{"report_id":"0988794a-5641-409a-98fc-530b7682a5c9","version":6,"status":"done","tags":[],"date":"2025-10-10T09:46:49Z","url":{"schema":"http","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"104.21.12.78","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"title":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club"},"submit":{"url":{"schema":"http","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"104.21.12.78","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-14T09:46:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"filemoon.to","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"pqham.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-24","domain_rank":0,"first_seen":"2025-09-25T19:27:54.298522Z","last_seen":"2025-10-04T05:11:49.54624Z","alert_count":15,"request_count":15,"received_data":1457101,"sent_data":7029,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"filemoon.to","ip":{"addr":"186.2.165.35","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"unknown","domain_rank":57502,"first_seen":"2022-05-09T13:43:27Z","last_seen":"2025-10-10T09:43:59.56454Z","alert_count":2,"request_count":2,"received_data":16913,"sent_data":911,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]},{"fqdn":"fin-3dg-b1.i8yz83pn.com","ip":{"addr":"185.237.105.49","port":443,"asn":203973,"as":"Eurolir OU","country":"United States","country_code":"US"},"domain_registered":"2025-06-09","domain_rank":666526,"first_seen":"2025-06-10T20:15:52.071598Z","last_seen":"2025-10-04T05:11:51.950832Z","alert_count":0,"request_count":4,"received_data":1671022,"sent_data":2311,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"adexchangeclear.com","ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-10-06T00:41:06.921479Z","alert_count":1,"request_count":1,"received_data":1883,"sent_data":820,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"usrpubtrk.com","ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-10-08T13:20:00.058427Z","alert_count":3,"request_count":1,"received_data":524,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"videothumbs.me","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-03-25","domain_rank":57216,"first_seen":"2024-03-25T11:39:58Z","last_seen":"2025-10-05T00:29:55.012373Z","alert_count":0,"request_count":1,"received_data":54007,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pqham.com/js/xupload.js?v=3","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"200f7636e884860eed563210f5125c16","sha1":"3312a1318afed0df1fa4a93cac2016165c651f28","sha256":"01cd57ece4bf51c9db1a880a36145f8bda86634cf6b0cb69e6f9e7f187c107bd","sha512":"4d595766d559a98fd568a0d9c6cd416433d0040cf58c53882979173a06d8fb83d8d4b85fb4f17295564415e25542cb574baafeb8fa45fde4b4912b111a57622f","ssdeep":"192:INTUEE9YGs1axsrl6IsZWnrbll621w+4UWdRebMQ4WdReDyYQaQv7OsaaFg+Bnqa:aTfy+tBlV9GRebVReDyYS7OsaaF10fWd","tlshash":"2732664abaa379912a7730390bbf52043b398407104ada54bd5cd6c4af8452897ffbfd","size":11090,"data":"","first_seen":"2025-04-01T07:40:59.757125Z","last_seen":"2026-01-14T01:06:54.851265Z","times_seen":891,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/bafsd.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2432aca90e92e0370d2ded2545eb1fa","sha1":"8f1ae40f7dc9c4ccfcb91d04530a1f072e9d06eb","sha256":"89c40275bddb7257d519bda010de1c4df70a30b5f84be325f2ae53168f276cb5","sha512":"7278ab65bac73bbba9750c49161c677ad6d98d8d16f5f692a3b19e99423c2b32a9785a1bd4045321f4ffd0cf3c6270e5fe4b4ab1cc7bbe4f7cdfc3c40bb3f373","ssdeep":"192:Tb2KC3RtGFnoYcAb/XkLM17rbN5rYrWcYYgC/55wJjJUjfQFU75+xCj+8NcC+5wK:WLsrqh56lUb4kochTK","tlshash":"a852428b738da2be86fa33e4c43f2494e97ed272c115c4fab5b58a801d90815c397d79","size":13706,"data":"","first_seen":"2024-10-04T15:55:15Z","last_seen":"2026-04-04T23:25:20.046081Z","times_seen":1311,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e1feb832081045c2d3069c4fe8ae3136","sha1":"387d0e8ed28e5cd200ee92e7b0345d490fe277d9","sha256":"224d2667c908c7a766bc845b432f3ebea9f4c54e469252803de7914757a7ebb1","sha512":"2e0510c67579259172e3ec468933289cea1464caa39227bcc392155d00e1137904e1ddb7f24522c049a3565add7318e031ddd4234d4cc25596b3ea04ea94ac24","ssdeep":"","tlshash":"09c04c6b669df03ac07aeb79c560b0c7b93a6069d152aa8e32442968b3031096d814bb","size":148,"data":"","first_seen":"2025-10-10T09:46:53.198606Z","last_seen":"2025-10-10T09:46:53.198606Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3ab765cfb4c70f020f792621ba116916","sha1":"a6001826cd9641d24a835e996be3c7bbb42315b3","sha256":"bb0698e4da200307adaedd202b1f492090b5efca944a659e7c0d0458754d9ce2","sha512":"597e57ec2410de3a9d2ba89f5f8871d01d2da68108a4e759369088c0b226b3656fb9a0c997033f523c161b963c91b6d73c85c7362536f135cbf056020acb36a3","ssdeep":"","tlshash":"ad9002d8825d84272d641448459d4de2946e5425d9105693388452d091a12d0c01a000","size":56,"data":"","first_seen":"2025-10-07T15:12:19.033367Z","last_seen":"2025-10-10T09:46:53.20266Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8/vast.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3cd85ca1814c3fd976764bf6b83b989d","sha1":"90e931622205c6adfbc75cfe681563a127580f05","sha256":"2e4fe3d8b3565a3f8b5ec0ecfe0e5f26a756401b6847dd475327793da41897f5","sha512":"79ef69e9df2dc8184962724bf27bffca5a509c89d5e9a9ae8f350b1f2291a4851b7ce31b2649f2678097e92559cd4f31344b4996f7abf1c0fcd7af71a0a3cc7b","ssdeep":"1536:clcxhF+/+IrkRT+N+uD9CwS65+sDS0VjE3vuV1WuSpimRmmy/k0xeo+egJvLc9gD:cSpuD9CG05Vh6gV5hQfs","tlshash":"8da3a78e7395b52146d2a0b8603f01067337160f680e826cf56aedea5c7da4e727bf74","size":107114,"data":"","first_seen":"2023-09-18T06:50:32Z","last_seen":"2026-01-17T22:53:50.787658Z","times_seen":1185,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/dnsads.js?dfp=1\u0026ad_code=2\u0026adsrc=3","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"99eccae6afa72c589ae54b5c3890282a","sha1":"0f102f8f5b556635de65d16cf70fa8269c6761b4","sha256":"b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3","sha512":"01bc413c1695c125b8ab111c60974da99989b618fb674631d998db519996966c569503efb97a3c760b50069e87b6b42891985b00c64810a43935ada075a19d24","ssdeep":"","tlshash":"eb8000ee08e2bcbec02c0000000e02a802b00c00a023ac20a00e8e0233e2e20c228c3a","size":38,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-05T01:53:15.268167Z","times_seen":2588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8_26/jwplayer.js?v=5.0.2","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f91de142eed44442bad231961488c5d0","sha1":"ea6c79968011a5b59e444d792f7ab048a1f7e31d","sha256":"b3031ee0f2674c203fe1400df12a96148c4bed344553fc9063c3846ba8466295","sha512":"9870ce81ead889f1a2f26abb9bc4cf17d69abba0eadec70d74e299d52791c66ab4b4669f747ef35e429928ed718d09b31ecdefee26fbb7498f694b56fd8ae370","ssdeep":"1536:lrGRl1EevCcKntukU2YYKDjAPkotbKSrvodmBiScMsz1x5rjk0ECjIUMj7DEYR/H:DeQtqR/wooiAUMj7DT9","tlshash":"5fb31ae631c2b4e643e628daa07a4041f23a0545380dc5a4fa6cede63d67947b177fbc","size":111441,"data":"","first_seen":"2024-04-13T15:29:14Z","last_seen":"2026-04-04T23:25:20.03662Z","times_seen":1519,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4f98cf8486a8beb4d2d271b8e9304216","sha1":"112dd81cdd24e37a4554c9a5c5327b30a476acf8","sha256":"77b18c051d8450512853f4643dd7ac0e4c3205b7ec4cd1373ca5ad0dd2f470c3","sha512":"110b22e3e2f501f3dcc8f1dea02efaaa338ae6379f15907e15301de227279570bd997c4dbdb46e3c8814dd61779303c6fd26b9c0dfe53f3a733c1379da5e85aa","ssdeep":"","tlshash":"ca90003208200280ae2c0a20200aa0888820ae3b232208a28bb20a0a08088a0028cbe2","size":43,"data":"","first_seen":"2023-03-08T08:46:55Z","last_seen":"2026-04-04T23:25:20.057094Z","times_seen":1569,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8_26/provider.hlsjs.js?v=2","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f95e38aa7bb0943693b51bd6a7deed0","sha1":"26c89f76894108f76ad23af32ecc6b1e708993ba","sha256":"1b1263b7061aaca7fe0b69168b16cb2401a7fe2ada08ccfdd373ee06c7d125b1","sha512":"664696a45bacbf3ee40fe544f92104f568b10a6cffb6a3fffa9afe351294d00dc0a1883d50cc799a1b1dba0fd00797047729670ee72c19cf0e302539fe63b075","ssdeep":"6144:GCXemC8LqtXLauG9L2aEyflDc2iGLY6I2KlqJxRC9i5q9GYqT:1MXxG9L2By5cbOYRqJxRCG","tlshash":"36943bed7795a02642c2a1a5903f4617633b7d0a3409c1bcfa2be9d75db8849b03bf74","size":422959,"data":"","first_seen":"2024-04-13T15:29:15Z","last_seen":"2026-04-04T23:25:20.043811Z","times_seen":1506,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"04404463a9ad910ac9678707bfa07a11","sha1":"eaa0918a21c03fb62f2ef7bc7ab50b1e68a36aa9","sha256":"c69969e17f6fefbd340201909260bff1b875752913eab9f4c5810c00c2cedcfe","sha512":"11efaaeb63e3239dc6abd73970dc109db855f7f4dba0b18552212855a36ab0901e678de240cf15767af50a415465887b4f4341c8b4d5f97c1aba0143465c96fd","ssdeep":"192:uzrmeKqJAsIHlIfhzLuxb+O8Y18l2w9hphmpW:uueKqkHlIpzLuF+O808AAhphmg","tlshash":"df02d69da5942c2bc27321f87e63b104227b4e51de9dcac8f4b2158825b959331bfe8d","size":8693,"data":"","first_seen":"2025-10-10T09:46:53.207526Z","last_seen":"2025-10-10T09:46:53.207526Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/jquery.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T08:46:14.875013Z","times_seen":445238,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d882b49167571a8dc4de310e0b2e623d","sha1":"426f496e1155dfab34840a7a467866838448c8d0","sha256":"6dc67eafa621e57610ed67c02b1c0c5532e495dfe555dcade99fb81b6744899b","sha512":"aef46b85426812f38eb29a030e1f82d73c053df2d2d9077eb0563f9906353228fd5ffec1d5afc12a76b564031171bf2ec78c994b883ebed865ebe5aad64fc674","ssdeep":"","tlshash":"e3c02b64e22c32c038bfe310486beb2c7503a5337f4b4e54196954aa2c2cd3b705b9f9","size":154,"data":"","first_seen":"2023-03-08T08:46:55Z","last_seen":"2026-04-04T23:25:20.056389Z","times_seen":1557,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d5f2dfc871117e44264ee487d8e08e03","sha1":"84df50deb1da07577c6308d6229b6838977355ca","sha256":"1d38267e6325306a1b5993faaf6250de6fdcffe27bd9a654895482f7662cab0d","sha512":"1507e457223f7d9e4236fc7b490a455e470aea75c55eb5ecd08e819e01c0e7722e0282e865d96d806c6ba65a6f62d53d32453633689c4f4afb8f8c506befb41a","ssdeep":"","tlshash":"e83155b63128347882f5166f7cbb664df07756512d1e9080905ce4643828f79f6334ce","size":1529,"data":"","first_seen":"2025-01-25T03:50:38.139741Z","last_seen":"2026-04-04T23:25:20.057817Z","times_seen":1084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"47a7df3210911e27dfdc28583faa9264","sha1":"fb289b528d31f67e951e5415dd4e0cfca739b654","sha256":"f46f00646225f54664e4d7bb625fb06dbcfc86904826cd3382efa56c4d524ddc","sha512":"c6430fbeb6dc94e8b607f85825c3aa2b6486101fe3df10da8031dc7577bebdab521a32188470000a00d165a87657a8956349684e4ccc1a332b14f4d66f8c08cf","ssdeep":"","tlshash":"a3a002a81264d1729c5915dea80a854c3618b561875976465763b924954c2520274d28","size":60,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-02-10T10:28:48.923754Z","times_seen":1349,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6634048577e489d32bd61c40958fb942","sha1":"1048e55e20509e0f66e1ea4c3565b5b603372cd9","sha256":"19a93daf28f0092532110ab627a271efd08edadf0bf68f7bbd709b14ed845eaf","sha512":"1b348e1c9da4b6cee71bf88117bd11f1a2550c2e66bf696b80bacd1d4f98cdf5619b3c0464735929bf4115b39720f872969d35f38981b1bb68064a565390bf72","ssdeep":"96:dbI6U6OiXHdiyXoX3cjIN9cqLkm75f5tjikJ5Vgsxm+H3qNOMix0/6a:dbI6Uut/asU9XIm75f5tjiag5+MBua","tlshash":"2de11b2e3c9f5c17ee50049c140fa204b7912da77a28c122ed5dd94b6bc9bc1b6e7a9c","size":7256,"data":"","first_seen":"2025-10-10T09:46:53.216782Z","last_seen":"2025-10-10T09:46:53.216782Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/jquery.cookie.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","size":4331,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-05T05:55:35.039721Z","times_seen":4354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/ls.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6784d7271569579cbc7e508fddb3fbb","sha1":"61be0722316952e865893972791486e26961cdda","sha256":"96f2f3c87be4a0582def1b5e1e9e19aa0529adb7fd9277cede56c1eefd906d01","sha512":"d42027f51f276430f53215a68100fea2106e2c4347a28ebf9fd6e11c7c42fff66c5638f8c5981a0f2a15c3ff8a17ee44c8cc5abfef0ebeeafd2f8d8662f41ce0","ssdeep":"","tlshash":"b841118275e1d9904be004e728b0c002e638992e705d62d0f7b7dd827c9909bcfb57fa","size":2063,"data":"","first_seen":"2023-03-07T12:42:21Z","last_seen":"2026-01-14T01:06:54.841625Z","times_seen":1446,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/pcap.