{"report_id":"1ea80fc8-062f-4ea0-ac2c-2bd62455d5c2","version":6,"status":"done","tags":[],"date":"2026-03-18T19:03:21Z","url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"104.21.90.73","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"title":"Vote to List — Powered by Moonshot","dom":{"size":508195,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3614)","md5":"e91e93bf56e22306f079698a20a8c00f","sha1":"b27bc12035b25a5985fc1ca21cb9ebd2c6b21d3b","sha256":"cc73ac74e58923e28b18eb55a8b7bcdc3543a04b685dd79df076df7dc927e910","sha512":"3ae66a1c89ad5eb4bf3bdb130c21e976e311121db50ef3131d521417c4fd8bc737a2a40bec154e3e26c06a4ebd34dc13a33cab27db856b7251b0a8dc6e00de3d","ssdeep":"6144:beM604vwLkiGtA18BAGEunCWFHNsME9jolumMG2VVGjMcbuo0Lo16:b7+Kis4tsr2MVVxcK","tlshash":"70b4391aa5b394766c2371b967ee61487339f047c81dde987ecc12108fc67b8ade2748","dom_hash":"domhashaf44e4e4fb87f44992f23a37bf01e8c7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"104.21.90.73","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T19:03:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T19:02:57Z","timestamp":1773860577,"ip_dst":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46812,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)","source":"{\"timestamp\":\"2026-03-18T19:02:57.940874+0000\",\"flow_id\":751004943461369,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.7\",\"src_port\":46812,\"dest_ip\":\"209.94.90.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036874,\"rev\":2,\"signature\":\"ET INFO Observed Peer-to-Peer File Sharing Service Domain (ipfs .io in TLS SNI)\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_06_06\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_02_27\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_06_28\"]}},\"tls\":{\"sni\":\"ipfs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3432,\"start\":\"2026-03-18T19:02:57.928761+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"media.istockphoto.com","ip":{"addr":"52.84.50.126","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2000-01-06","domain_rank":166591,"first_seen":"2018-11-13T21:06:51Z","last_seen":"2026-03-12T21:02:57.675594Z","alert_count":0,"request_count":1,"received_data":15797,"sent_data":618,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Kestrel","description":"","website":"https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel","common_platform_enumeration":"","icon":"kestrel.svg","categories":["Web servers"]}]},{"fqdn":"lite-api.jup.ag","ip":{"addr":"52.84.50.71","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-09-15","domain_rank":1536175,"first_seen":"2025-06-01T22:48:15.859785Z","last_seen":"2026-03-16T22:03:13.866203Z","alert_count":0,"request_count":1,"received_data":3838,"sent_data":521,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"pro.ip-api.com","ip":{"addr":"51.77.64.70","port":443,"asn":16276,"as":"OVH SAS","country":"Germany","country_code":"DE"},"domain_registered":"2012-04-24","domain_rank":40593,"first_seen":"2015-04-06T16:13:16Z","last_seen":"2026-03-11T21:32:56.912746Z","alert_count":0,"request_count":1,"received_data":433,"sent_data":478,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ipfs.io","ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"domain_registered":"2014-05-16","domain_rank":19271,"first_seen":"2015-09-09T04:41:36Z","last_seen":"2026-03-13T12:03:07.94897Z","alert_count":1,"request_count":1,"received_data":1309519,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"xn--moonsho-9rb.xyz","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":8,"request_count":8,"received_data":6831014,"sent_data":4261,