56bed43b068155e37add1fff618a328dcb1d0977a8340c2308eafe17cb6a917044a52af028cb5300090f","ssdeep":"192:lTUQwC6SCXdpZNRDvf31/wZbMdyeTJzTF5z56:lTXwFJ1NloDeTJzTTs","tlshash":"5422c611f584fc6d0be3c49c9cafca04d16e1b1ad898847b9f19d52810b299ef175b17","size":10519,"data":"","first_seen":"2026-01-05T19:28:49.62835Z","last_seen":"2026-01-05T19:28:49.62835Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/58211-d9d578b8de9e3293.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7d84948f8ca0ff495e7533d0969b670","sha1":"3330c776cfbb7ea04d30b89a9686eaea35f24747","sha256":"2180eecb87df810a0f91771ce87e9c4f6e185e9011d00147eef0ca9c7ed750c1","sha512":"04a5f0711a52dd8bcfe0ea6d66662ed5e0a8610c8caffe461a8c8178f8f40e55b4c40c7ea11716a7dce1631534f5e22f9c5d86393e31835bcc686e4aa6254c85","ssdeep":"768:01KE8vZ7HInPlFvvb5AvexGRrxVP1fr4UK1fWbqYsCL1fZnK+jBV9YCO:0voWV","tlshash":"f20399866740a83d2587c16fd63a6415f3bf14ebb92f9390219aca3cf506dc0f5365e8","size":39725,"data":"","first_seen":"2025-10-16T04:05:32.927959Z","last_seen":"2026-06-06T23:03:42.283141Z","times_seen":14062,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/53069-56b7abe954e62f86.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"043c9d7948dd04c09765909e2d475ba0","sha1":"adde300aa15b98cfe3e89319906bd9fa042d8962","sha256":"9d7e3c52fe4fad44c8c0f713f44d69040735dd81ea742e335329af3e2df0cd18","sha512":"76fdee81f90db6f33c53d90f13d7a5659b6b64a032dd8bdba82da2eb6c3d720ff6ca00862432cd4eebe055e414c21db4ddff0c82c006081053b621b1a4846a5e","ssdeep":"768:xdkmN3sw/A33SUYq31kBVVLLEhPEhPseqseqjvj91qSPxeeWpKMbSeeUP2JUT859:QmN3r/oVkZL9DxFW0MSdUTs","tlshash":"cfc2e68c932197f4f5d055f4e507149cfbae96689381c5b4e3a0be1060dbcdcb626ac7","size":28157,"data":"","first_seen":"2025-12-22T17:51:04.090995Z","last_seen":"2026-01-05T20:16:34.772339Z","times_seen":173,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c0eea92cd5ad4f1362d553f5ce082297","sha1":"c1f0018069407637ca3319231993543486b21f8b","sha256":"dae58f1793c07840235de961f94fff94d899949c9c50dc0bf98f4a31ed6f3649","sha512":"6ff44c1758d41cbe70d5cb43eabbb731d1bb2c9a11d54d684cc0b13a783af8a15b16cfb7187bd09975de4822d0c1d1809b3d91ac52935a85cc3ab3567fbc535c","ssdeep":"","tlshash":"6041400fb205e4913da2de1b90332f37889ad9b30238e06cea0ed8af055193b930c965","size":2247,"data":"","first_seen":"2026-01-03T12:45:26.9436Z","last_seen":"2026-01-05T22:41:31.458058Z","times_seen":288,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf8479d692c85218f34ea158ec1c3821","sha1":"3f691a9c99e31f0754d55a13ae671d33ac5b20b4","sha256":"e2d0392023f773c93e446f209a7f81e174c5a1326c5f2a7be2b600aa1eec7fe9","sha512":"618879326995d8587ec439555f6e58455def1a33b4e56407b31704b98fccb5082ecf34f38cd9a4afddb8e3ff89263a605ae7e7d70705a6339d24e9b8fd3beb89","ssdeep":"","tlshash":"4601d49ef445f8957d61dd5f052f1f32c58cc9b743b8805cb69cedab425297d0388980","size":737,"data":"","first_seen":"2026-01-03T12:45:26.959199Z","last_seen":"2026-01-05T22:41:31.458806Z","times_seen":288,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"10d19a23b2596c918703e8421d63d859","sha1":"b7566f03991a6b3bf351da1dd53f0c139d4248d8","sha256":"02d8856b5432c01cec14ea202a68dc8184bfa58fac7f1d3e8b5a64a948247c30","sha512":"abb4683d6262640bd0552a8a1f46b4ae05848d7d9a79e000d9598bdf9a24e8ea311b19ee3195376feaad9d9702bd6324409ebc24ab5d99c5b9694a823ddc2830","ssdeep":"48:LZOlLx1VoWnnBn6V0G4cfC/lyUnBn6N/y2zp7xtvfBjgHTYETx8FG4Ncb:LepBmH4VEa8/zpNtRu8E9t4u","tlshash":"0291f21e6805cd4bdc7e7da9023e9d3690cccebb4761aaf4818ecf581a0a47527edc81","size":4390,"data":"","first_seen":"2026-01-03T12:45:26.975125Z","last_seen":"2026-01-05T22:41:31.459478Z","times_seen":282,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/58172-2e2ad5efca352ade.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9784916761bd2bbc76012952021d42d","sha1":"253cf85cec6b9a53b449d758e2d542a9a182bc23","sha256":"c0b7563919543117a0168d95e03a8812821df1f79a8bf094dadda24536660d92","sha512":"54d0abe66c6ec80868c406f1838ff8760bcae6758bd406c57e29d3ae842812ffb81cb315706c46e5d6a26e8bb80c7b1fc2787d02e360d635ebf22aad6c3c7431","ssdeep":"384:H74ml/FeOUGcg70p+tlof7VCEv/f2rVdVOmo778U/eWJV+o6:b4mldXUGZ0p+tl8VCEv32rVPOmg8UWWo","tlshash":"cb62a6d12b10495d3583ce7aca363929f2ef69ba393d57401168cb3cfd18ad4e6361e8","size":15156,"data":"","first_seen":"2025-09-13T11:18:32.621492Z","last_seen":"2026-06-06T23:03:42.283917Z","times_seen":14130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/63712-08d55a4030f898f7.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"614fe7514839a09db165d48ad01da840","sha1":"e492263f454db98a8cc2c89c777e5572e854e343","sha256":"4974bda3ce7194ae592697daaccd424e6e8e231bf15187182bf4d16522e9bffb","sha512":"7eee15e6bce48c5b1adfc53ecfd7492109fa6272d866622f055b91ccc80e8bb4e9fdc350413cf4282d6b85b13fa72188cc51445cf6eafb6167d149ad45af1b8d","ssdeep":"384:RSHQzwzI46bFWDyhQ1qqo5W6m4WIQgn1fy4GaQANJVOPe4+snOcT34McbAmrh/2:/dZsunDqNs/AFD","tlshash":"1aa2b449b9d1f47453a3aa51843f440bf2674ea8a05db8d8d367c9e5adb888e4073f3c","size":22721,"data":"","first_seen":"2025-09-13T11:18:32.286663Z","last_seen":"2026-06-06T23:03:42.244515Z","times_seen":14133,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/48492-0bc1607565afbdb4.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"528dd0f6fd9bdfc0f88a1d0016e92335","sha1":"4c0a8461de0d0f4be617b061a76bfc085764bdba","sha256":"68a15987fe15c14f83fcf933f5a667c4776ac216deb797a30307df36055f11a6","sha512":"d3b48b7f7d5fbc347ac82a431d335a291bc134c762ab2d6e97d2d77d9bae3098111f7861ab0e99683baee849720a7ab11331b3cc2ff9b965e64d26248cb55bb1","ssdeep":"384:/TwF4MO8nMLRISXy85PBRB7/52krBSTNN8txdOTTpPNUp0icpUAHEvDBUgf99Kxn:bwF4MGtr/PfzjsT778bwq52a7TY","tlshash":"eea26c2b58325876b6d7bc748cae504c596fd14ba72908ae777cee7404c70ac394b3c9","size":21387,"data":"","first_seen":"2025-12-22T17:51:04.099982Z","last_seen":"2026-05-26T05:03:28.610686Z","times_seen":2841,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/(auth)/layout-2f72bfb00bd0ee9b.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eeb148fc570d2378a9f4fb4cef9277e8","sha1":"f15bcc479e6192f1c27e2c50e9957c34d69e1dc6","sha256":"28e0352c26286fc5b9430539a76f6e36d0f8ade3679fef2b830ed3805fb8b690","sha512":"0d5e4e9dc24973836af109e4586ee36dfa759ed54863e94049c0c21323043a57cc61354a7d5016b098e269eaabf1fe4be8e76ac9b487c6fe54177f0e396d92c5","ssdeep":"96:XZ8Q2TeV9GCuyzz3qZqCLXx29Hn5G9UV3aQ+7XCrUBTCUBTVy19GCOsY89GC4b6:p8Q2TeCtiz3Xqx29o92d+7XCrUIUvV3g","tlshash":"70c1a5b7b6c5fdb2565688d088378207ba503d37205fb480a7facce53169dca44d1f8a","size":5634,"data":"","first_seen":"2025-09-26T22:32:24.049018Z","last_seen":"2026-06-06T23:03:42.325772Z","times_seen":14137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/31684-5738d0dfaad74be8.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"338198f53e9ab0bb77a7fc2f057a8540","sha1":"78e8deb3e3e2703d617dfbcbfca2e893eb3cee92","sha256":"d3844f2db215d099728ef83a3b5cb3cb82279b669b231f54d2cdbbd958949f1d","sha512":"62ba9ce051e6974c6c74745a4ce6b49badc145041893b048ef42f09f979d0e579928ff78b7aa8abe587c73799a890c26703566918003494a9d1a3062ac019889","ssdeep":"1536:3Hk+1qVc+dJWgclHHlU0ob8OeM8aZLoEAEuRaQ3aTcXH10nZ6XEL4ZXEoFUOnN/e:VqW+dJW9QAMiEuV36XZmUON/e","tlshash":"8b04b8b676d0f89107a780d5843b400af3395c3b146f74a0a3e6cce975645dea1b3faa","size":176077,"data":"","first_seen":"2025-12-07T14:40:32.389468Z","last_seen":"2026-06-06T23:03:42.253797Z","times_seen":13585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/global-error-ae284f595d21501a.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1cc60bc477b2ca3d945edd88dc360d8e","sha1":"8e43853a4d69f51d730e4afe2f60736cc189f6de","sha256":"cfce237b2d6c28fd62e42eefd6cd621090fa6244e26ba83ebce335cf7c491919","sha512":"4693a021413c43b4a39be51ae7596759901c2cbde98c56ea068003591d0885f60a05fd80cde7698589fc01d21b63a7f5b1e9ccd1914ceb98096215228467c536","ssdeep":"","tlshash":"31d02bc612517da874165aa954b4d835344510bb702dd89ee727ae2108a65e40381c0d","size":256,"data":"","first_seen":"2025-12-05T05:01:35.740908Z","last_seen":"2026-05-26T05:03:28.635301Z","times_seen":3680,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/main-app-fef4a8898ec7782a.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c06acc17c28c2888a1a2466b0a0d12d8","sha1":"63d7278ad805cf6b27e6fb76daee100f7cc61afc","sha256":"90a949795e63ad10200d2f57df2706979fd66bd412caea2130a9c707e21c5d5b","sha512":"745f5cba8c1f8c006b2d9a1f8ec15fe3e66d7909766f446755243e1b63aa4d611233d9fa175bc9001bcbce4a4a782e79feb80846ba96f394b38c1ed2b1f3c2bc","ssdeep":"","tlshash":"f5f0fba55f0df42f5d266e74fd97ace2184f4275206b4e647d01dda23c67b6cd260408","size":537,"data":"","first_seen":"2025-09-13T11:18:32.65005Z","last_seen":"2026-06-06T23:03:42.324768Z","times_seen":14183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/92148-6f19ac7166461fa8.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6501be806cf1fdae07f7147e6e32ed9","sha1":"b46315e1e07d5c32e6f2185e25c453902013fa4c","sha256":"e897f0138e8011ec20fdf4ac0b924c9d3edcae74328a9700f502563b25897bd3","sha512":"9fb4560bfb3491d7afc719f71260e56dc3a2bf71d2c1104251901c02eaf7a2d0a9d249d90b51e3831ce7b66e7ef81603dcee6c97900ffcffc51b8e244493e1d9","ssdeep":"384:DLZQxW+19Vd6J4FU0Zs1Th/ndpRqgG4gjbI3/ovs2GK/sYp3wm7GjUWybgAKJ7r2:JQE+buJZ0y15dpRk4y+gt7/sml7GAFsg","tlshash":"b482d89da3e6a5e8f003e3f8835bd8353aa72df57912cc145beaac21d51109cb4a5cc7","size":18801,"data":"","first_seen":"2025-11-16T06:53:31.12293Z","last_seen":"2026-06-06T23:03:42.292465Z","times_seen":13635,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/53331-ed5951db58e70abe.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffc2a9646f640ee24bec96371d8896d5","sha1":"43fb84011d63dd3ee53c4c5a6ed7bee651bc780b","sha256":"ee75b3f83f6bb1fe59b15f18a040463973036c403110a597b3e77b659b240fc9","sha512":"19765f02ce6babd708e5a582fce2a697188168486b56c78f66d75c7ad4d29e02371f839d2b967fa8094e949f2fa6de2e478d24e24b3150f0eb404dcef6fe63f6","ssdeep":"384:/bEM6MGSQhbWOoOSQ6b82p7X4WsIBcf9CkSfA9CM3ORBq5T25iaTuJ8jFNDtv/LO:/L67hSOoe6h7X4WsIBu9CkoA9CM3OTq1","tlshash":"63b2d7e993f4b6e0a006e3f8d607a8793a6e19fd7b32c95893d95c20c5910dc266ddc3","size":23606,"data":"","first_seen":"2025-09-13T11:18:32.113392Z","last_seen":"2026-06-06T23:03:42.228319Z","times_seen":14117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/(landing)/page-54838ac95a08a564.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd7e99758c92063127f01323af98fb86","sha1":"7184d616193ba41ef166c97ca36a48dd62356bab","sha256":"7fe3ba00a3400ab2545cc71dee558aac50efcf9064047a5986fb8dfa7b3aceba","sha512":"84155d2e680dd656d91c4950e62c92b83e2e7a2aac6ea3e567cbb8e0891f52d04f8f358e7f8d80b7910a4e4fdada7ce193227db04e91da7e8cf3617b131b4fd7","ssdeep":"384:+Saddq55XGydqhFoSObqu7zYOJV56Gchm:+Sqk5WWWoSObqQJV56hm","tlshash":"3362b841e254daacf45394adc32d903d326f2599d65e8570f8fd9c3861094c8fb2bbac","size":15200,"data":"","first_seen":"2025-12-08T22:21:43.634376Z","last_seen":"2026-02-05T21:31:42.058742Z","times_seen":701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/34230-e87c8d35c9fa1ab6.