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"637bdaadd5e448f095459f0d9e2eccd6","sha1":"69ee65f814df6fe58bf7cc699f1407f1a03fa612","sha256":"366d7bbfaf8014c064775bf8b874914fee4c186a75cd161f34502d36a695c6f0","sha512":"9d7d90566a51edd267b06c3e0c83efd6f3138f7b4155cc593b102a72b7df4fbfc0fa3c2e4ed86fa8c5f5ca7e70acd225fa94496f15903956187e67680bb92c1d","ssdeep":"6144:V+rFR9B39Gjd6Y3jeumFQg/BJz0GO9A/TGEOBsBrufLnpr2:V+RRr39GjgY3j7mFQg/LzK9A/TGEOBYf","tlshash":"944429493352b2f63bd250d55c3ba506e2365059780d8428f6ecc9d2a9afdce6232f7c","size":268737,"data":"","first_seen":"2025-10-06T21:49:09.009799Z","last_seen":"2025-10-10T09:46:53.110291Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8_26/jwplayer.core.controls.js?v=2","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fee77850b6b254569cf03f43a4dfdde4","sha1":"35841d306d3404fbef6825371ffdbcd992ade913","sha256":"50b22ddf7e9cf49716e33660cc9de3c2bbf3cb90f203d8af93810f8f97bdee3f","sha512":"84d9c23a355b9aa6e6d37f4e4090a41a250499a6c3bb8d5808fa2851a376edfe71d7f1d3d35f658266299339ae88c85fc478a820014c19eeed4e026b4cdab683","ssdeep":"3072:wKH7nFuhglX/qZ3ux2wI9Y7J+3qbOXUvDY6MnJMyXR286CcYZ6mfjq:vHxA4/qZ3V3Y7J+30Y6MnJt2lSZ6mfjq","tlshash":"7d641832214256359aea82da76514604b3398085f516cfacff2ceddd4c6e8cb31f6bb4","size":326903,"data":"","first_seen":"2024-03-12T19:48:43Z","last_seen":"2026-04-04T23:25:20.028253Z","times_seen":1793,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"pqham.com/adcgi?id=4074506","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:28.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /adcgi?id=4074506 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 10 Oct 2025 09:46:28 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Fri, 24 Jan 2025 17:58:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q3fcoNP%2F9zP2qhQq%2BwGum4Xlh1aKdRyx6nAAZadPHX6jzVw8aZEUQmugvdSgwp8gPy5lDkrTlxkchE9pmbaaBrtUPWAOSWY%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98c530d65f39b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2047,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"78598915b8026c43308f5937da5c2e3e","sha1":"2423083b2bfdfde76ba2079493f33d58097f05cf","sha256":"b381f11049433f95c1fa966ba65661e7905b58e240ada758a49ab86dc7f86f27","sha512":"37d6d32c9840e601b8c561e63b54c3adc5a38cd3e2d6fb91068f176879a0a16ddc0a2f22c48d5d9a2babbaf64c3f4b523b8a02bad48a758c42995f5756fb0e93","ssdeep":"","tlshash":"c64104151cc0942503327366aa17b294f142e11bcb06af503dddd29b2fb1a898d73dda","first_seen":"2025-02-01T20:10:50.054059Z","last_seen":"2026-01-14T01:06:54.864301Z","times_seen":799,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T09:46:26.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /bkg/yqoaa9bp1xyu?ref=gayteam.club HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 09 Oct 2025 09:46:26 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=326NxAn7XN%2FrU10GWzLKJ59EPxi72zRh7SdvV%2Fi52jAcEZ2EJjgiJs7Er0S7o3X4u8HycTPog72orx8NQM%2B7pwIgQ80tXBU%3D\"}]}\r\ncontent-encoding: br\r\nset-cookie: lang=1; HttpOnly; Path=/; Domain=pqham.com\r\ncf-ray: 98c530cbfd81569a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":11008,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7307)","md5":"9b49c3cc40a6f634c8d1d22801a42708","sha1":"9ba45208bab8b2329c58272f74af4c419c492d26","sha256":"58a8ad0fbf23f60c4133cf0fed63335b27a0613b1bbc5efe1e08c876ef08a9c3","sha512":"60c43d7a8b1b319d48f2cc3e935971bd93c09e9c9fc5d630d97731cd8c09cda006b5418f7db9941bfc0d87b8b5db5472ffa2e95bbef48edef1f66c93111a9b40","ssdeep":"192:enxUBl+9XqStxpRwZ0bI6Uut/asU9XIm75f5tjiag5+MBuIQ:enqBl+8S7pRwZ2vZRUxIm75f58arIQ","tlshash":"bb32192e3c5be82b9a90009c542ff10cf3969953bb28c451f5ddd84b2798fd469e399c","first_seen":"2025-10-10T09:46:53.095356Z","last_seen":"2025-10-10T09:46:53.095356Z","times_seen":1,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":49,"dns":0,"connect":1,"send":0,"wait":221,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/ls.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /js/ls.js HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Tue, 14 Feb 2023 11:28:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 11 Oct 2025 01:20:56 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 548730\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7POstIxolxpSW9v%2Fh8RUNtMe7DgnTp5kE0QXfb4ghwM1hKYNIzQiAjCINbwrOuGORWqon0k8WxlaRePwUFEsqcpQ74rcsfs%3D\"}]}\r\netag: W/\"63eb7076-80f\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7fe9b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2063,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2063), with no line terminators","md5":"f6784d7271569579cbc7e508fddb3fbb","sha1":"61be0722316952e865893972791486e26961cdda","sha256":"96f2f3c87be4a0582def1b5e1e9e19aa0529adb7fd9277cede56c1eefd906d01","sha512":"d42027f51f276430f53215a68100fea2106e2c4347a28ebf9fd6e11c7c42fff66c5638f8c5981a0f2a15c3ff8a17ee44c8cc5abfef0ebeeafd2f8d8662f41ce0","ssdeep":"","tlshash":"b841118275e1d9904be004e728b0c002e638992e705d62d0f7b7dd827c9909bcfb57fa","first_seen":"2023-03-07T12:42:21Z","last_seen":"2026-01-14T01:06:54.841625Z","times_seen":1446,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/pcap.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /js/pcap.js HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Mon, 06 Oct 2025 17:06:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 13 Oct 2025 17:08:29 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 319077\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6gTLRicVfkG%2FHuRv8h1GwOKNUk5NUsGzy5HaVJJ60yPxB6%2BLqdT3ofQzwW6HQwBo1ThtRYLhMQ7FZ4rVnoPh4bPLu5iArAg%3D\"}]}\r\netag: W/\"68e3f719-419c1\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7fecb517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":268737,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48331), with NEL line terminators","md5":"637bdaadd5e448f095459f0d9e2eccd6","sha1":"69ee65f814df6fe58bf7cc699f1407f1a03fa612","sha256":"366d7bbfaf8014c064775bf8b874914fee4c186a75cd161f34502d36a695c6f0","sha512":"9d7d90566a51edd267b06c3e0c83efd6f3138f7b4155cc593b102a72b7df4fbfc0fa3c2e4ed86fa8c5f5ca7e70acd225fa94496f15903956187e67680bb92c1d","ssdeep":"6144:V+rFR9B39Gjd6Y3jeumFQg/BJz0GO9A/TGEOBsBrufLnpr2:V+RRr39GjgY3j7mFQg/LzK9A/TGEOBYf","tlshash":"944429493352b2f63bd250d55c3ba506e2365059780d8428f6ecc9d2a9afdce6232f7c","first_seen":"2025-10-06T21:49:09.009799Z","last_seen":"2025-10-10T09:46:53.110291Z","times_seen":12,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/dnsads.js?dfp=1\u0026ad_code=2\u0026adsrc=3","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /js/dnsads.js?dfp=1\u0026ad_code=2\u0026adsrc=3 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Mon, 