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ecb614ea49ee5023fe19cc8c0918b35","sha1":"f3f96c59ceed055c0618c5e2c71f327222e3431d","sha256":"83deae7deea0d417c91813c398f3fc75d2dd46fc9bfc32cc01cb5915afcb55a6","sha512":"a90ef075ea0e86a772bbf327c83538299164363654ee2bdaf7a695b6769df8479ab81bb3c0eea27752bbd616b304fa28608c6ca636f7ef3d6aab8d8b724683cb","ssdeep":"","tlshash":"92d0c060f1648ab0050808cb203043c035c02c6cc033e1cff2fc9b87af5ed480b8c520","size":203,"data":"","first_seen":"2026-03-08T13:41:09.451219Z","last_seen":"2026-03-18T19:03:26.815006Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2530d0a7f261fa2f196671b446edc8ce","sha1":"2ca67cbee9dbcad8f55a3932bb29244e6a54bdd3","sha256":"9b7e76e96f6c0e2ca81161463be4773da37269626753806aeb84bfb102318f9f","sha512":"cbbc6ddc5bde45d5f631e64afa7b10f2004bd93d1de9ab7387fc5f4c9d162aa5e685d186ae0b063b5da61726edd6c369f55b615986b6486bd2dc626188eaddf0","ssdeep":"","tlshash":"85316a1252b322663c4bb0bd5fbbd84d763a400bd8095450788ea18c6f70b6509f37cc","size":1739,"data":"","first_seen":"2025-10-22T17:11:21.585925Z","last_seen":"2026-06-01T02:02:06.477836Z","times_seen":460,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/c5UfYyNs.php?s=%2Fipfs%2FtGFksExoM0PB7fj7mmI3lw36234d43533193b0e648a45191d3dcf2%3Ft%3D1773860576799","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bb958158ce054ce344c538033c9505f","sha1":"b63627909ceff9bb57abfcc2de1e5283b5109943","sha256":"d0db47014fa03766143609937d44dffb7a2cce7be6d34aecc4ca9514efd354bf","sha512":"65e6e3cedc13673cdf9d42e8f82d288331b5f90863d21d76e644432d678e042b3fd7e7f126c4a81aa1c8f386d1e08951b023006b931963895716b04cf6f75011","ssdeep":"6144:khWOPt4UZeUeYMZC51yCPQuyGuhre6pyCPcPGT6XDaS6vF+hD:1OPtgUHaC5U3S67TQ","tlshash":"71c4aae0930bdefb4480aab70c235a6fefcf0dea954b0a58bac19c9e5e4470719d551c","size":582074,"data":"","first_seen":"2026-03-18T19:03:26.803952Z","last_seen":"2026-03-18T19:03:26.803952Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/handlerr.js","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"62d2240050c64b219e8a9994b381d115","sha1":"7701ef263a1c5789d4f28ab84d879005d5d3875e","sha256":"f257a89b992291be5f0cb49c0da1c5d88531ed1ce3b47797b56383c27430690e","sha512":"3a40ef28effccc2c220d697b319fc35c731c967e03cac3c591cc520d8025fafc99a39f13299a2096f43e1c228e7f5cc8e1c326d6bdc3a936e583f45e13a9710e","ssdeep":"","tlshash":"e631ed5e3de510022d33a3e845479225f918b92310e1f249be4c83591fb0d69d912fcc","size":1618,"data":"","first_seen":"2025-12-08T21:10:37.426939Z","last_seen":"2026-03-18T19:03:26.810115Z","times_seen":396,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/assets/js/vote-runtime.js","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"89c545f62fdd56954c6df7d37f6ef8a3","sha1":"422bbe47268479c4e31b9a7be411aaeac8703bb6","sha256":"d4a6171bf18d72695767b0d7a070004273b01ed44682a8c929e78192847d9776","sha512":"2ae3416780759acae8b8c0639c9238908f91d39b87d0527c7fcb636dca30211bd3bda29ea2d02fdc79989f39d9eadb4990314f29a046424ff5e9505caaaf5bd3","ssdeep":"192:2SBErAbGRl2YsYnpUFJFI6bJtjvQ5C+4NWmNWDLvps/jEH:dfbGRl2YsYnpWfP9BWiWvR","tlshash":"82e1b55432fb113346fb54fb9a874092b22460177084cc8afe5dcbd01fe6e958ae79ad","size":7272,"data":"","first_seen":"2025-12-09T09:18:57.275156Z","last_seen":"2026-03-18T19:03:26.810982Z","times_seen":380,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a0d9ff4675210608d8ea011b0e48f533","sha1":"b6d1b676a03fcf51ed5db6176de6273f412d4d9c","sha256":"d2e85b73acb5ad4094150946deeafdea1aef06d6269ffb3272a46778a6a78587","sha512":"c79298b442492a8906ddd1281ade433b54fbfa8328cd335d991ca2a235236ae0e681acf4a33397d8208884f544f246de257cd7c467e052499ac3069bd8c77acd","ssdeep":"96:Kw9KGZ5OfUHPDm7H2+/ws2OMUJQ9zobU4X36h1WC7