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b4900ae7910372c39f90a4ebc702603","sha1":"9a24a588c269ce9c3f57345c32fc19f6681dbc0b","sha256":"09f6962b4e78defeacf0013f19bf739d5427801904333b19f9ab4cf541db3440","sha512":"4a02c00c407ec0eee649e22031775550a2e27fd675d23235783ec11d04efda2480a219e318fbba5739af05b0bd575f5d6d94a5a5dd2db29a03b891b9ba3069d4","ssdeep":"384:05ae/t9qDM109qxJ7aPk9RqKIyoIPzM73I/AKIJ1L/7E48z/08zXvnL5/Tz7qt5V:veVwDM10wxJMKIKIy6IzIj/9KcKN/POB","tlshash":"b5a272c9a390993d2583c53fc635b426e2bf09fa753e534062a9c63df909cc4e7365a8","size":23047,"data":"","first_seen":"2025-10-16T04:05:32.834372Z","last_seen":"2026-06-06T23:03:42.295779Z","times_seen":14058,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ea234252cf1b2b586dc3769b37731f4","sha1":"8c7da62134c910ecd2109f07c52fc5efc49c1bdf","sha256":"f3969143ccfd1630eb2125e22ae9498f34a160a82856948fb0b413aaf0485844","sha512":"090555a54b1438d84fd8a7e4623d5c5014da7d9fdf385f780fc7922aa2914b2e4d74bbf38f9a46cbaf13bc26575bed2b6d1017ea885c75fb3cd4fc5c5cbb5d31","ssdeep":"","tlshash":"ead05e29a044dda6ec2e7956183dbe3b209d608f4498dea466c4ce284992a3a3342dd6","size":252,"data":"","first_seen":"2025-07-07T02:40:27.405169Z","last_seen":"2026-06-06T23:03:42.315419Z","times_seen":13698,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/fbq.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","size":408,"data":"","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-06T23:03:42.302041Z","times_seen":16176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/56060-72611dc1ca384f99.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6685f1c3cdf6f0d1227ab2b5af23a056","sha1":"491d91380ba5da6dcd5027bd954e6fe11103b18b","sha256":"237ff25124f0ca73e06c9e1d59caadd016273fa9b5b6bf211c991cc8d34d1b92","sha512":"6667f2ba323afce441aa6e23fdcb8504dfeda05286da37d594827c605042ba88ddd7bc5c6ec9565109d4a0ad4ddc9f8cdde4ca22cbb9eb8122b85ba04bf1d0b2","ssdeep":"192:/ztywjuim2pZQizyySL4tLg6SpiQhQ+YmzSRAz21OfsuAAuaSXCfb+e:/z9juim2xWySL4W6STYmzSRA61gEC5","tlshash":"4622ea847260793e1547866fd1be5516f27a292e382ed25433b9c83cfd21ac85336bec","size":10031,"data":"","first_seen":"2025-10-16T04:05:32.850927Z","last_seen":"2026-06-06T23:03:42.225575Z","times_seen":14104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/58733-c5eff74fea05461f.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"608213cbae5946f55bcf6e3e236643d8","sha1":"e6181592f15a748e4b0e3a86966dc1cfb5d508e5","sha256":"dbbc5742780c4bcf13e1aa6afe878f0beb77154dda969c40b074b762a7afbbdc","sha512":"22e77044234d9e0b1b4cfa606b0cb04a83d7492edd1392a1880a984adbc4742f98397845f91d4a09f49e0ff4be85d190e7857113b818a5125c39ecd965504cc5","ssdeep":"384:7ry4eoKi6rba2BN4eofEPu2jQi/Q8nTREBJ6F5ACxKv82wfLba2B44eowGJdba22:7DHiG2Bkeu2ZQ8T6BJ6F5ENwDG2BZhJ8","tlshash":"498286e5e3ca73d0e10af7e44116943c3b6b21fe2b36cf584b9badb0a61549c654adc0","size":18872,"data":"","first_seen":"2025-12-05T05:01:35.743711Z","last_seen":"2026-06-06T23:03:42.299103Z","times_seen":13546,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"336ecd728aed34847fe284a71a7633c8","sha1":"a44bbef2d7c610fac04b162558fbf8067bbf19c1","sha256":"298a83badcb2a2143eb6a35e2e5a3c9434d72df7ed059affe563666e94be8d49","sha512":"da1c0a1f4eca0e9698dd2642bdca47431095ccbed7fae407b56425b390c721fe7f16beee5fbd6b09d5655f1aede3cc59b123a51ff7818eec82daea4e2a286e8a","ssdeep":"","tlshash":"f2800470c4400c15c031545334747105017d400d000007005350d74450531055d07dcf","size":34,"data":"","first_seen":"2023-10-13T21:48:36Z","last_seen":"2026-06-07T05:24:25.735299Z","times_seen":14644,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e40895f7fb0de70293369d8a10140dd","sha1":"93abebd7b0c60f5caa53a7e548b8974e81f3457c","sha256":"226dfb7ba8f5754d074dc64989ceb6bdb461f2f73bf0007a79a0aec7c92fe3ed","sha512":"94da220f08824723ff91b69d41c18fd55133919d6874e33f6cefcaf4b5c34b7b90fee566deb0dbdef95e51bdb3435a552f4730a11e21cce57da2bdfc16f97e2f","ssdeep":"","tlshash":"03d02b91dc13dc0dc3970f25183f1c3d31cec6641205924be884c97c5981e3409f0dc6","size":277,"data":"","first_seen":"2025-12-05T05:01:35.766262Z","last_seen":"2026-06-06T23:03:42.317649Z","times_seen":11348,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/not-found-5d34a3827cbb9820.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"47f4da4879447885cb81a37df1b3efd5","sha1":"5bb69c17164543e303162a130e03918419d485b5","sha256":"dfe68069622d9a3978f1504c01d4c1f0e3dbe81d41313f1b9dd02a161e196b1a","sha512":"79354f8b1001b3209263919803f1e12de72e345be7d98307d484dcb4807461f584620e1020c0f97862f6e29ffc6432fd82474c9c3455c7b4fc202dfda1cdef8c","ssdeep":"1536:k8cwg5kif2aMaiR6HKf0x0XEdw/BvD7/a9yOAC:mdw/Q","tlshash":"b64374ed5bb009cda88896ea7f0610bc373e41bab46d8928ed0d5d38a0418d5fe17fd5","size":57584,"data":"","first_seen":"2025-12-05T05:01:35.726624Z","last_seen":"2026-05-26T05:03:28.598494Z","times_seen":3682,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/73943-99a3b94d23820956.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"512c4da4d156f93b7d29d8340ada3158","sha1":"082c1a240f637c6f5330486ab255cb8473ee6dd1","sha256":"daae7abd463eebc16d588ec59026a628980aa1fc881543acfef0e7cd9e60c83c","sha512":"cf33d105d2d572573799bb4a268c2b559283c358228acdf978ee5f8a930040462aa8badbfa4cd2ba3847704db49a98822438013ee13731924f2d12ef3ad37651","ssdeep":"768:TIpoCFrHcJfP4gFxZePqxkKZoesmsb4xvH+k+BtJ+cIDGQwJ9IEH6HxHRzZASR/0:TDLhZLD+tPIRA","tlshash":"474383dd4bb019cd6dc49ae9bf0600bc363e92bab069882ced4d4d3850458d9fe1bbd5","size":55279,"data":"","first_seen":"2025-11-16T06:53:31.11087Z","last_seen":"2026-05-26T05:03:28.613313Z","times_seen":5010,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2bf1418a25e2e5bd0b411b566e59d9ad","sha1":"c874c0f91e871244683d60e9e8914deca10916e4","sha256":"0222d439ed97fdaf5f4b19982c59a112ae75439c7395be852219a4b9f0a70bb8","sha512":"73a13f6d9150723fd459c22c2a0d64f6437b7e369ccc29515e2a2d02bcffdcf45cc4af3ab723716c9e37fb0c3656ad59b94d555678d8fd5ece563abeac1ace17","ssdeep":"","tlshash":"ebf0d373ec10da0685f15f19187dcc6134cc892a828057a9aaa4cd5f154e13dedb3dc1","size":633,"data":"","first_seen":"2026-01-05T19:28:49.694115Z","last_seen":"2026-01-05T19:28:49.694115Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wintakeo.com/_next/static/css/5b47efdfda1f4424.css","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/css/5b47efdfda1f4424.css HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2BwcuQgHmzEDyCHiSLm2W6NAlYak7fotvKtxriFODa5m5PFDpVXlS0igJ%2FhIPP3c%2BZWIQyM79QlHqQW1Cbv31iKgTVKGqF6aCkQ%3D\"}]}\r\ncf-ray: 9b9560ae8e5156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23544,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (23544), with no line terminators","md5":"6702db3057a268a04eea034310a7e57f","sha1":"215986f8f29efab6ba0f34b5b2a0b5b6b2c8c666","sha256":"152a09292b5ac45cbcfef4148aa1e562cbca737f4df38b898608fffada4b522a","sha512":"a8b730d6747bbb2e7db9adb6b6e0a2a44dcf38811a877897325518e19ccbe1c5678cadf409579c441119cfc084f825f1aa1ba716af71fc8366a13c2f10f0f3b8","ssdeep":"384:I3eFf6FOFtFGFLFMFAFRFEIF2ZF8FSYFidFR+6FfSFyFtF/FzhFXFUFCFHF2Fcfi:Bnit5gad","tlshash":"cdb2073f4434213a37db7b789b9cd4842067c4c47b36a6ae756abd2ad2c346e3947384","first_seen":"2025-12-23T04:35:50.868224Z","last_seen":"2026-05-26T05:03:28.646544Z","times_seen":2347,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/73345-c6c417d67f761339.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/73345-c6c417d67f761339.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ph%2BJYX8hKZDKpB%2BdxdwvaZ35hrQSltJJR76SbucF%2B9lsqKKnRuSzDrWTNKfhjgcAxYgIRKI12DL%2FI6hRKiA3RfSVWFp2zpIzpwk%3D\"}]}\r\ncf-ray: 9b9560ae9e5b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":325834,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"eb597de485c3029dc93b6f3225acc0d7","sha1":"d3a6bc9d6749ea9f0ddd1b1862c90303f3ec3254","sha256":"3513d69dd757c29044eb92ab6a908ba6755e0845c38105ab2e196b0c75b96583","sha512":"1420716788ac11ed76547147942bdf2329c1bcfe8770745c3bbce32f99ca5c5866e20253ced9e0ebc4597003f7404825de2b601f8d24b5c2fce1125eadf0ad63","ssdeep":"6144:bV5sFqdfuGDdF0pL8sS65eILs3QKQmiOB0lDz:bispi9mVB0lP","tlshash":"ef644a9c7682b474939b016a807f0107f37e2d57240e4824f270d9ee7975e99a2b7fb8","first_seen":"2025-10-16T04:05:32.880573Z","last_seen":"2026-06-06T23:03:42.238414Z","times_seen":14097,"resource_available":true,"data":null}},"time_used":729,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":392,"receive":337,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/global-error-ae284f595d21501a.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/app/global-error-ae284f595d21501a.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b2AmArl7sd9Z5NMBz9CYoekcox3H5rKbuYfHbWBSckHMiBXnOhlOrNBaJ6HkwbW%2FT4cp0FTDQsxe9bHN3sSgrdAeJG9i75YCWio%3D\"}]}\r\ncf-ray: 9b9560aeae7056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":256,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"1cc60bc477b2ca3d945edd88dc360d8e","sha1":"8e43853a4d69f51d730e4afe2f60736cc189f6de","sha256":"cfce237b2d6c28fd62e42eefd6cd621090fa6244e26ba83ebce335cf7c491919","sha512":"4693a021413c43b4a39be51ae7596759901c2cbde98c56ea068003591d0885f60a05fd80cde7698589fc01d21b63a7f5b1e9ccd1914ceb98096215228467c536","ssdeep":"","tlshash":"31d02bc612517da874165aa954b4d835344510bb702dd89ee727ae2108a65e40381c0d","first_seen":"2025-12-05T05:01:35.740908Z","last_seen":"2026-05-26T05:03:28.635301Z","times_seen":3680,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/gb.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/gb.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/es.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/es.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hvjPOoubMoQTZQyyhRUWZW%2BewGx2Nktqp%2BqLZYYVMkp62kaLqzMeSsEMYepSNqXKN4n%2FYYb2va6gYQxkb8qgk8Zdc1yo9zhradM%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c688a456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":629,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"a8224968196d0dd6d84e44c98093c280","sha1":"882b8a579de32e24e13e999b411abd814071cc2a","sha256":"f8cf69e4d0d285ff8e9be18f239b65e38fe1a235086a8daae53b1baa1e7a3557","sha512":"096da45f1e9c9fd020364a51f387110fe6b08969d607a52acd6acf7f01215e15ebb88c93484b7aef1392143f744ca491f8862151d5c4850ec8f7b9d4d419e870","ssdeep":"","tlshash":"bcf049c5743db18388098b742d6e70e6408e721b554814dd70079b28a3aa3df7ac2f6c","first_seen":"2023-04-17T16:03:39Z","last_seen":"2026-06-07T06:25:06.436106Z","times_seen":6172,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/trumpColorDSGN/mix/preloader.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /trumpColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PKImHYgOqJ2r0KKJsRy02yu8JOrEjvCtx%2BTX25ikgJMcXGwLIfN5WXfTb8XBrWwG%2Br9zCkkRp1PXdjnVfmAGcF3%2FdMSIyNT%2BVOA%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560ae7e4a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119318,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"40fbaa8ff12ac1ebf23154c29e67a191","sha1":"a0a3a6c3b2a35874dca992b65fe8651809da05a6","sha256":"234f1a89ac1c64f2b60e7b7aaf30d3ec2cd97acd3f5fc844f4f55256eccaf843","sha512":"5c97f0bcda3d832001d8b751d6140ba2835b2ad34989ee6c4e9b44211dc8dbcb099eeb28666d6555505235ea97f71d37dc7c1a19e62c3a98a0cbd64e3c698ee8","ssdeep":"1536:objgkWcss2wEHMgG7RPP1VLatHLKazXxzP4D:TCB","tlshash":"edc360fc1af062cd88c0c7d27f69d2b93c17a3b798580805e66c5f5c0b9a96da851bd3","first_seen":"2025-11-16T06:53:31.134866Z","last_seen":"2026-06-06T23:03:42.293845Z","times_seen":13807,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/92148-6f19ac7166461fa8.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/92148-6f19ac7166461fa8.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iR5beNb5dWKKP%2BZ1dC5eMnSqeKtyA1We9LFKLqbaV2WVT%2Ffq5uhbk%2B1RiajMUkN62ZN18Q6hABRvaJbb4MUr6jpoOxr1ipulHno%3D\"}]}\r\ncf-ray: 9b9560aeae6756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18801,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18801), with no line terminators","md5":"c6501be806cf1fdae07f7147e6e32ed9","sha1":"b46315e1e07d5c32e6f2185e25c453902013fa4c","sha256":"e897f0138e8011ec20fdf4ac0b924c9d3edcae74328a9700f502563b25897bd3","sha512":"9fb4560bfb3491d7afc719f71260e56dc3a2bf71d2c1104251901c02eaf7a2d0a9d249d90b51e3831ce7b66e7ef81603dcee6c97900ffcffc51b8e244493e1d9","ssdeep":"384:DLZQxW+19Vd6J4FU0Zs1Th/ndpRqgG4gjbI3/ovs2GK/sYp3wm7GjUWybgAKJ7r2:JQE+buJZ0y15dpRk4y+gt7/sml7GAFsg","tlshash":"b482d89da3e6a5e8f003e3f8835bd8353aa72df57912cc145beaac21d51109cb4a5cc7","first_seen":"2025-11-16T06:53:31.12293Z","last_seen":"2026-06-06T23:03:42.292465Z","times_seen":13635,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/fbq.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/fbq.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0J2k90WwBvbxkVWba3yxU648w96N1svMblTyKmlCeHWdDhSbjJ2GTO2AtJz07x4PLrBEzEYgYYCHhO7bINJG6ER3umuGnk%2FXl70%3D\"}]}\r\ncf-ray: 9b9560aebe7156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-06T23:03:42.302041Z","times_seen":16176,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/audio/message.mp3","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:17.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/audio/message.mp3 HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 29091\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:18 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y5hcmVesFFmfShsElTwixo5Enwdfg7lcB6CkwGnbKTuPTIQUJCw8qTFcSePTD4NT3ZTfiXG7HqEa1X6mevkC4L%2BZwfeLtAGYNn0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560bfffc056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29091,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo","md5":"a74d3b2a2dee5892841f7e37ae8343a9","sha1":"90b69421807b860b265c34a5e2f249e3fdf05ae8","sha256":"7bc02c22f6a0a75446187dbe0547a7eca86c05e3d3d369e0831dc084bb974ea3","sha512":"7186807bb91804317231d48b985557d4259820c45cc6ef48fae69cc7f50b7195b1fa9c271aac9c2104b7cd0a48a772a9223db8f0e4f53cb2302bc401246c0f9f","ssdeep":"768:OBdZJRccW5UzJDDNx5kbu61m29Ij3Va3ZH0jycOFFLQU:0JRJW8DDNOu/j3VaJwyXv","tlshash":"92d2e13b2d840d8cf1868574226fd588e0b97c9a129e5f52ed9feb494637031bb08fd6","first_seen":"2025-10-06T22:40:31.572152Z","last_seen":"2026-06-06T21:26:14.901185Z","times_seen":14028,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":238,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/api/mammoth/auth/check","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /api/mammoth/auth/check HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintakeo.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9a%2B%2F4jV3RNSg2Z72bqbUjSYoo17pW0pe6OGFJv29QuFHhLQrnVfnVK1sA8mnDqTxXjDGCnbi1AoXiOpoAzqa7uuTWyzXvIaEFGE%3D\"}]}\r\ncf-ray: 9b9560c3f86956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"aced0d4c1bf7b416bd8757e86c69b12e","sha1":"242609e9dc75daa64e55af8d8254cdc02722ee92","sha256":"831690950d50aa783757553ff7dce0e549b2bf0c29fcc850ee8ef7a7f6bb54fa","sha512":"8c854561d71566fbd9d1e18c91f1bd391cbedf2b2e8b52d84205d4f773f36b14bfd5d3ca2cba9f5a300b8d96b025ab3eee5d5e3a19985e78386e04584e24d0b3","ssdeep":"","tlshash":"8d80040115000173f4001144113c1d115c54533745410014fc7cd0c4c7530d53043c17","first_seen":"2025-09-13T11:18:32.558363Z","last_seen":"2026-06-06T21:26:14.928071Z","times_seen":13956,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/holiday/hat.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/holiday/hat.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HIfRG4ZvbsIaEX1qsBJw7M6EZLFct4Qa02jihScdCMD%2B1dqZgIVfIrLS%2BeYYvvr539VSL5qleKwDWHcz66cCxwYJQFz6pWtbtTE%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 05 Jan 2026 19:28:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c5087a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2987,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"ebf4ae376fe7b0c4da02abc9a0e648cf","sha1":"74f107d8c9add6f03d767e3c60b4b10d90f9b2aa","sha256":"67cdad7bd65668f2f0f392efb2933b7ee75902995fdefba25792859e4384b566","sha512":"b3fd5d449af21db89d091f46d6399f4e446889580de88f08413222d8f2b4a66c10eb09c0c3277126884f8c86fa0ba8310edb3269b400c85ef7afeb4c22a6278e","ssdeep":"","tlshash":"4c51f0f069fc608c65460738e6be88922f2d99fbb20445497d5d2ab0d717883f98fb94","first_seen":"2025-12-07T15:18:05.826288Z","last_seen":"2026-06-06T21:26:14.918436Z","times_seen":5540,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/css/8c9f15102b4e72a1.css","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/css/8c9f15102b4e72a1.css HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HmK2pl3citbeg7FYC1Sek8DF6SzxdsqVTjsWT3HuZt584oykAY4DSgMEy98bgFqGbfMUs%2B4jxULqB7X4FQqPp6M3cJIhvBK0LRY%3D\"}]}\r\ncf-ray: 9b9560ae8e5256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3887,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (3887), with no line terminators","md5":"4be2cc2ee2ce592cdaac4767a7c6c357","sha1":"80897d35b01fff145d83c840d66c65686ccdee4f","sha256":"1e615b7ca81bda2f8dc29a979a1ec26756e03492d8619d6bd14f84efbbdd9e0d","sha512":"fb800bf256e9262577433fcbe686388136de328698ec88e74c75bbff8f6f7984874a7545931e7b1034cab80ac2b6ede87680bf669bc0b5cedeabfd5c77e7fdf0","ssdeep":"","tlshash":"1f811121a267a13cb9f78052be60b5cd72549007f6273fdde9c0762a87c7ae3265174c","first_seen":"2025-12-05T05:01:35.728908Z","last_seen":"2026-05-26T05:03:28.589478Z","times_seen":2341,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/82849-e1ace10340da2839.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/82849-e1ace10340da2839.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lgFvWaBr9YDJ2Iud17awhnDgxZ0tqFuWH7tTAGGou6ssqpj3uZ%2FnzTAWn8mBbuSZ5yDK1rC%2FM01cy%2Fl07evk%2FgTMfXve121e1Xc%3D\"}]}\r\ncf-ray: 9b9560aeae6856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":180485,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"09e0a34842cd0e30fd0a103b73b7933a","sha1":"75567ccf60797bc81d69dc734f9774ad1342143f","sha256":"f12d043b9839790120fa75ba522fb17716f8f3b3df5b822bf0aee7b5af0c2f96","sha512":"38b09073805dbff075ac0462501410af1fd66fcf52c051eb6e8cde616c99d6e2676e62db25e9cbeb38c425428a40be07f807c2c09e108bb846ad9feffbfed49e","ssdeep":"1536:4UcXlryCtX55mQPVpmsuIurLJmvU340MLsUDG3BZN2EaZxVcGR5c7dhP3Whj21mR:3+T","tlshash":"2304d5debba0a2f4f005e7f8d7124468366b39fe6e52ca68c3a91d15e90108cdd59dc3","first_seen":"2025-12-06T12:30:49.949747Z","last_seen":"2026-05-26T05:03:28.607533Z","times_seen":6511,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":203,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/67369-222f9a02bd61134d.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/67369-222f9a02bd61134d.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=czJA2GOXz2xI6nbQjOsiimV256lJTnKTP9DoY9fZYBF97zvRN3RCkB9exFtRmMyDGvXlOXynzE5rWGqE9JZNLu1ufsTafDE0%2Bog%3D\"}]}\r\ncf-ray: 9b9560aeae6b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4883419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"c5ee70ca6b0f10be9205923be6019f4d","sha1":"8970f24fdc7a50c908abdf7fd011fe84ab06cf14","sha256":"54353302f4543dabf5579fe09b7789fd62384f6046fa2f39ee36ea54834c3fe8","sha512":"a46dbf384ba5ddd94c97b78e4e38d5c4a84e1444f7c19563e019ceb26ec121ac60d5d5019ae772e37483461f955e7952ddd84d1951c94882156a08c13615e0e6","ssdeep":"12288:z3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAILQDEmAx//pY:sNgvIh/V4y","tlshash":"c8250f5ccb9201bdae58adc1ca4770254fe282531fd789ed96bb7e214bb0adf4301e61","first_seen":"2025-12-13T06:46:52.564072Z","last_seen":"2026-06-06T23:03:42.284677Z","times_seen":13456,"resource_available":false,"data":null}},"time_used":2982,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":2637,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/holiday/top.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/holiday/top.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Of2mGkr241uEU72T9i12WkIloLn5pX7zNEPtMPTJ58ODBbwNiv4yUgJcQzhc%2FPRa6VVQG%2FTlzcmE2%2FTXEOv8l1%2FtOC%2BnXE1KemI%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 05 Jan 2026 19:28:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c5087b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109971,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"765e4b902462e81209a68203122c5462","sha1":"c8a22e10bde49777ae443e9f3a3b6bf474659b68","sha256":"0d81c69880f645eaa8ad5bc7f874fe5c302d163c6ddf8e2b2e5633c222949f88","sha512":"d34eb7f720beacdf9d545cc1219a56e2a26b05477d98d9ed188c116bc9319de2f49db046893a0ad1680ae6a9c81bf69190f5de47bc94fef0b5f99049f36a65df","ssdeep":"1536:TVcmxdYMDacj729Kbg1AsjwaT2ROc8n6GheoROmsrLc8h7CJaEukrWE/A:x/FDa42Kg17nZtgER+","tlshash":"47b3f9fd6b6185e0eecf8af1dd3649907f1b34fe2b52525482a4ee607833e58894cd90","first_seen":"2025-12-07T15:18:05.795582Z","last_seen":"2026-06-06T21:26:14.913188Z","times_seen":5536,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/gb.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/gb.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JQvcZAvrbQXqYRXyrfbIJxoUqQX0XoJ3uGZpqeoVvljOv%2BECpdBhM5%2BfW6nuVIC6SDiTdrAyAqcBXusuj5nl2FYPDfs2yRCEB5c%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 05 Jan 2026 19:28:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c5f88f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1183,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"99a9e5571c2f5acd9cb910ce6a3f39a6","sha1":"876935939a01dae371583220f75bef15b5185c68","sha256":"5ff2f32ed6905d887f7d771029c1e65b1ef059e92260b548908cabb4e886bf19","sha512":"14cfeeacd8e2f9b67bf2e1f5b2823a98fc60854fca5afd0b10be72ad647ffd38aa4058188451c98e2045628706f0b84dcad508fa901ce146705102fed962de1a","ssdeep":"","tlshash":"ea2163c84370b5c059a74fba9f28a2dc924925f9ddc96ecd10be0538445ff5ed01f009","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-07T06:25:06.41161Z","times_seen":6403,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/stat1.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat1.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HSS4TtuQhl7UUNTZqA05DMVZWBsCouXz348kffWhYX4jYHhRowhX5MfnO0%2B6dBK2zjajo9POzOt4u85yGfn12ZTJ8LF9ph%2B1B5w%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c6189456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3636,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"a62014bb87def86bc408bac073b0cece","sha1":"24ce6cf0ee0ebe7956bc76e9bd16151ec3da5244","sha256":"69a3b7fd361a9307dd99ab7a8c12c3178f4ee11e5573a2c0f78fd014e04f4b64","sha512":"ee7ff1a7a9cf304d61ac90e25998182241854e3de44df25fd9541b3caddb222d206a4d3fa250e4d4d64ab42d595f79a0e24fc21ec4fb753f0b7ca2d64eb73282","ssdeep":"","tlshash":"d771e6cd2be812f0ec85b7f6df06642cb80e14b2598848b8f21d1f557b04ce98a4ac92","first_seen":"2025-09-28T21:41:24.045294Z","last_seen":"2026-06-06T21:26:14.915753Z","times_seen":5214,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/de.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/de.