13 Sep 2021 15:50:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 11 Oct 2025 03:35:06 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 540680\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=31jz5ndqg8oMhBdXsj7N8TSBCnsEwCj8QeOZSjAxiKx5rIxZjZaMG56iRyoOywli1d29QUKykC3uyoXCKESGyeCqeqIoZv4%3D\"}]}\r\netag: W/\"613f7336-26\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7ff3b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"99eccae6afa72c589ae54b5c3890282a","sha1":"0f102f8f5b556635de65d16cf70fa8269c6761b4","sha256":"b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3","sha512":"01bc413c1695c125b8ab111c60974da99989b618fb674631d998db519996966c569503efb97a3c760b50069e87b6b42891985b00c64810a43935ada075a19d24","ssdeep":"","tlshash":"eb8000ee08e2bcbec02c0000000e02a802b00c00a023ac20a00e8e0233e2e20c228c3a","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-05T01:53:15.268167Z","times_seen":2588,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8_26/jwplayer.js?v=5.0.2","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /player/jw8_26/jwplayer.js?v=5.0.2 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Apr 2024 14:58:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 12 Oct 2025 02:49:54 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 456992\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CsZcxGUUzp5roZVzzS843j61PULuwYTfZ85b79CISFg%2BHAyQidVOl1xSCxQfmj9O5glUdJz3Fg6aUf3vpXlPbgsi98D67a8%3D\"}]}\r\netag: W/\"661011a3-1b351\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7ff0b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111441,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65511)","md5":"f91de142eed44442bad231961488c5d0","sha1":"ea6c79968011a5b59e444d792f7ab048a1f7e31d","sha256":"b3031ee0f2674c203fe1400df12a96148c4bed344553fc9063c3846ba8466295","sha512":"9870ce81ead889f1a2f26abb9bc4cf17d69abba0eadec70d74e299d52791c66ab4b4669f747ef35e429928ed718d09b31ecdefee26fbb7498f694b56fd8ae370","ssdeep":"1536:lrGRl1EevCcKntukU2YYKDjAPkotbKSrvodmBiScMsz1x5rjk0ECjIUMj7DEYR/H:DeQtqR/wooiAUMj7DT9","tlshash":"5fb31ae631c2b4e643e628daa07a4041f23a0545380dc5a4fa6cede63d67947b177fbc","first_seen":"2024-04-13T15:29:14Z","last_seen":"2026-04-04T23:25:20.03662Z","times_seen":1519,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8/vast.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /player/jw8/vast.js HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Thu, 08 Sep 2022 10:34:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 16 Oct 2025 07:05:37 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 96049\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MY9BePbauSVFAX%2BVRESL0kXl2MTlSnsNIlbyEwqLmJXokVuBaHjuPHl2K9fmQwAKjSUtX4w6oBFbJL68b7YcM70EXW4qtf8%3D\"}]}\r\netag: W/\"6319c542-1a26a\"\r\ncontent-encoding: br\r\ncf-ray: 98c530cfc97eb517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107114,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3cd85ca1814c3fd976764bf6b83b989d","sha1":"90e931622205c6adfbc75cfe681563a127580f05","sha256":"2e4fe3d8b3565a3f8b5ec0ecfe0e5f26a756401b6847dd475327793da41897f5","sha512":"79ef69e9df2dc8184962724bf27bffca5a509c89d5e9a9ae8f350b1f2291a4851b7ce31b2649f2678097e92559cd4f31344b4996f7abf1c0fcd7af71a0a3cc7b","ssdeep":"1536:clcxhF+/+IrkRT+N+uD9CwS65+sDS0VjE3vuV1WuSpimRmmy/k0xeo+egJvLc9gD:cSpuD9CG05Vh6gV5hQfs","tlshash":"8da3a78e7395b52146d2a0b8603f01067337160f680e826cf56aedea5c7da4e727bf74","first_seen":"2023-09-18T06:50:32Z","last_seen":"2026-01-17T22:53:50.787658Z","times_seen":1185,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filemoon.to/assets/images/favicon/favicon-16x16.png","fqdn":"filemoon.to","domain":"filemoon.to","tld":"to"},"ip":{"addr":"186.2.165.35","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mobile-detect-modernizr.filemoon.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:59:49 GMT","end":"Mon, 27 Oct 2025 02:59:48 GMT"},"fingerprint":{"sha1":"DF:D9:2D:8F:D9:5C:09:CF:58:97:C9:A8:65:7F:61:1E:65:0D:F9:1E","sha256":"77:2C:3D:04:C0:DF:50:0C:99:B0:1B:7C:1D:2D:C7:58:30:62:3F:8F:64:A7:E1:80:6A:0C:86:13:C2:08:04:03"}}},"request":{"raw":"GET /assets/images/favicon/favicon-16x16.png HTTP/1.1\r\nHost: filemoon.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=WXV0lnItN7bbJKdE; Domain=.filemoon.to; Path=/; Expires=Fri, 10-Oct-2025 10:06:27 GMT\n__ddg10_=1760089587; Domain=.filemoon.to; Path=/; Expires=Fri, 10-Oct-2025 10:06:27 GMT\n__ddg9_=91.90.42.154; Domain=.filemoon.to; Path=/; Expires=Fri, 10-Oct-2025 10:06:27 GMT\n__ddg1_=AMLNtpHrJDm6lsxl0TH2; Domain=.filemoon.to; HttpOnly; Path=/; Expires=Sat, 10-Oct-2026 09:46:27 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 07 Oct 2025 15:02:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 370\r\nlast-modified: Tue, 10 May 2022 16:16:39 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: \"627a8fe7-172\"\r\nexpires: Tue, 14 Oct 2025 07:08:14 GMT\r\nage: 240235\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"1890e941734d87980f46cd0d6b83c3f6","sha1":"999a3546ab4605a3988801f45b77df2df0773e51","sha256":"fa5d0d05df5fde625a3d244297de45ca7d82efd60e89646730e8cffaafac7049","sha512":"7b262771b611e17586ed3aa39034a72a6bd2c12ce2672556c075a15a1351b47b0deb69b971819a72e7bee0d90b62db04ccfdd2f4ea72fbb57fbb1ba40ebe234f","ssdeep":"","tlshash":"42e0f8c093c7383dc00dc9aba3867620883f6f8c8122a67ca11860a7216a8a81112a88","first_seen":"2023-06-02T21:55:34Z","last_seen":"2026-04-03T20:40:39.155784Z","times_seen":323,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":1,"connect":20,"send":0,"wait":34,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"filemoon.to","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fin-3dg-b1.i8yz83pn.com/hls2/02/09319/yqoaa9bp1xyu_h/seg-1-v1-a1.ts?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p=","fqdn":"fin-3dg-b1.i8yz83pn.com","domain":"i8yz83pn.com","tld":"com"},"ip":{"addr":"185.237.105.49","port":443,"asn":203973,"as":"Eurolir OU","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fin-3dg-b1.i8yz83pn.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Aug 2025 13:33:34 GMT","end":"Thu, 06 Nov 2025 13:33:33 GMT"},"fingerprint":{"sha1":"FF:F7:7C:D6:25:B3:CD:94:67:60:73:6F:D9:7B:53:CE:4C:B2:82:AD","sha256":"18:01:EB:A8:38:AA:F6:84:88:5B:2A:C0:5B:30:85:52:ED:AE:03:E7:3D:89:C5:51:FF:29:7F:F1:6E:FB:03:65"}}},"request":{"raw":"GET /hls2/02/09319/yqoaa9bp1xyu_h/seg-1-v1-a1.ts?