EKXEDsXWFTXswXr8CegiuBE:nw+q2Dt+Is2OMQbb3zC7ERD1Givi3ii","tlshash":"6112f0aaa3a6373281fb676a2787934c333080036005d9157f2dd7824fa6e7589f7bd5","size":9497,"data":"","first_seen":"2026-03-07T01:27:01.190919Z","last_seen":"2026-03-18T19:03:26.816757Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0571b694c7ebd8bd5c3f621f103c7368","sha1":"6218445e6b7134d311d30af70462f127e8b74df9","sha256":"cf8f49357bd3cdffca91108db7bde758dca2dfcc30fa8e736779ec1df1f24276","sha512":"883ce3e8afb4441ff541cbbd9ba8481a7c775ed34a0772cac98c0ce02ae043e43ead6a2d2d2e400fd4d84f6ac4d640d28ba55c45a11bc43da9a4df4d1ff85428","ssdeep":"","tlshash":"d261006aa5ea263240fb727f0b9f561c373280531109eaa03d2c43a11f58a3806bafd5","size":3353,"data":"","first_seen":"2025-10-22T17:11:21.617772Z","last_seen":"2026-03-18T19:03:26.817654Z","times_seen":338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/c5UfYyNs.php?s=%2Fjmpd%2F","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:58.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"POST /c5UfYyNs.php?s=%2Fjmpd%2F HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump\r\ncontent-type: application/json\r\nContent-Length: 1496\r\nOrigin: https://xn--moonsho-9rb.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1496,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QB-gJcAzAADgAXA-QCHQAsAxUAAAECagMAAO8nhn2XtsKCAcvx5CfTYlEA1Pssz5sCAAD0dsHcpFNpOHOgTk3tiZk10jpQEiWhEVcCg3BgWOYi7kDKpbtmITjD-1GCLgZaxSt6f3O-YHv1JHphQD46EasRCmnUF12r4ddm8SSGPAmPu5Y_-Hr9tuiUa93UMikVYPuq3XxKHt7XgXHp76e2RAF48F0xFFtwQUa3ssdESxhvYfczXGaJJO3jTGCyDfFo9PP8Esjj7xcd64Jbqam032wLz4clj1Sag24EX-JyeHdHVAx6AaGEnA1xIxpuER-U8GowVW00sig9d5Tgml15KTJfhQ9I5qizTAj04AJbtiMWs60nXBxKebrIZUXtk9isB_9MUNITziveXBKWL0kmLtTuFZTsUve_dfhE9meO7xQYVrCpi3cdJSAaoTj127IQv44tfl08ZWuKWMUOR4fRkfMsVzsKpbP1FFTC5CV68T73gY6U2KWtxueGrNrEh-L_eu9lnonLESJCaP5IqaqQxLDTpPLOmfyXv-XDgR-6rX9tXaN40CjpYWKlDDCAf5RZGaQvD6B9Fu1g0m1U1KY0tg-yp6LJmrfAWPPPHWEpwFNfHLX-pNT5Hp8YTk75sNGBrk2oaOZdNwLAUMSw1t4vfEUZNu1W1BS1LzpyO0UjvVogYpKPmaOb6fYJRwuaXD3RbOY9bgVnre8wv6ZS3a74U_sXW9U41h8UrTVCZ3c73PeF1sSpbW7veEtD-1MD-8c2Wro2QNQrKH2TEYuTZQUMQ2Vjr8N-cGG3yQsNZGawvNG5hjm6Zh7bjgtcakYQHjq1sYWyPEMUOMxMIrhfk8O7Gz7W6Hjpu5WU0Sz_xBJZhZ3-za2cXJjrQSTl4omXfJcDH2fBbHStUhJR1yiTc9UBsA7fRKOdgIKdEOkULFYzqMvLGej1GO6nOP5sRfWOiGMYSk6ydkYUwrgMdtF9A02ARxZwVgy-a1DB7I7MFHmYKrOrfTypG31RXBzGAjv4q3IbX0FbHYng6mBBZd8RA_MVDZcIogZUQNpZD2hAnGAu0ILGZwKt_MQc2vOEBR8xGM6fGWAT2KovSmHM8sPt_fm1NnmTmUbO3cYCn46elXTkK_LTv1iqTybO52aCStTcnjLzsNjdoq3kBHSBMqTL3syYRFYkKJAQ1CPEYocGmSBQXo0s7gXMa71PCSfzgytoWrGDDvLXrfU6BGXFzReDGrtRg7P2oc099Nwnxf3qQa8VWusqr9kQ\",\"challenge\":\"eyJpZCI6Inc3alAteVd4M1RYZ3VGTjNfekV0TGciLCJub25jZSI6MTYsImhhc2giOiIwMDliNjVkZTc5N2U2MjFkMzYyY2Q3ZmZiZDI5NWU1OTU4MDc1YWYxNzQxZTA0MjQ1NmZlMDI0Y2U3MTU3NzAwIn0=\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Wed, 18 Mar 2026 19:02:59 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\npriority: u=4,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m4RqJongn8CazOb1NFS91vsrMywUxzr0a2BeCMx3BzbXu8K9rgZ6erBc4v7XwxwkqxpPO9WhEHQ7Ixx8LBu%2BQWBs%2BnaBiLn%2BQqRQoRc0qAcLCcU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de67ea929848a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":955,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":955,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/c5UfYyNs.php?s=%2Fipfs%2FtGFksExoM0PB7fj7mmI3lw36234d43533193b0e648a45191d3dcf2%3Ft%3D1773860576799","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:56.