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RPBpn72puQWOjTnVTLjnrKnrYjMozVBlS2isrxM4zzOIBqnMzERxFnx04cmfswO9%2BKpvz9OOPuzl3KvvNvFPHj5w7lEJ6qOM7mE%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c688a556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":271,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"939afd91bea7074f84f4a328ca095295","sha1":"1a8edb7520cb812fd35996134ae823fe8ade03d9","sha256":"8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a","sha512":"a3922e78b9ac5209cabea2c0945d474d24035a4e78297b3105779cea945b931ae83a59ffbf73e2877f2da42e0ff7fb5f23c297c1d7f7d09da3644ed63d82ef6c","ssdeep":"","tlshash":"c7d02bd8506ae8c04d16c7603e6c32c1288a6259238800dff0835338a6cb7ceb745f50","first_seen":"2023-07-03T07:07:12Z","last_seen":"2026-06-07T06:25:06.359174Z","times_seen":6170,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/it.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/it.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OGFt9DKTaB71BRWIMPIbmRbPlQbcxqdtcWXQuox4hX%2F8ORl3nn1yjNbyCCkjtPqNPN%2BvpkbhKGJnXJc%2F%2BYvItkTpX78Ib0Y7mSU%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c688a756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"4d4f20f2f1c88447480002bbf675404a","sha1":"e4a918db17e02d130c9733d7457211389b459535","sha256":"41b974254f3dd5b0853af7585c0417998a1ffa52e97e000fe2af3eee2c916d57","sha512":"04e180d7684ab9fefd920a74433c7fdea73380c5ec2588d6174ea6c14a20bdf1ebaf250158977863fd79051cc5012e5da4b9453f88998262b5cdc1672810ad79","ssdeep":"","tlshash":"e7d02b9dd07de0c448229bb03e9e31c142962327364500daf04b271861cc3ef7e41f04","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-07T06:25:06.33603Z","times_seen":6189,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/fonts/proxima_nova/ProximaNova-Bold.woff","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/fonts/proxima_nova/ProximaNova-Bold.woff HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/global/fonts/proxima_nova/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: font/woff\r\ncontent-length: 52068\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BWDoFCEUEVfyhGk%2F4PhX33gRP2aExZijYJMl6FqiovvHb%2BTRWz%2BEn%2FHEYkm0sXQxNWhTtq%2FrpD7DQyYqm5AKCdqkClBLm8lgwTs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560b1dede56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52068,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 52068, version 2.3","md5":"e2cf3dc2f079bf3d5185a02552f153c4","sha1":"9e900ba7e0890a12a5697fc7ce86c058b145d215","sha256":"99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1","sha512":"1043f0d116fcda17bd933ff2594b7c79a1fd41259f28aa8283d90e1a56eb6b8830861f109f9eeb3b81d79408e8a6a3648d973ee8a42fb5c096b0f84138392935","ssdeep":"768:gUZ1BWLCju+iIoHoWcknJh+7x77rai9YTRPxnE6eWPeLJWPznTdpjXeE8vFmdn:fX6Cjuct8QxDai9YLE6eWGYfbX98vMd","tlshash":"2433f1a524350e2797b7f4fa349d0665cfc6024db42b55faa4cbca019a5bff8b530823","first_seen":"2023-04-07T12:58:50Z","last_seen":"2026-06-06T21:26:14.89794Z","times_seen":15282,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/pt.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/pt.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7OfpA7rlalgCevNHV8gdUPLy50UglYqqAJcyEof11EQFdxqORZhl2n5LJSGb2XOsk8Dw6qE9o1OiQIhcPIkP37diqhimVNeyXm4%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c698a956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1445,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"6e9db125513715df3ec213f701b912d8","sha1":"f0fbb6a6e5b7a068d28792280f397a4b879deeff","sha256":"3054e3bbce0d049b0ab3d157a16b24f7a572a7a45e73d342e3b7b8d5f28f0a4b","sha512":"06c04e06e44b97fc2b4379173dcaa7003f3cc5ed58db1697e0934f96878fc16928e08eef9a0be085cafd61b545718da8e8a7d8b456b57b194a51c1e22128c775","ssdeep":"","tlshash":"4a3174c9a335b0c24a17cfa87f2ef3c2044a67f8291c9884708ba90c3955bcdbac4d00","first_seen":"2023-08-14T20:47:06Z","last_seen":"2026-06-07T07:21:49.247449Z","times_seen":5743,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/holiday/bottom.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/holiday/bottom.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/webpack-2ad475b2cb7994f2.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/webpack-2ad475b2cb7994f2.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZBs0WOxrW2U3i7cR3%2BZ5MqMlBQd9zS6Dzw2YMiki3OqrKeMHULKa%2BCDNtjTo5yyyPrOYfpNgDu1K%2BXD9w2uLj6xQ4ZyB4Ei3uSI%3D\"}]}\r\ncf-ray: 9b9560ae8e5356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19353,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19353), with no line terminators","md5":"ec0a82ee93d62d37c4a996800bbffe41","sha1":"894e71ede6ab8448ca94df2c74635ebd677004ad","sha256":"b76fe409d0ea4bfd26608e455fe5238751e45de69d4e5d213830b0f5608925f7","sha512":"2e8c5e44f3d0d7ec85c093de04da77d638aafd1cc94e19646486983673a6587b521a5b7dab5736566ebf608ac123c91e7b7e92a4f3aa48cb3826f7f297d7b3b6","ssdeep":"384:yHjhDiavHhyIc48SNIgWiatVzUqzmyYrDRweq9M2r7NwHZ7KR1fAl/0XSt:yIavUIf8SiIatVwqMDR34M2r7eZ7cfAt","tlshash":"8c925dbd731cecea2c3005c2ac1764e46508b1227d0a4cd1b1dae77604b5d75e76afb6","first_seen":"2026-01-03T12:45:26.790221Z","last_seen":"2026-05-26T05:03:28.679664Z","times_seen":304,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/4bd1b696-ad7506e6ce5b48e8.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/4bd1b696-ad7506e6ce5b48e8.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IjoBfuMnCVj66HkOvvT0GImoDRQG%2FQKGMaBAUzQ7GFrnug%2Fibz3jYf24y15pYAkZskTcx%2FK6QFclgjKqte8ewrRt%2BN0Axn1DQ6s%3D\"}]}\r\ncf-ray: 9b9560ae8e5456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":168420,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"15510eac41ab1d5ef4d07adf66470336","sha1":"af7eb0a2168918b5999e83b71a10ba52809f38df","sha256":"e5b9e2570593ab1e59ae6a397baec8491e4c3d5e4628aa1439940ac0e2aee2fe","sha512":"116e3ef82cb1608f729f9731bf3ba61a1a75624fec0adf57d0536e5f7e1abae6c939e93af5bbde399079cc1634b5ffda250a76f08571d2e30c88eceecd05b22a","ssdeep":"3072:btfjLiM+NFCC4YQbCCAaI/02UHCgwLRE4:btfj2ld4Y40fUHQRE4","tlshash":"0df3f7e83d99e2116eb342a7109f2803737c262b240d4c60a615fd9db5b845bb17bfde","first_seen":"2025-06-09T17:09:55.347659Z","last_seen":"2026-06-07T03:18:35.729991Z","times_seen":14209,"resource_available":true,"data":null}},"time_used":482,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/layout-26c77a77a9c24f22.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-26c77a77a9c24f22.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=neU1kF%2FA4Qxk8Glj2rN3hbztoKN0c6d3rlXBBoNYRe%2Bsmby4d4GzU%2FftwxvgozxJJM74BoMUGsL9MUZYI26w%2FbgTDrnenS0EmI8%3D\"}]}\r\ncf-ray: 9b9560ae9e5a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10519,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10519), with no line terminators","md5":"fffa9d16a9bf85ea640f77077d9a00ad","sha1":"9e7b4496282ca0f157b9373ddc9243098e4e9786","sha256":"79749b136d4250f187be376a46efd60b8e3e3fb67075cd615c7488ebfad40855","sha512":"93266d1292729a6a1de26d3df6c15a5068f62053d89f56bed43b068155e37add1fff618a328dcb1d0977a8340c2308eafe17cb6a917044a52af028cb5300090f","ssdeep":"192:lTUQwC6SCXdpZNRDvf31/wZbMdyeTJzTF5z56:lTXwFJ1NloDeTJzTTs","tlshash":"5422c611f584fc6d0be3c49c9cafca04d16e1b1ad898847b9f19d52810b299ef175b17","first_seen":"2026-01-05T19:28:49.62835Z","last_seen":"2026-01-05T19:28:49.62835Z","times_seen":1,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/4533-f395ffa838284060.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/4533-f395ffa838284060.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gyxbj84tmbUJV1PZvLaoHKyTYtWrYraq%2BIsrdQbupYttRqhWvCYou9ahsIq55e1KtiDMdjb65efD0RLcHJiFVqSpyTAOb9gwOm0%3D\"}]}\r\ncf-ray: 9b9560ae9e5e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1508571,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (23590), with NEL line terminators","md5":"02cb23e0140ac3f1124b63f9392c5be5","sha1":"c585676d7e1541c4af81c7da7ba18a0f98146407","sha256":"56cbf6f75c850dfd856a20be05abd4e7a0b0af0957ad118880f07f46b1c561bb","sha512":"548df32c16f15270f41a8e327eac53ebb3192bbb18036d9bc58acc2109994aaab4a27eb48d3d9519a17d0dc31745f8e2f2fc77f01a00217131efac7746dc25e4","ssdeep":"6144:Zgw/lsfDuvOPugROuelD8jbd5jiNxIzPCzes7CXhEirsOOKgZtAlrOMWvB5NpN1y:/1gROPdqUIWqs72hjW/tqaFk","tlshash":"3655b63a864927ba1bf3319429d537baa18a9224c3d4f7dff1e57119008fcd4902daec","first_seen":"2026-01-05T19:28:49.630622Z","last_seen":"2026-01-05T19:28:49.630622Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2614,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":2108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/favicons/greenColorDSGN.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:16.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/favicons/greenColorDSGN.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:16 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UtIh4yjL7jj93qIq2ECGO5JlfST6a0gSHLinc%2BAOz9MzsMnYX3hn7mZHAVAjGNqHU9YCoOcEcctf6KAY7A1c3oPhdgR24iSmKJE%3D\"}]}\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560b5ff1c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1468,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"50679c0c5e3ed56d05c1d0ed312419a7","sha1":"f9ea27ac71a78da2d61e14b84ea77ce447920d9d","sha256":"c164e1ea36438d14fea9b88996d154275a4c92fd80bfa082c7e00a343f241147","sha512":"163d4097d60ecdcf58cd01ea828e74491b0e27fcf3d40a2e7c56e6c90042d6d9a9b6cb18825052caf8799836ad35a44c1c88ffd2c35ce5d888d23716c27dd0f4","ssdeep":"","tlshash":"a4312e9e77fea185f448e7f8023999b932d36cd33a04d8282bc00c02e98091e9c9588b","first_seen":"2025-09-26T11:40:39.971586Z","last_seen":"2026-06-06T21:26:14.908077Z","times_seen":12154,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/mix/landing_girl.jpg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_girl.jpg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/30731-b4906d3166248ccd.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/30731-b4906d3166248ccd.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9LOMSWXz09fYspmvo4zJVYckCGdptW4eLt46BvWwI5Hc2tXNjatHRTXOSx4MA7PXPvRfs61wMkD%2FtXkqJU5uPCmPts6%2BITRkKgo%3D\"}]}\r\ncf-ray: 9b9560ae9e6056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":935432,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a278de30bdaee7c2a859ec4fe00720a5","sha1":"dfee7e7f7f6bb86b057a87c026fe85debcf3ff9e","sha256":"f1b31f7cc90eae6ec6abd1c9b5e2cab892957933851bdc043acaec409ca136d2","sha512":"77f9c98385a0189d3c4ac23bef30048bcab4c2915cda68f96181e386575b3e523fb4d6ad1d1b99f6dcc89b18122b8e0548ee2628d6f8d948571592754b9ff4e9","ssdeep":"3072:92ydhg+1uKewJ0Byiw1QRi8B6a3bmicWAM7c3jiPYFEcFBKKMhEmDhwZ8:92ydhxQRB0Dz7vMKmDmZ8","tlshash":"bd15b4985bb553fcf405f7f48a2ba4b43f6a38f67a42c4b8c3a91c15d4520ad89a5cc3","first_seen":"2025-11-16T06:53:31.123844Z","last_seen":"2026-06-06T23:03:42.288792Z","times_seen":13658,"resource_available":true,"data":null}},"time_used":1190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":793,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/53069-56b7abe954e62f86.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/53069-56b7abe954e62f86.