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p= HTTP/1.1\r\nHost: fin-3dg-b1.i8yz83pn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pqham.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 09:46:27 GMT\r\nContent-Type: video/MP2T\r\nContent-Length: 1630720\r\nConnection: keep-alive\r\nLast-Modified: Sun, 19 Nov 2000 08:52:00 GMT\r\nExpires: Fri, 10 Oct 2025 10:28:20 GMT\r\nETag: \"5f693e80-18e200\"\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=259200, no-store, no-cache\r\nSprint-Cache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1630720,"size_decoded":0,"mime_type":"video/mp2t","magic":"data","md5":"d50abb8ca64cf2132f1df0a99a1d31be","sha1":"53a328b19842f185b34b102528964fb1f402c72f","sha256":"6f65f48189a970331374da9d286764b8f8f99e4b6c37e8f4bc484a8eadc98ddc","sha512":"bfd005e5231bdc7b2f538b107058dca5185cf73cf447c3856c4b078c8d7cfd7e437cdfc9c6d3a4c63e16b6fa87f61a734384f7e780dc24a50fde0518609b30ce","ssdeep":"24576:j79Fz9zoRIr1L13G/XomThvYCaLCOsplisNypl/YIkmWe+Jj96JZW:7hAqRcXoSm9spl5NA/VkmWeQ6i","tlshash":"6f2533f507d91260af7bb64e8a8324c52fd33cd06dae37df095946e0ac0a78d25d948e","first_seen":"2025-10-10T09:46:53.135018Z","last_seen":"2025-10-10T09:46:53.135018Z","times_seen":1,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":20,"receive":436,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/css/main.css?v=4","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /css/main.css?v=4 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 26 Sep 2024 18:06:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 12 Oct 2025 03:36:57 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 454169\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0hOptxVyTqerEvxMdUf2GefUWKb2OmKfEDNr8GVoTOTIePwnyEmq9MR1CqpvFGvywrmDRWmXbaSnT2nG3LG54yRRXAfCqYs%3D\"}]}\r\netag: W/\"66f5a2be-c03c\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7fe1b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49212,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"5a72a30cb5e2721cf7e36ebd9846a4f6","sha1":"c03db81b75b19f829201db0d01d66ef189b8180a","sha256":"b0341644a22e09291520c4c51eac70ed71928ee3066f40fcff257c582afac3b1","sha512":"c14c1a55a29794083074096e789e74d3a3e875b03f6839258add2a90832077bd2cbf6e42f122658250c73865190d8bd6d16cd102699dba9624cf7288742d4ff8","ssdeep":"1536:AQV8FxnYgpAry26YsRwq9AOOGvC4DONcY63Rz:AQVMxnYxy26/AOOkHRz","tlshash":"6e239522a7812c0cf06bd1b67d6197d6233e4053d92b1f7c7ab93578c28e4e85173b9a","first_seen":"2024-09-28T17:15:41Z","last_seen":"2026-01-14T01:06:54.856866Z","times_seen":960,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/xupload.js?v=3","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /js/xupload.js?v=3 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Thu, 27 Mar 2025 07:57:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 11 Oct 2025 01:18:08 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 548898\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bl9BVVJAv%2B9ZRbqSY12IW0XVYcZzDqzElzacvEQ7mgGsrUA9sAFHK%2FGrH7Ri0JU83bbEWXipSyW%2B58eqJ6kMF7saGLTjIdA%3D\"}]}\r\netag: W/\"67e504f8-2b52\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7fe6b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11090,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"200f7636e884860eed563210f5125c16","sha1":"3312a1318afed0df1fa4a93cac2016165c651f28","sha256":"01cd57ece4bf51c9db1a880a36145f8bda86634cf6b0cb69e6f9e7f187c107bd","sha512":"4d595766d559a98fd568a0d9c6cd416433d0040cf58c53882979173a06d8fb83d8d4b85fb4f17295564415e25542cb574baafeb8fa45fde4b4912b111a57622f","ssdeep":"192:INTUEE9YGs1axsrl6IsZWnrbll621w+4UWdRebMQ4WdReDyYQaQv7OsaaFg+Bnqa:aTfy+tBlV9GRebVReDyYS7OsaaF10fWd","tlshash":"2732664abaa379912a7730390bbf52043b398407104ada54bd5cd6c4af8452897ffbfd","first_seen":"2025-04-01T07:40:59.757125Z","last_seen":"2026-01-14T01:06:54.851265Z","times_seen":891,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/jquery.cookie.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /js/jquery.cookie.js HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Tue, 31 May 2011 12:53:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 11 Oct 2025 04:44:15 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 536531\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=URRU%2BlUsptOGyTvfk26jvdhCpmoUh%2F5oDvBmNEuqnusqH%2FyT%2FxPYubdSUjLW8z%2Fxo8idds%2FitqcgJO6l2MAXs5XJa8vpsJU%3D\"}]}\r\netag: W/\"4de4e4e4-10eb\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7fe8b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4331,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"ae0c2c5d8f01f7d35bb698bb618a62f7","sha1":"63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20","sha256":"75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc","sha512":"eac94ca9d884692af8bdf12aa6e902a3be4eed0772ad8f2932ac1c3328b83a7351cdf743a409bbc0a3cd385956c08d3203d51c572bb1680489e37330fe27a2bb","ssdeep":"96:L4BZxb64Ng7V8cNwpGylRCsKZcj1JXulL6M/aGByLskPSP4lBCClf1wgCyC:LQnb6eg7DgCsk8fgZJkPSPa+gCyC","tlshash":"2e91fd293a0d231d149353f57aee10c8a930d632216ad46c744cb6b06f00c63ddfbbea","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-05T05:55:35.039721Z","times_seen":4354,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=10489682\u0026cbur=0.4934912478296104\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fpqham.com%2Fbkg%2Fyqoaa9bp1xyu%3Fref%3Dgayteam.club\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=fqdpqpwruidrz.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1760089587072\u0026srs=0da56673c0271e40feda0fcbb0bf6db7\u0026atv=69.0\u0026abtg=1\u0026adbv=3-cdn","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 20:14:35 GMT","end":"Tue, 06 Jan 2026 21:12:18 GMT"},"fingerprint":{"sha1":"7C:B6:62:0F:43:12:2D:86:DD:92:D1:44:95:36:24:C7:2F:BA:B0:B6","sha256":"06:21:18:21:3A:A8:90:A4:4D:D0:A6:7B:7B:C8:4A:3B:31:47:C3:5D:48:A5:94:AC:08:75:A0:A1:DF:D6:B9:3C"}}},"request":{"raw":"GET /script/suurl5.php?r=10489682\u0026cbur=0.4934912478296104\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fpqham.com%2Fbkg%2Fyqoaa9bp1xyu%3Fref%3Dgayteam.club\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=fqdpqpwruidrz.