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"GET /c5UfYyNs.php?s=%2Fipfs%2FtGFksExoM0PB7fj7mmI3lw36234d43533193b0e648a45191d3dcf2%3Ft%3D1773860576799 HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:57 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I835g7aggmVTpYHrZrntAX2AG4F208hvvut5LEE5ZFmUOFBq1%2F3xAa67n9K1Dswl1r5cGfDfizXBlyOXzFFtIsOpUMOXM9ZMjlF9GUQZC39GO8E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de67e9d2eb78a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":582074,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2bb958158ce054ce344c538033c9505f","sha1":"b63627909ceff9bb57abfcc2de1e5283b5109943","sha256":"d0db47014fa03766143609937d44dffb7a2cce7be6d34aecc4ca9514efd354bf","sha512":"65e6e3cedc13673cdf9d42e8f82d288331b5f90863d21d76e644432d678e042b3fd7e7f126c4a81aa1c8f386d1e08951b023006b931963895716b04cf6f75011","ssdeep":"6144:khWOPt4UZeUeYMZC51yCPQuyGuhre6pyCPcPGT6XDaS6vF+hD:1OPtgUHaC5U3S67TQ","tlshash":"71c4aae0930bdefb4480aab70c235a6fefcf0dea954b0a58bac19c9e5e4470719d551c","first_seen":"2026-03-18T19:03:26.803952Z","last_seen":"2026-03-18T19:03:26.803952Z","times_seen":1,"resource_available":true,"data":null}},"time_used":988,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":929,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:56.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"GET /vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:57 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yLnEX%2BrPxdbfzF5%2BSbuyzssAd2ABwa4jJAdUVD9ssA%2FZRk6rKu3BjNJe1X1bLzdZqOIsIaIKS%2FwRTEJqS0uBxp71rYfjVG4L2cTIJneaRF1Ej%2FM%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9de67e9df91e8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3057535,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3600)","md5":"00af927594a87fe2efeb774a0a0726a8","sha1":"5e6ce6338d41007b9807ec4b711c675cf1ff0837","sha256":"b2b6e12eacf4f66d8bd9374ba3368230be9cfd62dcffcb5a5fddfbd1c6c26bf0","sha512":"0ef04a281e78f97947305a4a2ee0785c5302709930c0e2f36d52509b4ce1f3148d0cae0b03716cbd15cc9d1cb73f3968f126b310a8a78daf34bce718b2a81b30","ssdeep":"12288:DC+Kis4t0u2MVV71ZMXDjLS80gTMa/uXqu1UndqBvMB36Zwr43n/zJt0WRB/3EDZ:x2CV7ojLS83MV6uMdskB3Ma4L0WH/UDR","tlshash":"6f25cf1a65b394762c2371bd17eea448733ab047c81cde98becc1210cf867b8add6758","first_seen":"2026-03-08T13:41:09.441963Z","last_seen":"2026-03-18T19:03:26.806292Z","times_seen":3,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":369,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"media.istockphoto.com/id/2060009001/vector/avatar-user-profile-person-icon-profile-picture-for-social-media-profiles-icons-screensavers.jpg?s=612x612\u0026w=0\u0026k=20\u0026c=onk7rmEoISSvHVlqc-SiBvcUr8ilCm2u9kcw3_Bm_SA=","fqdn":"media.istockphoto.com","domain":"istockphoto.com","tld":"com"},"ip":{"addr":"52.84.50.126","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:57.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"media.gettyimages.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 10 Nov 2025 00:00:00 GMT","end":"Tue, 08 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2A:CF:A6:4E:44:B1:DA:FA:BC:7E:92:5C:A4:6E:12:E0:83:00:24:0B","sha256":"A8:86:96:F2:A3:A9:F9:27:90:BB:3B:1C:33:EA:C8:A5:58:EB:E6:4D:5B:B4:36:97:17:54:9D:B8:2B:98:00:0A"}}},"request":{"raw":"GET /id/2060009001/vector/avatar-user-profile-person-icon-profile-picture-for-social-media-profiles-icons-screensavers.jpg?s=612x612\u0026w=0\u0026k=20\u0026c=onk7rmEoISSvHVlqc-SiBvcUr8ilCm2u9kcw3_Bm_SA= HTTP/1.1\r\nHost: media.istockphoto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--moonsho-9rb.