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rvoa1t44ojlEIhCD%2FDgUUDmpsf22XmhedUFmrdm9eJFr2uymbQd611gmJtrb7WHI6FXrIQ5pKeOdtJd1nnPH1%2Fs04oGhBp%2FVf0g%3D\"}]}\r\ncf-ray: 9b9560aeae6c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28157,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28157), with no line terminators","md5":"043c9d7948dd04c09765909e2d475ba0","sha1":"adde300aa15b98cfe3e89319906bd9fa042d8962","sha256":"9d7e3c52fe4fad44c8c0f713f44d69040735dd81ea742e335329af3e2df0cd18","sha512":"76fdee81f90db6f33c53d90f13d7a5659b6b64a032dd8bdba82da2eb6c3d720ff6ca00862432cd4eebe055e414c21db4ddff0c82c006081053b621b1a4846a5e","ssdeep":"768:xdkmN3sw/A33SUYq31kBVVLLEhPEhPseqseqjvj91qSPxeeWpKMbSeeUP2JUT859:QmN3r/oVkZL9DxFW0MSdUTs","tlshash":"cfc2e68c932197f4f5d055f4e507149cfbae96689381c5b4e3a0be1060dbcdcb626ac7","first_seen":"2025-12-22T17:51:04.090995Z","last_seen":"2026-01-05T20:16:34.772339Z","times_seen":173,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/preloader.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/preloader.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/_next/static/css/d62f5ba88404dc24.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FVf8j9UgK%2FJOuszM91xBYWX25fUP8ZUxP1GB%2BWdLteEDtGLz7USys4TGF8Oav1wF9D0xIa4Y8iyvaBrrhc3OjKEvvUvyNufzyuc%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560b1cedc56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1652,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"d4cf0d8e07d5ff0a22dde176b5e6926c","sha1":"bb3f41bbc80202459f3bd9a27054f855523f8ea7","sha256":"caa934ceb360955e8ef4eae0984d9ee475137fa2eee2b013586e25461bc1703d","sha512":"03fa93b18e1610abefaaeee02782234d164bd6de0d27aff61c5aa02e260d50e0b69233306e46bcabac18c6de2ce085a5859bd4ee71c2480acb0e4a719a3c5123","ssdeep":"","tlshash":"703122c04abc425cf604a6a9cf122875be1a64ce578564baf3ce9d06935805b8e0299b","first_seen":"2025-09-13T11:18:32.012309Z","last_seen":"2026-06-06T21:26:14.891847Z","times_seen":12147,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/api/extra/holiday","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /api/extra/holiday HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintakeo.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EDpTkKwQzsdNtumIg%2BlPf9JD7b4fWXdsMNJIkzvCSPK%2F9ZbP6NcmUxZl9cLnmNxWOudNyuKfuKpMS3PIYUHUhmb7c4EKjxM1H0w%3D\"}]}\r\ncf-ray: 9b9560c2b84f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1f35aedefad7a69617067b132d4d24d8","sha1":"56dffa4efbeb3bd484e589862b33ff1133892f3c","sha256":"a258c14fa71fa5ffe21eadcc67917d7d10f7eb4e2df8ae97b7af15dd3bed5732","sha512":"f964581e2a41f62108275c49fc63583fe6b9954ec56c1ef49ac524ccc796e975a31079b3a2168c02d885c504f57c8bef8d3722c4cfbcf82e1ac2e4301ffe975a","ssdeep":"","tlshash":"838000032a0000b2c800228002383f2028a8233380000008a08cb00aca30022308382f","first_seen":"2023-12-05T07:26:52Z","last_seen":"2026-06-06T13:57:51.754283Z","times_seen":2911,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/landing_block1.webp","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block1.webp HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/_next/static/css/2f4da6ca7264e87e.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7ASBgs8nZyx%2FYCp%2BL2yhJemAqIwxzifnZl3I3M54EZDp%2BnWT2BFwF6hUWiXCIC7CQx%2FllpK9jridb8%2FV%2FSUBqgI%2BbC2oa5rH%2Fkk%3D\"}]}\r\ncf-ray: 9b9560c6189356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":100668,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1692x502, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"beadda0b4e63711b0b4765bf474b7f91","sha1":"180570575f14b695a295b80cf0d1db2879ee358b","sha256":"3d139969597c0674834ae9c8f2a3858fa88b6e34e944d17b161a19fbf45c3403","sha512":"e1956715f694351fee5bdced0c2552a7f228c08e9eb91ab0c6bce7af3d701f91f6c608c9008ab126e76713c4489099a1bc35d208be0f977c920e3f2c2a6d79f9","ssdeep":"1536:z9sFxYytScZqDm2ld1oaM4MhR4k1q/9rDZfgyZF4DMnYyZxhse1dUdKIpP7geRLB:zi3DScILf1jmG4q/n4yZF1Z1reRLEm","tlshash":"94a312b8ec062ba2bace5143894077b0c468b49ca3478b710855fcd4296b9eb6d179f7","first_seen":"2025-09-28T21:41:24.747542Z","last_seen":"2026-02-05T15:53:50.651778Z","times_seen":1112,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":161,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/stat2.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat2.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F2kCXYSz0z4Zun0N4y27LDzYPsXtLC3%2FltZmHuR4j%2FZ%2BGAdEMdHE%2Bt%2FrbqiuIOJ7Lwpa%2FChBjYTTbbhzUM7%2F0J2jwZeYwTGeit0%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c6289556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4012,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"5cbab71b6d96ad7f65cb930bb401ba68","sha1":"48996ecb2d0d7d9c1ecd4ccf994b9a24dd52ec6f","sha256":"a1c783e7030d327da610a9c36e0359b2e07573771468225ac6a6cd3c2d7bf12e","sha512":"5e70c60a35359b551d6009e1f63ebef5911c29a63d89ec24225f48c7f20d33982b1f0353cade31e7f541d3df5d534984b6c69379373d086a7e1c5adf536eb780","ssdeep":"","tlshash":"3881d5d82bf585e4a2869be3df01582c3d0790fa2ec54840f39c6e682f55c7dcd128ca","first_seen":"2025-09-28T21:41:24.398473Z","last_seen":"2026-06-06T21:26:14.884662Z","times_seen":5216,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/landing_block2_semi.webp","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block2_semi.webp HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/_next/static/css/2f4da6ca7264e87e.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U87oUvX8%2FNb9tJu4OOHv31RH0DnuetcBXH5cOZ4G9m4o4ibK8LEZfe6FsQphyfNsbgKs%2BV%2B88sN9fTfZh6TKhFaP6WgfXUh0%2FJw%3D\"}]}\r\ncf-ray: 9b9560c6289756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24676,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"47d74556b89c1c11a21aa2b58bc110f5","sha1":"a3d1d4247a04deaadb8174be4004a5a04da6c357","sha256":"e171b6c43373ca9288990a9541f4dd9d3c427c240403935c00efcfd01c66cf9d","sha512":"23f0e2921c40d067c4d4df15fee5571b954b7f4a02e219b27eb1329c0dd838fd2f74a092a28c5f1a66123c5e0f723cca0ea6b86a41d94043707bd95c2ad015e6","ssdeep":"384:278MCounIgHtN2T0f7Za2YL1waqJnmLZfZy83USSxlxohMbH0hWm6AbJ0Q+m6RkJ:CijNZfm1Q6lZysUnxwiHRAyXW/N51ijQ","tlshash":"f8b2d0d39f4e2fc47d34dfe6e56db1de1adba31116f552803a161603803fa5e9878029","first_seen":"2025-09-28T21:41:24.519831Z","last_seen":"2026-02-05T15:53:50.628717Z","times_seen":1112,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/73943-99a3b94d23820956.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/73943-99a3b94d23820956.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=szZGuEJynC1CqIAvyk4PvAcRxW9e8hU4iP7XxKrGDJ1wcPCWUmDkYwgHsZsJ%2B07XgAohrG9AO9M47Jwz9hMkZDRBKAER5LtOuZY%3D\"}]}\r\ncf-ray: 9b9560aeae6f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55279,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (55279), with no line terminators","md5":"512c4da4d156f93b7d29d8340ada3158","sha1":"082c1a240f637c6f5330486ab255cb8473ee6dd1","sha256":"daae7abd463eebc16d588ec59026a628980aa1fc881543acfef0e7cd9e60c83c","sha512":"cf33d105d2d572573799bb4a268c2b559283c358228acdf978ee5f8a930040462aa8badbfa4cd2ba3847704db49a98822438013ee13731924f2d12ef3ad37651","ssdeep":"768:TIpoCFrHcJfP4gFxZePqxkKZoesmsb4xvH+k+BtJ+cIDGQwJ9IEH6HxHRzZASR/0:TDLhZLD+tPIRA","tlshash":"474383dd4bb019cd6dc49ae9bf0600bc363e92bab069882ced4d4d3850458d9fe1bbd5","first_seen":"2025-11-16T06:53:31.11087Z","last_seen":"2026-05-26T05:03:28.613313Z","times_seen":5010,"resource_available":true,"data":null}},"time_used":420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":374,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/mix/landing_girl.jpg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_girl.jpg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 45775\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\nage: 0\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6t3SQWzJpNaFVsSGITVsA6ocXvFRy1GkV9OoSdc6B2%2F2e1lFrFGe50PcjeS1BOeNW85KxXPji9tmRW2%2FatCYEIDFy3SPQGF%2BPGw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c5187d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45775,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1184x514, components 3","md5":"e3369807688282f5f8f0e0674433e94a","sha1":"659fba13047b8945efbfa245eaf83c2fc8c60c17","sha256":"cf3dbae20a4ebd218ba2c24706405f94a717ad219f54e3e46722f2cfd6994449","sha512":"f651d12914cc1f77f3a4031ebc614acce4e0ebcdee1a48f05199095a97563ce150a9b860ff646abe87ea5903caa7c37d56f6f73ccd98cd7e6b44bbf8035bd92f","ssdeep":"768:/8jBOVR1XMbPWCn0+xiR5MgLGrwFgbBdSsHVijJilM40aVFxb22/9KTLci8FhvY6:/8YYN0+xiCwcB71ijJ2MCsu9KTLROYEx","tlshash":"d123f117c7f9d135c4a185368886aa8fe96da2f80527a14b4764ef1e3483ff8bb9401c","first_seen":"2025-09-28T21:41:24.696394Z","last_seen":"2026-02-05T15:53:50.631174Z","times_seen":1112,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/footer_support_girl.webp","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/footer_support_girl.webp HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/_next/static/css/dd96f445b1bb1a72.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ov%2BjFwN6myUC6t9bf2X%2FQWmRPDg5BXfXm91GXFbBgVMgZr9ph6SNX5oiCfQ1jXfMyUHcVqubzzdHtGehJmGk%2FujqtdkLE8USGEg%3D\"}]}\r\ncf-ray: 9b9560c6389856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27048,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"09c8bbd7b72104fddf5667366b91e8d6","sha1":"1132071377be49d825243f2bb3d765f27633304c","sha256":"39196e9de7c8f8487ac14dd234fd18c29134cf4ad2e240a7868dcc69ea976ef9","sha512":"6c7baee249ec1f5f52efd5e10f1f26624f1a1d60cd1efce0b18131e36626d6bbefb1f818384506bc655728ff6c6d16e49627f82c0817646acb209a8bf2565e98","ssdeep":"768:1S+q2mnK++XmZL2QnHpqX+ayb3uGNt2El:Rq2kK++XmZ6S8XwjvN8El","tlshash":"10c2e1dcaa393ea457439b0447a8ab91910ebc7b7881c6b514274329d72f7316f0e877","first_seen":"2025-09-28T21:41:24.688739Z","last_seen":"2026-02-05T15:53:50.636912Z","times_seen":1112,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/mix/landing_zeus.jpg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_zeus.jpg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/dc112a36-4dd9553e3950a789.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/dc112a36-4dd9553e3950a789.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=izaAXNYMlk0WJ8IfH5ybxFoAJglkWClJg7YonX1jSgQvE73ZECUBvcXtkpBvMDaqpToVOGbFIyxLJzut4FSy1NbWZeCn1iqkEAE%3D\"}]}\r\ncf-ray: 9b9560ae8e5756bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":305838,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8b0312e3e2ff7226227ee081f6693db1","sha1":"823c7003795d9623f8992900a6f337f599bb7eda","sha256":"dccd0125f7ca7c6c5f3f8ae7d813743257cb55899fcab2d63b70fdf06b2a05e2","sha512":"612eb966b9409ee719588a9f82170d4d6c9b5c075b85981a1ac0dc0fb8119997de7f6a139ba2908d7ccfe0ab342f452e39ca15ec3d9fafdc1c2a7d36cda06d87","ssdeep":"3072:Hbyz4KjrqQmINGbpJGDc0Lf1c/X6Rpbdt0myoQj7sOU1IMi9wD5yojt:HijOQmINGbpJGDc0Lf1c/qD0erI5BEt","tlshash":"295419597254343805c540a9906f094bf736292e246ac49cb36cf4efa8bdecd31beb79","first_seen":"2025-07-19T01:07:13.417114Z","last_seen":"2026-06-06T23:03:42.266306Z","times_seen":14190,"resource_available":true,"data":null}},"time_used":886,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":303,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/49080-aa8410705e183b35.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/49080-aa8410705e183b35.