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1760089587072\u0026srs=0da56673c0271e40feda0fcbb0bf6db7\u0026atv=69.0\u0026abtg=1\u0026adbv=3-cdn HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pqham.com/\r\nOrigin: https://pqham.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1euh7wrfnF6Y0OE9W2DYJ68NVxvSuC%2BSO%2BUcHqQhoH6QmixTAWl8OkJgBS32PRVt0a%2F4NAk2bNToq74gyl%2Bus7l2sa%2BrJboveRAGPZWQeoWK\"}]}\r\ncf-ray: 98c530cf58dab4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1165,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2e60d5f796b0597167fab27105eafe9c","sha1":"9673eb918a679f9753b41ca02bd7c405976839bc","sha256":"917d0bf0095fc0046ff6bfaa04ff4d7d4abe883172ddbf9e73a42fed22c94fea","sha512":"b750afcbb163c2abe1f296d07ab3bdaa00c4328bb305d445934ae1f1debb02e0d1ebf3caf2933ffe63357a5b077578d809ea66e53530c34d552fe5311a49e90c","ssdeep":"","tlshash":"2921da8f1fcdfa29226d059801b55a759c11b316ee9c6289e39e2d55c971ca0c85b053","first_seen":"2025-10-10T09:46:53.151442Z","last_seen":"2025-10-10T09:46:53.151442Z","times_seen":1,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":195,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/jquery.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Tue, 02 Mar 2021 18:58:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 17 Oct 2025 03:43:22 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 21784\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iNIU9aGlTu%2Bm4HVJdbSZP1hjpXoMPgfHdI7RqIu2ekccXS7riJMR0SJwE%2BaE1hS5rj3tKmS708BwTzGTbm2cVqx1IkgApSc%3D\"}]}\r\netag: W/\"603e8adc-15d9d\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7fe3b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T08:46:14.875013Z","times_seen":445238,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8_26/jwplayer.core.controls.js?v=2","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /player/jw8_26/jwplayer.core.controls.js?v=2 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Wed, 03 Apr 2024 09:09:34 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 17 Oct 2025 01:23:43 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 30164\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vH9Nmij%2Bm5bV6MXu%2BH%2Fzpcngl8%2FSlABKuDYNUjrI5HjlkbOczLRb0amCdviOjqS5M48v7Pkc%2Bl3H8HHjtt81YjI6A0DpJsc%3D\"}]}\r\netag: W/\"660d1cce-4fcf7\"\r\ncontent-encoding: br\r\ncf-ray: 98c530cfd982b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":326903,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65143)","md5":"fee77850b6b254569cf03f43a4dfdde4","sha1":"35841d306d3404fbef6825371ffdbcd992ade913","sha256":"50b22ddf7e9cf49716e33660cc9de3c2bbf3cb90f203d8af93810f8f97bdee3f","sha512":"84d9c23a355b9aa6e6d37f4e4090a41a250499a6c3bb8d5808fa2851a376edfe71d7f1d3d35f658266299339ae88c85fc478a820014c19eeed4e026b4cdab683","ssdeep":"3072:wKH7nFuhglX/qZ3ux2wI9Y7J+3qbOXUvDY6MnJMyXR286CcYZ6mfjq:vHxA4/qZ3V3Y7J+30Y6MnJt2lSZ6mfjq","tlshash":"7d641832214256359aea82da76514604b3398085f516cfacff2ceddd4c6e8cb31f6bb4","first_seen":"2024-03-12T19:48:43Z","last_seen":"2026-04-04T23:25:20.028253Z","times_seen":1793,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/player/jw8_26/provider.hlsjs.js?v=2","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /player/jw8_26/provider.hlsjs.js?v=2 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Apr 2024 14:57:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 16 Oct 2025 02:37:37 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 112129\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C7d0sHnrh6M8KWE1G9Ux%2B4B104WiFLsZmOyBzD1l9SrUooUp4Ar88i3DQcIoC2x9V9p4iRjmLmoMoVsNOe6ws2JzFk2%2FsY4%3D\"}]}\r\netag: W/\"6610116e-6742f\"\r\ncontent-encoding: br\r\ncf-ray: 98c530cfd989b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":422959,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65143)","md5":"0f95e38aa7bb0943693b51bd6a7deed0","sha1":"26c89f76894108f76ad23af32ecc6b1e708993ba","sha256":"1b1263b7061aaca7fe0b69168b16cb2401a7fe2ada08ccfdd373ee06c7d125b1","sha512":"664696a45bacbf3ee40fe544f92104f568b10a6cffb6a3fffa9afe351294d00dc0a1883d50cc799a1b1dba0fd00797047729670ee72c19cf0e302539fe63b075","ssdeep":"6144:GCXemC8LqtXLauG9L2aEyflDc2iGLY6I2KlqJxRC9i5q9GYqT:1MXxG9L2By5cbOYRqJxRCG","tlshash":"36943bed7795a02642c2a1a5903f4617633b7d0a3409c1bcfa2be9d75db8849b03bf74","first_seen":"2024-04-13T15:29:15Z","last_seen":"2026-04-04T23:25:20.043811Z","times_seen":1506,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.9037206359315144\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 14 Aug 2025 11:57:48 GMT","end":"Wed, 12 Nov 2025 12:55:14 GMT"},"fingerprint":{"sha1":"D4:3E:2D:C6:F4:04:8A:A6:38:80:A6:3F:B8:36:DF:7A:79:B8:B0:6B","sha256":"99:E2:A7:FD:97:EE:35:E5:8B:A6:DB:25:80:B5:FA:55:8E:72:BD:17:CC:CA:CB:6A:DF:CC:70:31:68:4F:F2:57"}}},"request":{"raw":"POST /ut/hb.php?cb=0.9037206359315144\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 822\r\nOrigin: https://pqham.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 10 Oct 2025 09:46:27 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jsKqfmmWDy8LcBWcRzt0Nglf75JZWKWUzpGlhCsSHBXNAdJxGCcxWYBUEWaOY0dUoNrgtFbWOJ450vmk5Prbkrm2et%2BM7xH%2FHVgR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98c530d04e7bb509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":32,"dns":1,"connect":1,"send":0,"wait":153,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filemoon.to/assets/images/favicon/apple-touch-icon.png","fqdn":"filemoon.to","domain":"filemoon.to","tld":"to"},"ip":{"addr":"186.2.165.35","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mobile-detect-modernizr.filemoon.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 02:59:49 GMT","end":"Mon, 27 Oct 2025 02:59:48 GMT"},"fingerprint":{"sha1":"DF:D9:2D:8F:D9:5C:09:CF:58:97:C9:A8:65:7F:61:1E:65:0D:F9:1E","sha256":"77:2C:3D:04:C0:DF:50:0C:99:B0:1B:7C:1D:2D:C7:58:30:62:3F:8F:64:A7:E1:80:6A:0C:86:13:C2:08:04:03"}}},"request":{"raw":"GET /assets/images/favicon/apple-touch-icon.png HTTP/1.1\r\nHost: filemoon.