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/jpeg\r\nContent-Length: 15152\r\nConnection: keep-alive\r\nDate: Fri, 13 Feb 2026 03:55:26 GMT\r\nContent-Disposition: inline; filename=istockphoto-2060009001-612x612.jpg\r\nServer: Kestrel\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: public, max-age=7776000\r\nLast-Modified: Fri, 13 Feb 2026 03:55:26 GMT\r\nX-Cache: Hit from cloudfront\r\nVia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-P3\r\nAlt-Svc: h3=\":443\"; ma=86400\r\nX-Amz-Cf-Id: ynLebp3mXHLFoJnat0-3rYaoCOIz_hPN7MMFB5rzkrnaOXuBjxpufg==\r\nAge: 2905651\r\nStrict-Transport-Security: max-age=60; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Kestrel","description":"","website":"https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel","common_platform_enumeration":"","icon":"kestrel.svg","categories":["Web servers"]}],"data":{"size":15152,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=Avatar, user profile, person icon, profile picture for social media profiles, icons, screensavers and as a template. Vector ill, xresolution=200, yresolution=208], progressive, precision 8, 612x612, components 3","md5":"39747b9671bbb7e64257092a0e8b2c48","sha1":"a48e92002a8c12626baecd3391a95f7075976c71","sha256":"c69458883ac268cdf60292cb635ae973ac502fcddaf85939f250524a127b7d4c","sha512":"dd89e9c5cfb983bed275baac2dc0c203692c41ad7cf1cd87d4c648c5d69c57c2e72f0c5cc9f3f90732c02ee0be835fc375a31b895c6e129066224b9dcbc37936","ssdeep":"384:JlnP6BV3jEywkLobvCFpGx02aW1cGY4us:vAVzEyweobv6s+2v","tlshash":"8a624aaecfa28f37c0d4ab3718a77761461df9a1d1cf931e334d962918271a87bd4006","first_seen":"2025-12-09T09:18:57.257969Z","last_seen":"2026-03-18T19:03:26.807279Z","times_seen":233,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":78,"dns":1,"connect":1,"send":0,"wait":5,"receive":1,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lite-api.jup.ag/tokens/v2/search?query=2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"lite-api.jup.ag","domain":"jup.ag","tld":"ag"},"ip":{"addr":"52.84.50.71","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:57.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lite-api.jup.ag","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 02 Mar 2026 00:00:00 GMT","end":"Tue, 15 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0A:3A:FA:40:6C:C0:7E:88:0A:F3:A9:72:66:BF:C9:D6:99:1B:F6:A7","sha256":"2C:4B:20:7C:DA:39:7F:EC:E5:2A:8C:99:7C:69:6A:58:C0:62:51:B7:C7:1A:38:71:DA:BF:B8:3C:D1:B8:AB:DA"}}},"request":{"raw":"GET /tokens/v2/search?query=2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump HTTP/1.1\r\nHost: lite-api.jup.ag\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xn--moonsho-9rb.xyz/\r\nOrigin: https://xn--moonsho-9rb.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ndate: Wed, 18 Mar 2026 19:02:57 GMT\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9de67ea0eca5723c-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: https://xn--moonsho-9rb.xyz\r\ncache-control: public, max-age=10\r\nlast-modified: Wed, 18 Mar 2026 19:02:54 GMT\r\nvary: Origin, Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 8c3a87d110aff35fe17513b9a9ad30cc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: r5Ziv0gQ28w3JGavWABDN9MBzNVBwctDY7zT0r8UNLwnD9MInY38Vw==\r\nage: 2\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3062,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4a672cd37aefcfd427b7705e32b6a982","sha1":"d375db9ca79bf7b602267782905b3a9f7b89ffe2","sha256":"dd9ecfc44c9d661405971e0c21d9ce5af688f6cebdeee775df41e05e2fc3d572","sha512":"641404e7f47690804659aece39604393da4082b4b3667966f524c4714718aa1cd6ecee04d0ea3f3d7c95918ba71c032912a48aa4296b82f852378c3590a185e7","ssdeep":"","tlshash":"685187f549a924f0cb6a634bc5983fd581a738c3841105e7eb7a8fac808147f7909e1f","first_seen":"2026-03-18T19:03:25.885737Z","last_seen":"2026-03-18T19:03:26.808133Z","times_seen":2,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":10,"dns":1,"connect":1,"send":0,"wait":53,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/telegram_logger.php","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:57.