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3fbN%2FHnnGm37npzyQWoQFzmYPaDhMb4yL2jsDvnaZCrGCasKO6%2FQEBw%2Bo2%2BETmGAR7KIdWuJndfA3Adv%2Fh9ORywDB6lNGNFaLMg%3D\"}]}\r\ncf-ray: 9b9560ae8e5956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15261,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15261), with no line terminators","md5":"69b80d969aaad07036978bda468796f5","sha1":"e06516d12bff2faa89329f83289d27d4ac369917","sha256":"5f09712195529d437bc348578aca6c679da21c9bab03b7d1012f70a672a5e017","sha512":"bb02ebc1b0fecb6ec0cde686fa78655706bf3f50939f8e7b52347e7aa9811af62fd5e477fda50bd35febb5fab3c591e88fdcac416da22b22d3c1b90f3d9220d6","ssdeep":"384:OQLgSjUuqTsJIMnocJPYVrBNfF17KGYJy/t3F:mSjUsIXcuzcpy/tV","tlshash":"a96209a0b580bd360367499180ff4706b335593a5c1f9498b7b8ccd562b4ece41eaf8e","first_seen":"2025-10-16T04:05:32.818988Z","last_seen":"2026-05-26T05:03:28.592629Z","times_seen":6852,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/twq.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/twq.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r9w%2Fy96ov3uTdPZRyo7ZBCRgo7RkG0GYqNMimPjV6ZbRe%2F3OH3YYuOparP%2B6QdGRPDiX7DNFgfUIfBFh0NVCNq%2FaiHbhnj81VqE%3D\"}]}\r\ncf-ray: 9b9560aebe7256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript","magic":"CSV ASCII text","md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-06T23:03:42.321534Z","times_seen":16170,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/mix/landing_zeus.jpg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_zeus.jpg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83969\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\nage: 0\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 05 Jan 2026 19:28:18 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=66WZdsDPeABPsRfcJnLf6Om7ZSy1MQifhtbk7nTKujY95%2BsB8J7IbcGCSCuUFspP0m812KHIi4cLKIdX3unpiJnoiqDmiWUs4es%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c5888b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":83969,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2368x1028, components 3","md5":"83ec1ea64ab4794c804fe2f0ab1a3fa6","sha1":"67ed7e35a0495f05f884cc1bc8a67fc94d1e92ea","sha256":"f9c06cf1dc1c7333cd51fd41fc8c76769d11af5972cecdc4f51f0a5f4d261762","sha512":"30cecfb7a17c1c8429faa60edf6ebba0c86697ce85ebffb34e779c48a8aefaa51a2d94a7a6c7e2d99c381e92fc7d64405e37a655286894eea032e8d3581b280d","ssdeep":"1536:j2imp411U3xRic+oIoJr0MsYSfdvyeeJKHomJVeTVvnADAX6Jj/:j2imx/il1oJC5vye9H3yTVaAX6Jj/","tlshash":"6783029e934411dfc9f957304347626437ee936ef62842c7ba2c5e50baf4b942d13788","first_seen":"2025-09-28T21:41:24.142956Z","last_seen":"2026-02-05T15:53:50.637753Z","times_seen":1112,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":136,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/free_reward.webp","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/free_reward.webp HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/_next/static/css/dd96f445b1bb1a72.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/webp\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gpfnPWV6JvgRkcDf3yFM5Z4tqvCklQ7v%2Bv1C0hhHUiW7bAH1XIEF8ZGkCNyO76%2FDDoiN9I3V25jCT1l7%2FKMgQ9KfCfu53bZeX9k%3D\"}]}\r\ncf-ray: 9b9560c6189156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9602,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 390x108, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9ff1da902b946265f24272fc301815b3","sha1":"395daddb9c99b6f15b2651985a115e6395128db6","sha256":"67f87d0d17d6c7549cb8dfca755651258f123d24bd28e67bf90a6d1777831edc","sha512":"3e60ab0677a151c7eee4111c0269503dad38b9e36e9a7d52e540968d642612aeecaab21091a3c3795943bfcd701b51efc87ffd283a8273a4159484de4a362e29","ssdeep":"192:AXpAE6uvkjO9qzNScQt9EXi9N6y7D+AKbr2i5+q1Hj70rl7zkmt:AXX6s/9qzNIjr7cbiIRjorhJ","tlshash":"35129e54b67eeac19fa7c5ef26f093931236a77d11b1e8c3087d1ca64464930f384a1e","first_seen":"2025-09-28T21:41:24.335314Z","last_seen":"2026-06-06T21:26:14.898554Z","times_seen":3990,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/greenColorDSGN/bg/stat3.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat3.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l0H2fbpcvlx2k5xGhmG4A%2Ftyi4BeOAnLmH%2FNvf3as4Se%2Bp2nvmAo8T8Uj30f1mDydf8MIkzxeE66VqyeW0MSZ9ANzwqyiw9Maxg%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c6289656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3827,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"1b07edac84752d7c56e382e1f7656115","sha1":"1ab72bc6895070dc7d55c8d87d4f4f907c19c019","sha256":"979df951bda3030c2abf6f6508fa7d5914c95535e4c0ed1f20a836cf2857bcbe","sha512":"97c1a7ff703378b6ae5555c686ab628ac9387b52614d1144beb72d575391ae717a0e25c981a4de8366948338760c57c8a8c19913f1d8b37661a2e96c1496af66","ssdeep":"","tlshash":"9a81b4ef5fd402b4d889d3e7ee3214993e4360fa5a8a0d04f36cae89575585cdd1a8c3","first_seen":"2025-09-28T21:41:24.193021Z","last_seen":"2026-06-06T21:26:14.913653Z","times_seen":5213,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/css/d62f5ba88404dc24.css","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/css/d62f5ba88404dc24.css HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8g%2BORoX2hqBow16zi%2FXfmbCE81GOVVjlp6qxwbMAr5DYXxmD20LAqe03tZ8k6RJhqkAq41wSryPlkcP5s5R8g4lGBvmSzMVRcGY%3D\"}]}\r\ncf-ray: 9b9560ae8e4d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8913,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (8913), with no line terminators","md5":"0b032cede6c9c4062143c0e3484d5fba","sha1":"212bc8066eb7687f9cc265cd246c17a8cf4b7049","sha256":"ee5450e1144058144224156560759373edaccde8c7f78d2cabdce73ea2562a9f","sha512":"45e2f663371906cf2de548b65f2bee39583bf5604d0e6d9bebac3f44b2e716dcd797147229795e6721aedb3a3580b3f10afc24d391302f36b6e93d9974f38929","ssdeep":"192:SWJhP3QmRtK1Sr1MmGs4ir/MmGhxorc6UAPfjvhGTR9:ScQmzK1Hmz4fmfu","tlshash":"9c02c93fb311a072414b4f4d8993af7a996ee186d7136a6ba0d4080cf3ce5d114e5ed7","first_seen":"2025-12-20T09:49:49.790348Z","last_seen":"2026-05-26T05:03:28.652564Z","times_seen":4774,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/main-app-fef4a8898ec7782a.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/main-app-fef4a8898ec7782a.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wr34vy58rJclR4WHrBgeWbm0xfK4TRgYHkRHbYZZxyQbqZuUjtJ%2B0h87wLgqCHjorBCAHVC70KPvW8kzqeMYj9jE8j0sZHlcYJE%3D\"}]}\r\ncf-ray: 9b9560ae8e5656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":537,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (537), with no line terminators","md5":"c06acc17c28c2888a1a2466b0a0d12d8","sha1":"63d7278ad805cf6b27e6fb76daee100f7cc61afc","sha256":"90a949795e63ad10200d2f57df2706979fd66bd412caea2130a9c707e21c5d5b","sha512":"745f5cba8c1f8c006b2d9a1f8ec15fe3e66d7909766f446755243e1b63aa4d611233d9fa175bc9001bcbce4a4a782e79feb80846ba96f394b38c1ed2b1f3c2bc","ssdeep":"","tlshash":"f5f0fba55f0df42f5d266e74fd97ace2184f4275206b4e647d01dda23c67b6cd260408","first_seen":"2025-09-13T11:18:32.65005Z","last_seen":"2026-06-06T23:03:42.324768Z","times_seen":14183,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/63712-08d55a4030f898f7.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/63712-08d55a4030f898f7.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m%2F7BAqnZnmKtuR6IAiaWAP342BfToNLIH3LcY99QMaJfIJCOX0cr2ZuT0XbGdSojPHT%2Fx7URlJ%2Fnji2Xbey8zPrznK4VKY5lqsE%3D\"}]}\r\ncf-ray: 9b9560ae8e5856bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22721,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (22721), with no line terminators","md5":"614fe7514839a09db165d48ad01da840","sha1":"e492263f454db98a8cc2c89c777e5572e854e343","sha256":"4974bda3ce7194ae592697daaccd424e6e8e231bf15187182bf4d16522e9bffb","sha512":"7eee15e6bce48c5b1adfc53ecfd7492109fa6272d866622f055b91ccc80e8bb4e9fdc350413cf4282d6b85b13fa72188cc51445cf6eafb6167d149ad45af1b8d","ssdeep":"384:RSHQzwzI46bFWDyhQ1qqo5W6m4WIQgn1fy4GaQANJVOPe4+snOcT34McbAmrh/2:/dZsunDqNs/AFD","tlshash":"1aa2b449b9d1f47453a3aa51843f440bf2674ea8a05db8d8d367c9e5adb888e4073f3c","first_seen":"2025-09-13T11:18:32.286663Z","last_seen":"2026-06-06T23:03:42.244515Z","times_seen":14133,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/58211-d9d578b8de9e3293.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/58211-d9d578b8de9e3293.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tSACcMRcqAcLNCBXRfVQeipVqKgBwpYArmzTkzGBVEgCfAyGFpdG%2F3tCRLMYTuX5%2BSsnvgTK5IBYLRomXd139ohD9ykuVLIOv0o%3D\"}]}\r\ncf-ray: 9b9560ae9e6456bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39725,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (39725), with no line terminators","md5":"f7d84948f8ca0ff495e7533d0969b670","sha1":"3330c776cfbb7ea04d30b89a9686eaea35f24747","sha256":"2180eecb87df810a0f91771ce87e9c4f6e185e9011d00147eef0ca9c7ed750c1","sha512":"04a5f0711a52dd8bcfe0ea6d66662ed5e0a8610c8caffe461a8c8178f8f40e55b4c40c7ea11716a7dce1631534f5e22f9c5d86393e31835bcc686e4aa6254c85","ssdeep":"768:01KE8vZ7HInPlFvvb5AvexGRrxVP1fr4UK1fWbqYsCL1fZnK+jBV9YCO:0voWV","tlshash":"f20399866740a83d2587c16fd63a6415f3bf14ebb92f9390219aca3cf506dc0f5365e8","first_seen":"2025-10-16T04:05:32.927959Z","last_seen":"2026-06-06T23:03:42.283141Z","times_seen":14062,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/58733-c5eff74fea05461f.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/58733-c5eff74fea05461f.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IRVerOu16Z%2BRGcirw2Og1mWKycbId6mDdSreK%2BhUkh2r4ri0gBRIJk6Ud9lB6J%2FFYCHCmD7vE9ckFV1%2FFeNVddLBwv2NtfIRXmQ%3D\"}]}\r\ncf-ray: 9b9560aeae6956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18872,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18872), with no line terminators","md5":"608213cbae5946f55bcf6e3e236643d8","sha1":"e6181592f15a748e4b0e3a86966dc1cfb5d508e5","sha256":"dbbc5742780c4bcf13e1aa6afe878f0beb77154dda969c40b074b762a7afbbdc","sha512":"22e77044234d9e0b1b4cfa606b0cb04a83d7492edd1392a1880a984adbc4742f98397845f91d4a09f49e0ff4be85d190e7857113b818a5125c39ecd965504cc5","ssdeep":"384:7ry4eoKi6rba2BN4eofEPu2jQi/Q8nTREBJ6F5ACxKv82wfLba2B44eowGJdba22:7DHiG2Bkeu2ZQ8T6BJ6F5ENwDG2BZhJ8","tlshash":"498286e5e3ca73d0e10af7e44116943c3b6b21fe2b36cf584b9badb0a61549c654adc0","first_seen":"2025-12-05T05:01:35.743711Z","last_seen":"2026-06-06T23:03:42.299103Z","times_seen":13546,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T19:28:14.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 19:28:14 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: default\r\nvary: Accept-Encoding, Origin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FatGjU7w12yFS5RKBVL26TLzNrJCG0V3RipTtV2zZnmlGBkuAZx98VZoy92nCrmAUVjqtJcPlFm05mwqOO4%2FKOuxi1tTM7RMDnM%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b9560ac180fb4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14610,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (14610), with no line terminators","md5":"f71097dbbf17505edb0536a1f9965738","sha1":"6accce50c3228134b0089c90293d494bb44e24d3","sha256":"ea3deaa5bea25a7fbba380a2469651af65345a000241f4d67e4dc5b192613fc9","sha512":"ea9c66d219f08214e45a81fb55003d6a243a0c9a9cc7114a2cb3cf6a2973f54a3590667f9196285d4be66324390e3636cad01ea48abff7df4e0a5b3531135332","ssdeep":"192:EEBKBBZBSBSUOB7L+aChnvefSpGB913MCqEPqb7bIrrfNsQbb79WmzpoH4UBSt4s:E8SbKHOd+9vHb7gbNs+b7M2UI6s","tlshash":"08622f1bbc05ce469c76ed5d413e5e3a80cecd778a34c9ace28cce5d0651aba1bd8c81","first_seen":"2026-01-05T19:28:49.658829Z","last_seen":"2026-01-05T19:28:49.658829Z","times_seen":1,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":73,"dns":52,"connect":1,"send":0,"wait":198,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/holiday/snowflake.