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=OqI72OjJDC9i8ds9; Domain=.filemoon.to; Path=/; Expires=Fri, 10-Oct-2025 10:06:27 GMT\n__ddg10_=1760089587; Domain=.filemoon.to; Path=/; Expires=Fri, 10-Oct-2025 10:06:27 GMT\n__ddg9_=91.90.42.154; Domain=.filemoon.to; Path=/; Expires=Fri, 10-Oct-2025 10:06:27 GMT\n__ddg1_=R3KX2wHz3CzKQb3Tb1Ex; Domain=.filemoon.to; HttpOnly; Path=/; Expires=Sat, 10-Oct-2026 09:46:27 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 07 Oct 2025 15:04:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 14840\r\nlast-modified: Thu, 07 Apr 2022 13:15:48 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nddg-cache-status: HIT,HIT\r\netag: \"624ee404-39f8\"\r\nexpires: Thu, 09 Oct 2025 17:53:09 GMT\r\nage: 240132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":14840,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 158, 8-bit/color RGBA, non-interlaced","md5":"89a3d82162fc1f11d1ffa5bd73ecff9a","sha1":"6765810ff0ee7f8c1c5d9b1f419616cc9ce500c8","sha256":"83e21507727c12df8021db54c02a2bdd8fcaf54409e9dfd575c955698bcecbd0","sha512":"53c92200497794173093726d51103622cb9fb6cb286a5aaf5febcc53cfd7831f9023d014f5b726177d6bcb27f90a0617695bb7ccf0694a0165c114506c53f4a6","ssdeep":"384:PrYzJvWo7f5CqFDAfCgZcYxp4Jm0KHSpVB0T:DWvzfTSZ4Jm0KMB0T","tlshash":"3262d0f22162369ecd22f789d98e47fba2d2c1183286de17d11fed053a28ca05700099","first_seen":"2023-10-17T10:03:58Z","last_seen":"2026-01-13T20:19:22.067406Z","times_seen":266,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":20,"send":0,"wait":41,"receive":3,"ssl":57},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"filemoon.to","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/js/bafsd.js","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:26.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /js/bafsd.js HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Fri, 04 Oct 2024 05:52:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 15 Oct 2025 02:30:59 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 198927\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KjXOVYnNdLvAyLljx8TordJmWfKBzbnHKn86EN34L1K9uPYe867Sfd3J6AIs7889hCktDwpnFxNMwbUQLt%2BmmvW4IcEbjPg%3D\"}]}\r\netag: W/\"66ff82ab-358a\"\r\ncontent-encoding: br\r\ncf-ray: 98c530ce7fedb517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13706,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"c2432aca90e92e0370d2ded2545eb1fa","sha1":"8f1ae40f7dc9c4ccfcb91d04530a1f072e9d06eb","sha256":"89c40275bddb7257d519bda010de1c4df70a30b5f84be325f2ae53168f276cb5","sha512":"7278ab65bac73bbba9750c49161c677ad6d98d8d16f5f692a3b19e99423c2b32a9785a1bd4045321f4ffd0cf3c6270e5fe4b4ab1cc7bbe4f7cdfc3c40bb3f373","ssdeep":"192:Tb2KC3RtGFnoYcAb/XkLM17rbN5rYrWcYYgC/55wJjJUjfQFU75+xCj+8NcC+5wK:WLsrqh56lUb4kochTK","tlshash":"a852428b738da2be86fa33e4c43f2494e97ed272c115c4fab5b58a801d90815c397d79","first_seen":"2024-10-04T15:55:15Z","last_seen":"2026-04-04T23:25:20.046081Z","times_seen":1311,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pqham.com/assets/css/jw8-theme.css?v=3.0.6","fqdn":"pqham.com","domain":"pqham.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pqham.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 03:04:49 GMT","end":"Sat, 22 Nov 2025 04:02:27 GMT"},"fingerprint":{"sha1":"C9:9E:EE:24:BA:4A:A4:FF:98:76:AB:76:9E:75:3B:49:70:11:3A:CF","sha256":"BB:F7:D4:4E:01:FC:B0:4D:59:53:64:11:AE:73:58:3D:02:D8:4A:52:4B:EE:BA:75:C9:6D:77:21:D6:7A:11:3A"}}},"request":{"raw":"GET /assets/css/jw8-theme.css?v=3.0.6 HTTP/1.1\r\nHost: pqham.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club\r\nCookie: lang=1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:27 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 03 Apr 2024 15:50:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 12 Oct 2025 00:20:15 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 465971\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H6ayJwZUSTTwiEzAfZcGKKlUCMBB1Fdo4z3zvwfPyvkrq6h2gumKvcPWfjUuug6LWKItaYURdZkJrjsQG5KZET7EsuAGM3s%3D\"}]}\r\netag: W/\"660d7acf-62a2\"\r\ncontent-encoding: br\r\ncf-ray: 98c530cfd984b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25250,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (938), with CRLF line terminators","md5":"218f1af32c959506efe281f39309d9a5","sha1":"948fbcdba4275e13fc3e469a04df2d727aabdf4a","sha256":"5425c5e4dfa36e386ee465a9fe20f61290bcd377fe3fd950164c5c6e16301593","sha512":"dade7d9e4bbc40ed8ef3efe25f783875913bc0d32f143de2a68e434ca15515ef7a01c788b58b1949eaf1af95e8e31d70ce2a1f16aca4b0591d9ea2d94eb05f14","ssdeep":"768:jyHyHyoywyfyCy5yAyMyPyby4y/yJyOyDyDyDyRyOyJyTyJyDyGywy8ymyCyUyhv:Smhen8Qn","tlshash":"afb26355c142422d6d3b9678fa337e04ebab258bc746a3f4febc211c8f34186b4e5a54","first_seen":"2024-04-18T11:42:39Z","last_seen":"2026-01-14T01:06:54.87613Z","times_seen":1260,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"pqham.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fin-3dg-b1.i8yz83pn.com/hls2/02/09319/yqoaa9bp1xyu_h/master.m3u8?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p=","fqdn":"fin-3dg-b1.i8yz83pn.com","domain":"i8yz83pn.com","tld":"com"},"ip":{"addr":"185.237.105.49","port":443,"asn":203973,"as":"Eurolir OU","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fin-3dg-b1.i8yz83pn.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Aug 2025 13:33:34 GMT","end":"Thu, 06 Nov 2025 13:33:33 GMT"},"fingerprint":{"sha1":"FF:F7:7C:D6:25:B3:CD:94:67:60:73:6F:D9:7B:53:CE:4C:B2:82:AD","sha256":"18:01:EB:A8:38:AA:F6:84:88:5B:2A:C0:5B:30:85:52:ED:AE:03:E7:3D:89:C5:51:FF:29:7F:F1:6E:FB:03:65"}}},"request":{"raw":"GET /hls2/02/09319/yqoaa9bp1xyu_h/master.m3u8?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p= HTTP/1.1\r\nHost: fin-3dg-b1.i8yz83pn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pqham.