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"POST /telegram_logger.php HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 30\r\nOrigin: https://xn--moonsho-9rb.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":30,"data":"ip=91.90.42.154\u0026country=Norway"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:58 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 5\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NFA%2FQJHmbhwrgNzMt0ersZAD53vSg5H5UG0EkZdl7tlrxFktnfQnrUpcDMSw76XU0h%2FoFFg0KkrmGckNnuTu6V5wCMhZFcc2l7hLBzr2W2e%2Fcfc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de67ea41ab78a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"e0aa021e21dddbd6d8cecec71e9cf564","sha1":"9ce3bd4224c8c1780db56b4125ecf3f24bf748b7","sha256":"565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3","sha512":"900110c951560eff857b440e89cc29f529416e0e3b3d7f0ad51651bfdbd8025b91768c5ed7db5352d1a5523354ce06ced2c42047e33a3e958a1bba5f742db874","ssdeep":"","tlshash":"c710000000000000000000030000000030000000000000000c000000c0000000000000","first_seen":"2023-03-09T09:04:49Z","last_seen":"2026-06-17T09:29:17.88817Z","times_seen":326684,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T19:02:56.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"GET /vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iEeuW5R9Sxq4o2A1ewBzWBXvME6Bt4AJYsh%2Bu6eqfYnFd4lb3UFnAUscRtIOfDCN%2FlLoGPcR1XCYJeU4DhKaVu%2FqylfKAf7ZwT6m53WOtrgR3%2F8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9de67e9b9915dd81-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3057535,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3600)","md5":"00af927594a87fe2efeb774a0a0726a8","sha1":"5e6ce6338d41007b9807ec4b711c675cf1ff0837","sha256":"b2b6e12eacf4f66d8bd9374ba3368230be9cfd62dcffcb5a5fddfbd1c6c26bf0","sha512":"0ef04a281e78f97947305a4a2ee0785c5302709930c0e2f36d52509b4ce1f3148d0cae0b03716cbd15cc9d1cb73f3968f126b310a8a78daf34bce718b2a81b30","ssdeep":"12288:DC+Kis4t0u2MVV71ZMXDjLS80gTMa/uXqu1UndqBvMB36Zwr43n/zJt0WRB/3EDZ:x2CV7ojLS83MV6uMdskB3Ma4L0WH/UDR","tlshash":"6f25cf1a65b394762c2371bd17eea448733ab047c81cde98becc1210cf867b8add6758","first_seen":"2026-03-08T13:41:09.441963Z","last_seen":"2026-03-18T19:03:26.806292Z","times_seen":3,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":98,"dns":72,"connect":9,"send":0,"wait":82,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/handlerr.js","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:56.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"GET /handlerr.js HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:56 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 571\r\nserver: cloudflare\r\nlast-modified: Sun, 30 Nov 2025 15:12:34 GMT\r\netag: \"652-644d14acbfc80-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BdVjfdl7wT%2BQ1FghfElOdos6H47BQNHBJnkzSYdZ%2F3Ac4wzXImg1aZkCc6WkGJilmuEBZa7iVpwhIxC2AS0u6Lv%2B9dbkGbYf5VUrJKElKuAVS2o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de67e9d1ea28a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"62d2240050c64b219e8a9994b381d115","sha1":"7701ef263a1c5789d4f28ab84d879005d5d3875e","sha256":"f257a89b992291be5f0cb49c0da1c5d88531ed1ce3b47797b56383c27430690e","sha512":"3a40ef28effccc2c220d697b319fc35c731c967e03cac3c591cc520d8025fafc99a39f13299a2096f43e1c228e7f5cc8e1c326d6bdc3a936e583f45e13a9710e","ssdeep":"","tlshash":"e631ed5e3de510022d33a3e845479225f918b92310e1f249be4c83591fb0d69d912fcc","first_seen":"2025-12-08T21:10:37.426939Z","last_seen":"2026-03-18T19:03:26.810115Z","times_seen":396,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/assets/js/vote-runtime.js","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:56.