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/holiday/snowflake.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/_next/static/css/d62f5ba88404dc24.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cy%2Bs4jBZ7ciHkWkwThwW0qqegSLLigcNh8FL7ukIt1RM4Z%2FNlR2v%2B%2B%2B1eHnQeiqIlCKwZ9KmjvSdx0OtkkEr9ML05jGBx6fvhzU%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c6189256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68980,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"24d53643ec64cc7072f5bce2d1a5c88e","sha1":"fa64f18716f856df6fbffd531ea15f1971243491","sha256":"e504b75aed9811922cd172445519f1358e1a4b2c49ae55d60b8692ba8de044b1","sha512":"4ab334b1705f4bc6339da259ae4ee5d5e6c311396192cda2f60db38f7d75b902cb33ef5ee48365a49bbac56b7a609f92379cb4eb509208a825abd9e7941a62f6","ssdeep":"384:9IdPeRaTXHZHcRzT6ug1W5LHlrcOJvGWY:9IdfkT6uYW5LFrfvGWY","tlshash":"0763725927bde438499081ccad5fb2f7340b50ca0f255ba5b00e8e5fbb49e9727271e8","first_seen":"2025-12-12T08:06:26.78151Z","last_seen":"2026-02-26T22:48:09.73131Z","times_seen":1552,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":213,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/css/2f4da6ca7264e87e.css","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/css/2f4da6ca7264e87e.css HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vIQhokvWdJB%2BocGxDI0AD%2BqwEzdbFswNimB14J0Yds71UuB%2Fl%2BbD3U8STVt4QJSLxJuJK3pkIlHCzwSIwJZD%2FzqoTvMvjvmI9O0%3D\"}]}\r\ncf-ray: 9b9560ae8e4e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73819,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0f3b0e9058a09d95646962da226ad1fd","sha1":"8eebe5fa5e10b07506e6daaa379ad9686c207b34","sha256":"df0cd73f017c10f47f3af232fc4b17c2f4b98aabc42ebcc8fb634246d52fdb49","sha512":"6afec9e60dbeb2c82e3d39ffa101ccac999e407131f7496e3bf1635d0d571058640d32bda02dad9e0436a1a71c40c0f773994230fc71a2290cadba5bed6146c7","ssdeep":"768:9FVoU9aT1kzyfVrIP//+dEt+WG+d/efK8yFfo5Xem0tTQog:9zr9u1kzyfV8n/+dEt/G+2K8aAZ0E","tlshash":"7273d8325235a83cb9a7d813b5c15ace7139c613d6730aede55aad2984c72d33b33788","first_seen":"2025-12-06T08:47:15.458317Z","last_seen":"2026-05-26T05:03:28.694179Z","times_seen":387,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/not-found-5d34a3827cbb9820.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/app/not-found-5d34a3827cbb9820.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DZyun4aWlL0ShTIHPZ0SYamWF7awilCYGAZYKscCR2CNlzG6omIlDuy8nQpf1sIdE5yKI6lPLe%2FwPgEBtO9BPE%2FQEOY8EPSXOuM%3D\"}]}\r\ncf-ray: 9b9560ae9e6256bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57584,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (57584), with no line terminators","md5":"47f4da4879447885cb81a37df1b3efd5","sha1":"5bb69c17164543e303162a130e03918419d485b5","sha256":"dfe68069622d9a3978f1504c01d4c1f0e3dbe81d41313f1b9dd02a161e196b1a","sha512":"79354f8b1001b3209263919803f1e12de72e345be7d98307d484dcb4807461f584620e1020c0f97862f6e29ffc6432fd82474c9c3455c7b4fc202dfda1cdef8c","ssdeep":"1536:k8cwg5kif2aMaiR6HKf0x0XEdw/BvD7/a9yOAC:mdw/Q","tlshash":"b64374ed5bb009cda88896ea7f0610bc373e41bab46d8928ed0d5d38a0418d5fe17fd5","first_seen":"2025-12-05T05:01:35.726624Z","last_seen":"2026-05-26T05:03:28.598494Z","times_seen":3682,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/holiday/hat.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/holiday/hat.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/fonts/proxima_nova/stylesheet.css","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/fonts/proxima_nova/stylesheet.css HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/_next/static/css/d62f5ba88404dc24.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VRjIEZ4p7aBBamoSAtoJXYBZc24AqnQWvnrL%2BcpeA0OAiJuGHjiMxK%2F2ACk8A2Jm%2BwXWad6biT%2F%2B8xn12FqRTe9Id529%2FzECK9E%3D\"}]}\r\ncf-ray: 9b9560b00e9956bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16610,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"673fa97a88bfa20fe973f673a53b3eb3","sha1":"76e3dba5dcfc59e2743f9e311f00af3713558911","sha256":"c95004c3ccd349ab98e3399fc906b32ff9175ada6c1f8c96eaa33e2f11cd1a6d","sha512":"c50ee40dd523a9d412e32e2fd7dead904f4db96155ccdf0966b597f4c5b58040616fbe64f27a5a525761d3221bfd8a8a77e7512e793991ccd6ba803c8f966aa4","ssdeep":"192:Yz6b6dlmqgqYGVNCGAcCh2H5vwCGmhRgSem0pBjqkCY9WTpnOPx/OSW9r0tZxjyL:0aG7KUC4ZYCrz2muZHCfWctAH/uNB22","tlshash":"e0724942cccdbc624aa6148077fe6ff60b4e28559079ad57ff3c38389d115adc68472a","first_seen":"2025-06-28T14:48:13.079962Z","last_seen":"2026-05-26T05:03:28.639769Z","times_seen":6967,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/muskColorDSGN/mix/preloader.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /muskColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Silx9Acb0k2mPDKoJrjZ0HNA9%2BE8pdj24U1PvRaR92zzWFCQ%2F6CoICtKN1d8VrS7SStrNwYIEECoPbbMtw3lNcXBAgvIMg6MLas%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560ae7e4b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72100,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"850e1745f4385099a3518d32d9145e74","sha1":"69969125e203608b7462ed6f8eaaa2917d48ab0f","sha256":"31ccdbf4baef0e8d2e5ef2d71b200f1b8288afa891e6ea50729feecd86dcb895","sha512":"617fd124ef9ca7077d4215668197b1bd456b3f6dd2063130545d4040c4ae11c1d37a569ad757ff74ee26ccedb5db2f150439c8c515bceef6c0434c81ae46edee","ssdeep":"768:YDpuRdZRXU55SUH2v9rirdHR96Hi3WdoanhrqCLUEBHp5ZuQ+Ip1xLtaD3LxUynT:Qk9eui+hrhUEBn8WXED3Lx/T8QdxGwlH","tlshash":"a06395ed2bf018c949c8c3d7ff5944a92d2a91fba5484908f65c4fac1b85c5eec47ac2","first_seen":"2025-11-16T06:53:31.140817Z","last_seen":"2026-06-06T23:03:42.22951Z","times_seen":13808,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/css/dd96f445b1bb1a72.css","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/css/dd96f445b1bb1a72.css HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vBhTeEfraSUzZOw5tZ0i8%2FIimLO%2BGrQA5LSoDhOTWMzj9%2Bg79zfEhYy%2F77ffss388PnfduaY%2BOLUDq7kvoVJmfw67BTJLriyQiA%3D\"}]}\r\ncf-ray: 9b9560ae8e5056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72688,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"6804387e6d74bf184aa158ec6afe4a5e","sha1":"88eaad08bc130b2d400bff1d43bb7c1c41071a0b","sha256":"d64c9ae638d9cde6231c20e0ddfcbc195a44928e8a5d6314c776429d8e949253","sha512":"16f39773d6f44604e0c30d80577099255c3b6f1f9dc1648f17e96d3636269bccd9882653e622cb418c179b02b73c0492c4e1be68b45bb81e299aac0eb67d8d75","ssdeep":"1536:k6lwm4Us1N6JUZqCJWidBz9XMli9PozWNw9cXMomUgefzXu7z:Un6j","tlshash":"2863a7715238f53cb977a81371905acf7068d503e5736aeef964b93a80c76a33a2234d","first_seen":"2025-12-10T01:53:44.931841Z","last_seen":"2026-05-26T05:03:28.644139Z","times_seen":327,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":371,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/31684-5738d0dfaad74be8.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/31684-5738d0dfaad74be8.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=erUfoEf6z1wqlF1rU0Hk37zhhcAW%2FRz%2FoOPv%2BaCgqVeLtLbhsCbixRuCgYTLpm0g0m31HtkXVHEl2Jq3MErpahwkpi3d80RWHd0%3D\"}]}\r\ncf-ray: 9b9560ae8e5556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176077,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"338198f53e9ab0bb77a7fc2f057a8540","sha1":"78e8deb3e3e2703d617dfbcbfca2e893eb3cee92","sha256":"d3844f2db215d099728ef83a3b5cb3cb82279b669b231f54d2cdbbd958949f1d","sha512":"62ba9ce051e6974c6c74745a4ce6b49badc145041893b048ef42f09f979d0e579928ff78b7aa8abe587c73799a890c26703566918003494a9d1a3062ac019889","ssdeep":"1536:3Hk+1qVc+dJWgclHHlU0ob8OeM8aZLoEAEuRaQ3aTcXH10nZ6XEL4ZXEoFUOnN/e:VqW+dJW9QAMiEuV36XZmUON/e","tlshash":"8b04b8b676d0f89107a780d5843b400af3395c3b146f74a0a3e6cce975645dea1b3faa","first_seen":"2025-12-07T14:40:32.389468Z","last_seen":"2026-06-06T23:03:42.253797Z","times_seen":13585,"resource_available":true,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":382,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/53090-a64743b05c92b22e.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/53090-a64743b05c92b22e.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Och5aqF%2Fvt8XnSaIdbOvAc8D24NJ4F%2BqqHV9nONvWNDrgtDJ1HzIeIFa%2Bahle%2BXV5bf6sx5ZgAGdhIevEZAaPHj0uZo%2Bn788ybI%3D\"}]}\r\ncf-ray: 9b9560ae9e5f56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15666,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15666), with no line terminators","md5":"15925877203605d5f2355beb36d57347","sha1":"17da103edacb7e181adbf9304938d039a200c1d7","sha256":"a986f72fb7dc330235296b864ba0f244f1126b2eff777b8a13ae36875dc96157","sha512":"ad516778c2e0dcaa482b03f5ab7a44fea87ce340ae85aba921277db245d9e6c5a49f70a27eeb99b6bef662c873647590edc83e75c63116c4e456045245b91568","ssdeep":"384:hC/SLOZgztFl6pfisYkxdZEAXtwdt4DvWmV9PvTLsb6r7/:Y/SCZ4Fl6pfisYyZEhdt4yIWbU/","tlshash":"0862c6e0d362fad8ed6785d5f12ea906b11f2f988b19c074f6b85c2053181c4ba27b9d","first_seen":"2025-10-16T04:05:32.826709Z","last_seen":"2026-06-06T23:03:42.227021Z","times_seen":11965,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/holiday/top.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/holiday/top.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T08:09:46.638045Z","times_seen":16208064,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/(landing)/page-54838ac95a08a564.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/app/(landing)/page-54838ac95a08a564.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1d4uAV6CJZOWt2bXoBjh8galzOC4BKfUoRQvidUMUSTCOY10IXhFBACVO0ly9Smc0ferMaw0aAxDoxZ6Q02FrJdTfezwOdbVzJk%3D\"}]}\r\ncf-ray: 9b9560aeae6e56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15200,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15200), with no line terminators","md5":"dd7e99758c92063127f01323af98fb86","sha1":"7184d616193ba41ef166c97ca36a48dd62356bab","sha256":"7fe3ba00a3400ab2545cc71dee558aac50efcf9064047a5986fb8dfa7b3aceba","sha512":"84155d2e680dd656d91c4950e62c92b83e2e7a2aac6ea3e567cbb8e0891f52d04f8f358e7f8d80b7910a4e4fdada7ce193227db04e91da7e8cf3617b131b4fd7","ssdeep":"384:+Saddq55XGydqhFoSObqu7zYOJV56Gchm:+Sqk5WWWoSObqQJV56hm","tlshash":"3362b841e254daacf45394adc32d903d326f2599d65e8570f8fd9c3861094c8fb2bbac","first_seen":"2025-12-08T22:21:43.634376Z","last_seen":"2026-02-05T21:31:42.058742Z","times_seen":701,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/api/extra/pixel","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /api/extra/pixel HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintakeo.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vy3kbI2Kwe8jNmhrLOtak8ctEvBIza%2FX3cE%2FtEEN%2FENW2eD3DTy5DdDFLua7n596TV4%2FfOGZ%2BoMJ4QKsA8BSY54H8u6gsq47eik%3D\"}]}\r\ncf-ray: 9b9560c2c85056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"428647be4acae0d85bd0799a59237001","sha1":"25b1dbe5aaaf5fe53a11fdb05fd14bcad3e92ebb","sha256":"edad519cb99926a099d84224b6b7427bbfbaa60c6ecc1673c039a0723be93006","sha512":"8ed0b8ab8b00e7883301e4dc47e6ae3c38abe1686e6de48d43983fa8105203f86c36b86cff1a09c9bdf9406ac7c4ac2f8b6a8654a42e1b5d03d843b5085428dc","ssdeep":"","tlshash":"f4a022c30a200bc2cc00000008203b22eec823238300022bc00c0200caae0fc30c333e","first_seen":"2025-06-04T11:30:16.150294Z","last_seen":"2026-06-06T21:26:14.906672Z","times_seen":12886,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/56060-72611dc1ca384f99.