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 09:46:27 GMT\r\nContent-Type: application/vnd.apple.mpegurl\r\nLast-Modified: Fri, 10 Oct 2025 09:46:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Mon, 13 Oct 2025 09:46:27 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=259200, no-store, no-cache\r\nSprint-Cache: BYPASS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"0e3bb1d781fc9ce13b774a583924176c","sha1":"e6fa926ffe30242a13fee3f0e538f8800dd4b984","sha256":"40573ca8ae3a7ff2f8dc08947451e40cce470bd19e908fb7a2e7dc7dcb956b7b","sha512":"294361f553251b06a02454a41a71921c94c1e1e77a48a80d147986782300764ab44df9d23d438cc6b8354a0c263c6ec3dfbffb094b77f046b2ad1ecb5597f501","ssdeep":"","tlshash":"2ce02de5453ac20a0e2da19404ac282cac5e6cac08c8c224c004434805c9d90b4fc680","first_seen":"2025-10-10T09:46:53.180129Z","last_seen":"2025-10-10T09:46:53.180129Z","times_seen":1,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":74,"dns":32,"connect":15,"send":0,"wait":40,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"videothumbs.me/yqoaa9bp1xyu.jpg","fqdn":"videothumbs.me","domain":"videothumbs.me","tld":"me"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"videothumbs.me","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Sep 2025 13:33:55 GMT","end":"Sat, 06 Dec 2025 14:32:20 GMT"},"fingerprint":{"sha1":"28:95:45:ED:DD:AB:1D:D8:DC:25:90:54:24:9A:03:3A:DD:B8:3F:66","sha256":"D4:A1:52:A6:EF:CD:4E:FD:F0:DB:8D:26:BF:D2:6E:AA:8D:FB:13:BA:56:F1:9E:04:2B:2A:45:66:26:C6:FC:44"}}},"request":{"raw":"GET /yqoaa9bp1xyu.jpg HTTP/1.1\r\nHost: videothumbs.me\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 09:46:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53288\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 24 Jun 2025 11:16:13 GMT\r\netag: \"685a88fd-d028\"\r\nexpires: Thu, 23 Oct 2025 16:12:29 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nage: 63237\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tF4J6QbRapTv%2Bd41dekiCn%2BbcwSOXJIU2pp3mOvS984mBXjDTxMjk67nL2Q0hwhrUghfW7xjTA1CkfJCvKShnmidgbm9BQpvbtNx2g%3D%3D\"}]}\r\ncf-ray: 98c530d269f00b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53288,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1215x1216, segment length 16, comment: \"Lavc61.9.100\", baseline, precision 8, 608x1080, components 3","md5":"d12e444f32be052fa146361f6a2b18a5","sha1":"e3447c93a5e7a2cf3b412ea87625a1d081bca703","sha256":"61cb4ad41defa5bdb4dd0f99a6aa171a3d3ffffd106a84f4d2467a9aaa8c3574","sha512":"0380b3fd3b163daef65327ca6328ce039bb137a9656e555f864b2a14db02439993f564d1b11089da9b7091473bfa1b2b15c8f8996bae8b2ef2d912bacd145b79","ssdeep":"1536:I56bELW+2XXtmSE9/0aEWeB5mFcNhVXr6J+Hd:Pg6mHI5mSXGJ4","tlshash":"383301528f006fa6b98cc297d4964d0693b32ae329cecf8482ac6bc0d77c501ad55fdd","first_seen":"2025-10-10T09:46:53.183494Z","last_seen":"2025-10-10T09:46:53.183494Z","times_seen":1,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":144,"dns":1,"connect":1,"send":0,"wait":8,"receive":2,"ssl":147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fin-3dg-b1.i8yz83pn.com/hls2/02/09319/yqoaa9bp1xyu_h/index-v1-a1.m3u8?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p=","fqdn":"fin-3dg-b1.i8yz83pn.com","domain":"i8yz83pn.com","tld":"com"},"ip":{"addr":"185.237.105.49","port":443,"asn":203973,"as":"Eurolir OU","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fin-3dg-b1.i8yz83pn.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Aug 2025 13:33:34 GMT","end":"Thu, 06 Nov 2025 13:33:33 GMT"},"fingerprint":{"sha1":"FF:F7:7C:D6:25:B3:CD:94:67:60:73:6F:D9:7B:53:CE:4C:B2:82:AD","sha256":"18:01:EB:A8:38:AA:F6:84:88:5B:2A:C0:5B:30:85:52:ED:AE:03:E7:3D:89:C5:51:FF:29:7F:F1:6E:FB:03:65"}}},"request":{"raw":"GET /hls2/02/09319/yqoaa9bp1xyu_h/index-v1-a1.m3u8?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p= HTTP/1.1\r\nHost: fin-3dg-b1.i8yz83pn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pqham.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 09:46:27 GMT\r\nContent-Type: application/vnd.apple.mpegurl\r\nLast-Modified: Fri, 10 Oct 2025 09:46:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Mon, 13 Oct 2025 09:46:27 GMT\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=259200, no-store, no-cache\r\nSprint-Cache: BYPASS\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38442,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl","magic":"M3U playlist, ASCII text","md5":"a7291beb2b299d9b409a18c56c654fd9","sha1":"2a9504f6e4d26786051207d4bfd109fae7380e18","sha256":"6345ab224d325ce88f56da5827c1f5ebc573a53f05916894ad5bcbd29d4406aa","sha512":"886742bdbd655a9aa2d97dc5d25382c304d26b20dee343f9981e51f902158d7de02f52cbca632ed67239afca2625b2eb29a239a0580c4977e8173e6e0f059dcf","ssdeep":"192:yTFsPZWlyTQJWH9kn2hoLqF5WMFevwpSzk9/uVcDi5A3GOf81CjgZmXpwzSFMveM:EFSF31O","tlshash":"d80349f60632e94a4b6f6c69047ae9fc94adbd9e2c4fd079c10443663a18995f8fcdc0","first_seen":"2025-10-10T09:46:53.186487Z","last_seen":"2025-10-10T09:46:53.186487Z","times_seen":1,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fin-3dg-b1.i8yz83pn.com/hls2/02/09319/yqoaa9bp1xyu_h/encryption.key?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p=","fqdn":"fin-3dg-b1.i8yz83pn.com","domain":"i8yz83pn.com","tld":"com"},"ip":{"addr":"185.237.105.49","port":443,"asn":203973,"as":"Eurolir OU","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pqham.com/bkg/yqoaa9bp1xyu?ref=gayteam.club","date":"2025-10-10T09:46:27.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fin-3dg-b1.i8yz83pn.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 08 Aug 2025 13:33:34 GMT","end":"Thu, 06 Nov 2025 13:33:33 GMT"},"fingerprint":{"sha1":"FF:F7:7C:D6:25:B3:CD:94:67:60:73:6F:D9:7B:53:CE:4C:B2:82:AD","sha256":"18:01:EB:A8:38:AA:F6:84:88:5B:2A:C0:5B:30:85:52:ED:AE:03:E7:3D:89:C5:51:FF:29:7F:F1:6E:FB:03:65"}}},"request":{"raw":"GET /hls2/02/09319/yqoaa9bp1xyu_h/encryption.key?t=xGi1xWy75FoySIPqjYV-s2mdw5210sxhRzcpUUV6QJs\u0026s=1760089586\u0026e=10800\u0026f=46597574\u0026srv=30\u0026asn=50304\u0026sp=4000\u0026p= HTTP/1.1\r\nHost: fin-3dg-b1.i8yz83pn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pqham.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pqham.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 10 Oct 2025 09:46:27 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 16\r\nConnection: keep-alive\r\nLast-Modified: Sun, 19 Nov 2000 08:52:00 GMT\r\nExpires: Fri, 10 Oct 2025 10:28:20 GMT\r\nETag: \"5f693e80-10\"\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=259200, no-store, no-cache\r\nSprint-Cache: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Non-ISO extended-ASCII text, with no line terminators","md5":"782c4632c246f1ae4b6e777886b2fe6d","sha1":"342d98303640478fb1cbc21e60779fc3a1b1b13f","sha256":"d195b59e0bfe9012e408acb0bae06d338dbebc548b53ea884e65c204d23793b3","sha512":"d955c51b8ffb48210a859300f144acd62f18e21aaf3d6785771eb9f58ee3aead3d9136fcf6b3bd0b05755b739cc07ee94922ba1d489977324cf451264d363d53","ssdeep":"","tlshash":"d860000c003cc000f0c00030cf0cc000030cf030c003c0c00000c000c0033000cc0030","first_seen":"2025-10-10T09:46:53.189561Z","last_seen":"2025-10-10T09:46:53.189561Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}