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"GET /assets/js/vote-runtime.js HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:56 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2841\r\nserver: cloudflare\r\nlast-modified: Sat, 18 Oct 2025 15:10:44 GMT\r\netag: \"1c68-6417041106500-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UIxGG3JdZtOOqmyANv%2BFraIDk302uD0iKOedm%2BKOjzcP8ZAU6iGWvNT7JqFQ5PNkUwONbfBuR1j6JwVPHTxPhGjqnwIZv6M%2Fct0iMorFIgMCluM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de67e9d1ea78a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7272,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (322)","md5":"89c545f62fdd56954c6df7d37f6ef8a3","sha1":"422bbe47268479c4e31b9a7be411aaeac8703bb6","sha256":"d4a6171bf18d72695767b0d7a070004273b01ed44682a8c929e78192847d9776","sha512":"2ae3416780759acae8b8c0639c9238908f91d39b87d0527c7fcb636dca30211bd3bda29ea2d02fdc79989f39d9eadb4990314f29a046424ff5e9505caaaf5bd3","ssdeep":"192:2SBErAbGRl2YsYnpUFJFI6bJtjvQ5C+4NWmNWDLvps/jEH:dfbGRl2YsYnpWfP9BWiWvR","tlshash":"82e1b55432fb113346fb54fb9a874092b22460177084cc8afe5dcbd01fe6e958ae79ad","first_seen":"2025-12-09T09:18:57.275156Z","last_seen":"2026-03-18T19:03:26.810982Z","times_seen":380,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xn--moonsho-9rb.xyz/images/moonshot-logo-full.png","fqdn":"xn--moonsho-9rb.xyz","domain":"xn--moonsho-9rb.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:57.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xn--moonsho-9rb.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 11:40:20 GMT","end":"Tue, 16 Jun 2026 11:40:19 GMT"},"fingerprint":{"sha1":"31:28:6C:40:F9:70:29:95:C2:86:F5:13:38:15:D1:48:46:5D:17:AB","sha256":"27:60:44:B0:E6:6C:41:D0:8D:65:59:46:A5:42:E2:26:5C:82:EB:4D:4C:8E:02:D4:50:82:CF:01:A9:91:AD:C8"}}},"request":{"raw":"GET /images/moonshot-logo-full.png HTTP/1.1\r\nHost: xn--moonsho-9rb.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 119657\r\nserver: cloudflare\r\nlast-modified: Sun, 19 Oct 2025 00:59:08 GMT\r\netag: \"1d369-641787958af00\"\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v4sqSmzCO6rJmB90u%2FxQK%2Fp4z8uBHnjq%2BNXQmuG6enP%2FMtw6XMG9470wCKctqMSA3AQlpJmrmc8Ozi5yimeFiOEcCTaqqQUb%2FIFVcho2R24VeaE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de67e9f5d348a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119657,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 249, 8-bit/color RGBA, non-interlaced","md5":"5832359875266f103263a8cd203a85de","sha1":"df1559cd3f12ee739e713cd25e4d790bf971b943","sha256":"3739919f051aea8c49dd006859732dcc68487659f40c1381fb4d1ee55343c457","sha512":"08756bc4205677a018f39f6a7d9527777ddb3f14d642bd51a402ef9b2ce585b06c1bcd9a26c0a9bf2d5fcfbcc7bb3fd9dbfb5a89225f5e33e39bb1c6715080b6","ssdeep":"3072:eA7DlBwHn3QWP18keJulaqlz8xTZ98tHiu2umy/C8z9Rr2:eA7kHn3QWP+keJyN2kVmy76","tlshash":"76c312b0c6bdfa736f14b13067365bad1d83d4e4a6c01890f47844aab12de554bb2fb2","first_seen":"2025-01-19T16:39:27.162338Z","last_seen":"2026-06-17T06:46:25.304286Z","times_seen":780,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"xn--moonsho-9rb.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pro.ip-api.com/json/?fields=61439\u0026key=q2SvnxYiNrfhgcW","fqdn":"pro.ip-api.com","domain":"ip-api.com","tld":"com"},"ip":{"addr":"51.77.64.70","port":443,"asn":16276,"as":"OVH SAS","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:57.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ip-api.