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/56060-72611dc1ca384f99.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W1pg0BDENjNFSy2BNiE4tBQ3oYG0QHSMjQg%2BGJJu4PJOfy4nfMemmBZus7ssld6ij3Ii4vyjCciIOFKs8CWfUVR5Dvr7CYnsLu8%3D\"}]}\r\ncf-ray: 9b9560ae9e5c56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10031,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10031), with no line terminators","md5":"6685f1c3cdf6f0d1227ab2b5af23a056","sha1":"491d91380ba5da6dcd5027bd954e6fe11103b18b","sha256":"237ff25124f0ca73e06c9e1d59caadd016273fa9b5b6bf211c991cc8d34d1b92","sha512":"6667f2ba323afce441aa6e23fdcb8504dfeda05286da37d594827c605042ba88ddd7bc5c6ec9565109d4a0ad4ddc9f8cdde4ca22cbb9eb8122b85ba04bf1d0b2","ssdeep":"192:/ztywjuim2pZQizyySL4tLg6SpiQhQ+YmzSRAz21OfsuAAuaSXCfb+e:/z9juim2xWySL4W6STYmzSRA61gEC5","tlshash":"4622ea847260793e1547866fd1be5516f27a292e382ed25433b9c83cfd21ac85336bec","first_seen":"2025-10-16T04:05:32.850927Z","last_seen":"2026-06-06T23:03:42.225575Z","times_seen":14104,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/app/(auth)/layout-2f72bfb00bd0ee9b.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/app/(auth)/layout-2f72bfb00bd0ee9b.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZmHA9VfkJiq9J1Ax7jvghzqCCLuepeZhdI52yHnim1LqtVQt2nPVjwgh2nq8AeL67%2FbzEncBK7UgoGixnbj57%2FYgaUB%2BmgJABfA%3D\"}]}\r\ncf-ray: 9b9560ae9e6356bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5634,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5634), with no line terminators","md5":"eeb148fc570d2378a9f4fb4cef9277e8","sha1":"f15bcc479e6192f1c27e2c50e9957c34d69e1dc6","sha256":"28e0352c26286fc5b9430539a76f6e36d0f8ade3679fef2b830ed3805fb8b690","sha512":"0d5e4e9dc24973836af109e4586ee36dfa759ed54863e94049c0c21323043a57cc61354a7d5016b098e269eaabf1fe4be8e76ac9b487c6fe54177f0e396d92c5","ssdeep":"96:XZ8Q2TeV9GCuyzz3qZqCLXx29Hn5G9UV3aQ+7XCrUBTCUBTVy19GCOsY89GC4b6:p8Q2TeCtiz3Xqx29o92d+7XCrUIUvV3g","tlshash":"70c1a5b7b6c5fdb2565688d088378207ba503d37205fb480a7facce53169dca44d1f8a","first_seen":"2025-09-26T22:32:24.049018Z","last_seen":"2026-06-06T23:03:42.325772Z","times_seen":14137,"resource_available":true,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/58172-2e2ad5efca352ade.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/58172-2e2ad5efca352ade.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D8eu0FLaHMFNEPg9emW%2F%2BeKEOmmqj%2F5lJon5VnEufXbWycJEOXbkvKUCDG%2B7EZIyQrtYT9xKFsov5D2O6IPNj6hMAlcjqsppyjo%3D\"}]}\r\ncf-ray: 9b9560ae9e6556bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15156,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15156), with no line terminators","md5":"a9784916761bd2bbc76012952021d42d","sha1":"253cf85cec6b9a53b449d758e2d542a9a182bc23","sha256":"c0b7563919543117a0168d95e03a8812821df1f79a8bf094dadda24536660d92","sha512":"54d0abe66c6ec80868c406f1838ff8760bcae6758bd406c57e29d3ae842812ffb81cb315706c46e5d6a26e8bb80c7b1fc2787d02e360d635ebf22aad6c3c7431","ssdeep":"384:H74ml/FeOUGcg70p+tlof7VCEv/f2rVdVOmo778U/eWJV+o6:b4mldXUGZ0p+tl8VCEv32rVPOmg8UWWo","tlshash":"cb62a6d12b10495d3583ce7aca363929f2ef69ba393d57401168cb3cfd18ad4e6361e8","first_seen":"2025-09-13T11:18:32.621492Z","last_seen":"2026-06-06T23:03:42.283917Z","times_seen":14130,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/34230-e87c8d35c9fa1ab6.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/34230-e87c8d35c9fa1ab6.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8KZE%2FZxBQSzskT4I2sVQLcSAijeGrKYuNW0slfhXp7itAXZ8U%2BFCAtWyxSwwYdm%2BSpX7jEaa6DzekxLDkoxTHEUwyRGPYAPurHU%3D\"}]}\r\ncf-ray: 9b9560ae9e6656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23047,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (23047), with no line terminators","md5":"9b4900ae7910372c39f90a4ebc702603","sha1":"9a24a588c269ce9c3f57345c32fc19f6681dbc0b","sha256":"09f6962b4e78defeacf0013f19bf739d5427801904333b19f9ab4cf541db3440","sha512":"4a02c00c407ec0eee649e22031775550a2e27fd675d23235783ec11d04efda2480a219e318fbba5739af05b0bd575f5d6d94a5a5dd2db29a03b891b9ba3069d4","ssdeep":"384:05ae/t9qDM109qxJ7aPk9RqKIyoIPzM73I/AKIJ1L/7E48z/08zXvnL5/Tz7qt5V:veVwDM10wxJMKIKIy6IzIj/9KcKN/POB","tlshash":"b5a272c9a390993d2583c53fc635b426e2bf09fa753e534062a9c63df909cc4e7365a8","first_seen":"2025-10-16T04:05:32.834372Z","last_seen":"2026-06-06T23:03:42.295779Z","times_seen":14058,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/53331-ed5951db58e70abe.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/53331-ed5951db58e70abe.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zVIUBaYaKS45%2BvTY4SFKIwZCJcAiUV%2BIiH%2BCTr9MmQt2myBEkn2Obo%2FWkYuxxdJdMlZ6XcFJp5tA9TXSckvRuFM1qK%2Bw3Mq2i%2Fg%3D\"}]}\r\ncf-ray: 9b9560aeae6d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23606,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (23606), with no line terminators","md5":"ffc2a9646f640ee24bec96371d8896d5","sha1":"43fb84011d63dd3ee53c4c5a6ed7bee651bc780b","sha256":"ee75b3f83f6bb1fe59b15f18a040463973036c403110a597b3e77b659b240fc9","sha512":"19765f02ce6babd708e5a582fce2a697188168486b56c78f66d75c7ad4d29e02371f839d2b967fa8094e949f2fa6de2e478d24e24b3150f0eb404dcef6fe63f6","ssdeep":"384:/bEM6MGSQhbWOoOSQ6b82p7X4WsIBcf9CkSfA9CM3ORBq5T25iaTuJ8jFNDtv/LO:/L67hSOoe6h7X4WsIBu9CkoA9CM3OTq1","tlshash":"63b2d7e993f4b6e0a006e3f8d607a8793a6e19fd7b32c95893d95c20c5910dc266ddc3","first_seen":"2025-09-13T11:18:32.113392Z","last_seen":"2026-06-06T23:03:42.228319Z","times_seen":14117,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/fr.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/fr.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EVYkN%2B993xb%2FvauPBVtWXoLu46dkZN8vn%2BoRkfGyjgoPU1Z37XlWQUe46naKnYrb1l%2FhTaRhyF6%2ByrthmPIphR22gC7QMtnbH2M%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c688a656bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"c1a36c711f0ae0ab46c7dce06f63a723","sha1":"5cff6743ac6eed2912288bacd35c363a2d586d18","sha256":"861059eae96aea4c38466209edfad68fbd84ada37bae4ccac92d03011046a524","sha512":"e8d4869bd8d77613770a36de15c23dfade7a3bf3a465c4a6c79be55d9d6660874b5cbb60e631f04964840d3b4d736ceb25f31b30779e8d5ec64023f8e855cdeb","ssdeep":"","tlshash":"f0d02b9dd07de0c448138b703fde31c1418a6326364600dab047272861cc3ef7e40f04","first_seen":"2023-04-07T23:46:38Z","last_seen":"2026-06-07T06:25:06.393095Z","times_seen":6185,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/_next/static/chunks/48492-0bc1607565afbdb4.js","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:15.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /_next/static/chunks/48492-0bc1607565afbdb4.js HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:15 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a3Ds0gmjrqvC9tFdRM4xx1WlyZC72dAVPEEFf80PbV0YLjvy5pi0L4mwyCfrhdfxzV4EvPOLcxWso1nvZozf%2B7h62w28YxCURdo%3D\"}]}\r\ncf-ray: 9b9560aeae6a56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21387,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21387), with no line terminators","md5":"528dd0f6fd9bdfc0f88a1d0016e92335","sha1":"4c0a8461de0d0f4be617b061a76bfc085764bdba","sha256":"68a15987fe15c14f83fcf933f5a667c4776ac216deb797a30307df36055f11a6","sha512":"d3b48b7f7d5fbc347ac82a431d335a291bc134c762ab2d6e97d2d77d9bae3098111f7861ab0e99683baee849720a7ab11331b3cc2ff9b965e64d26248cb55bb1","ssdeep":"384:/TwF4MO8nMLRISXy85PBRB7/52krBSTNN8txdOTTpPNUp0icpUAHEvDBUgf99Kxn:bwF4MGtr/PfzjsT778bwq52a7TY","tlshash":"eea26c2b58325876b6d7bc748cae504c596fd14ba72908ae777cee7404c70ac394b3c9","first_seen":"2025-12-22T17:51:04.099982Z","last_seen":"2026-05-26T05:03:28.610686Z","times_seen":2841,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/api/extra/promoIp","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /api/extra/promoIp HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wintakeo.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mIpvdZBMvBTmajDXxco4qE3LqbFRPkjjhahZbjL%2FFWqjWpobKNyCD0GtCWECNmhfNMlVTuAoUXQX3X4qx5vJt%2FP5UDXcINzTcUQ%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c2c85156bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-06-07T08:15:34.930405Z","times_seen":153959,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/holiday/bottom.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/holiday/bottom.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:18 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WXKjCdAi6hTqAdQb9hn0TFlY5LGmzarRN5%2F01AGwkLyFOvYSXK88QGYYU03aTQM5EfsUwoEFPrJp3zPyMYtmtzuqZfZmadsE47M%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Mon, 05 Jan 2026 19:28:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c5f89056bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1628,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"165634688949125db4ac194fe8681813","sha1":"c8d8f84854dc11683adff1b17974b18a3077173a","sha256":"865ac8ef0db76c4a0224fc4a29905e93b9e1cf278b42f7c95c8e1d82312d5e42","sha512":"9a4001c1e30d41bda349a631e7e00d8cf2528532717f23c5f19db0ac56dbd771e779ba07390b0c8fbe0beb77b3996e45b9bbef7b770850f8db207beff1888a7c","ssdeep":"","tlshash":"f2316f5c60b6ed389984c14c8d1fe0f5361f2fea07d6975620844dadfb094ff29626d1","first_seen":"2025-12-07T15:18:05.832815Z","last_seen":"2026-06-06T21:26:14.907094Z","times_seen":5537,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wintakeo.com/global/countries/in.svg","fqdn":"wintakeo.com","domain":"wintakeo.com","tld":"com"},"ip":{"addr":"172.67.217.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wintakeo.com/","date":"2026-01-05T19:28:18.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wintakeo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 10:12:49 GMT","end":"Sat, 21 Feb 2026 11:12:45 GMT"},"fingerprint":{"sha1":"95:F0:A5:52:7A:B0:6F:BC:C7:CD:EE:A9:C0:AA:CC:ED:18:E6:26:FC","sha256":"CD:83:07:CC:45:10:98:A5:43:7A:12:F5:00:1E:D8:7B:EB:89:D0:B1:7B:FF:1C:2A:0D:65:0F:FE:21:1E:A1:8E"}}},"request":{"raw":"GET /global/countries/in.svg HTTP/1.1\r\nHost: wintakeo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wintakeo.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 05 Jan 2026 19:28:19 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VRlc7x%2F8FWgo81TZIvw06No6Kp1qL1AofrD21Qi4uj2wPQ0s5JBv9nYKiX38BpAXxx9cywMuNIYT55zQrQlTWmhcPk%2BusRTe124%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 05 Jan 2026 19:28:19 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9560c698aa56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2301,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"f0c892dde95804d59b20416b8db9fcbe","sha1":"41f09b07a8c26144aff93575ba4a07a0122bdae6","sha256":"aa82222076d0dd86dc6f37947faf10333212886549a33c4fcf6b44141b702018","sha512":"8eadf55e31f49edebffdb864eeec76900caf6f5163d2e3cf1988757271bb7c5e2c26c3986b4fe5b2f8953e733ea0c4bf4fb3cce0ec4d1010e20f5125abde3ac7","ssdeep":"","tlshash":"2e4165a9717df8cd9b01c6fda63bb9f1b00f50496b12d3a9b55b0f0a481a4fbb0056e0","first_seen":"2023-06-13T16:46:48Z","last_seen":"2026-06-07T06:25:06.429693Z","times_seen":5796,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"wintakeo.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wintakeo.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}