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 06 Feb 2026 00:00:00 GMT","end":"Tue, 09 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"C4:3C:A1:3A:F5:DC:2D:C7:D5:63:0A:55:E7:E0:20:DB:85:D2:09:2E","sha256":"CD:A6:17:77:06:27:70:F3:87:D9:AD:87:F9:C2:2A:0F:63:3A:76:CB:2A:D8:A5:43:8D:51:F1:C5:6E:5D:49:89"}}},"request":{"raw":"GET /json/?fields=61439\u0026key=q2SvnxYiNrfhgcW HTTP/1.1\r\nHost: pro.ip-api.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xn--moonsho-9rb.xyz/\r\nOrigin: https://xn--moonsho-9rb.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccess-Control-Allow-Origin: *\r\nContent-Type: application/json; charset=utf-8\r\nDate: Wed, 18 Mar 2026 19:02:57 GMT\r\nContent-Length: 277\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":277,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7c895eb8e9e3774530c96ccf26efb5ce","sha1":"86b42c0fe43a7e38590e54e9b500b73a71fc24ef","sha256":"75da6bf1997b30d7a12d11c1db03a55e20917d9046d36dcc89bf6aa7a42090fa","sha512":"72bd80a05bf5b7c59bec31b94fae79410bb5ec353a3afd043cbda663711872a42dd9ba80359e099485be41796c0a7d0e6ea76933128e15a0d3ceb7f79ce674b4","ssdeep":"","tlshash":"7dd0c2ad00742e24b87ba28c920ec97737bc5009974a41918ae9b95ce6c879e7405a1b","first_seen":"2026-03-14T12:02:26.906238Z","last_seen":"2026-04-02T22:11:17.864177Z","times_seen":141,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":178,"dns":1,"connect":29,"send":0,"wait":30,"receive":0,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipfs.io/ipfs/Qmat1z8cZHmtc8QgPQMgEKDj8upy3ZprQ1RwbPQbqqnwa5","fqdn":"ipfs.io","domain":"ipfs.io","tld":"io"},"ip":{"addr":"209.94.90.1","port":443,"asn":40680,"as":"PROTOCOL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xn--moonsho-9rb.xyz/vote/2hAFnvmAcj7meNZYDxjK7hBdCWnDrfXt129CH1V8pump","date":"2026-03-18T19:02:57.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipfs.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 15:03:23 GMT","end":"Mon, 27 Apr 2026 16:03:19 GMT"},"fingerprint":{"sha1":"16:37:D6:0A:78:51:EB:99:5C:91:AE:A9:51:6B:28:6E:E2:74:CC:C8","sha256":"2B:72:87:59:6F:16:53:27:D3:92:29:A0:D2:F3:41:50:18:E7:CE:AA:72:5B:28:68:38:95:22:6D:75:0B:0D:35"}}},"request":{"raw":"GET /ipfs/Qmat1z8cZHmtc8QgPQMgEKDj8upy3ZprQ1RwbPQbqqnwa5 HTTP/1.1\r\nHost: ipfs.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xn--moonsho-9rb.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 19:02:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 1308647\r\nserver: cloudflare\r\ncf-ray: 9de67ea459dc76ef-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 54264\r\ncache-control: public, max-age=29030400, immutable\r\netag: \"Qmat1z8cZHmtc8QgPQMgEKDj8upy3ZprQ1RwbPQbqqnwa5\"\r\nvary: Accept-Encoding\r\naccess-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output\r\nx-ipfs-path: /ipfs/Qmat1z8cZHmtc8QgPQMgEKDj8upy3ZprQ1RwbPQbqqnwa5\r\nx-ipfs-pop: rainbow-rbx-16-102\r\nx-ipfs-roots: Qmat1z8cZHmtc8QgPQMgEKDj8upy3ZprQ1RwbPQbqqnwa5\r\nx-robots-tag: noindex, nofollow\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IPFS","description":"IPFS is a peer-to-peer hypermedia protocol that provides a distributed hypermedia web.","website":"https://ipfs.tech/","common_platform_enumeration":"","icon":"IPFS.svg","categories":["Network storage"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1308647,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced","md5":"99a580dd9d46fc154989235e0daeb744","sha1":"d22fb09f5e850a92432a0551a2db7fbd287c87b0","sha256":"71fde756e84fb29893c5c40a1794f559d96f19551b18867038881faa2ebf54c0","sha512":"fc83d47d56f215f0adcbdd84bce05c148b559bb71b8a6f262535b1a26ce73afbb28f329dc76156c4c3dad66195c01e94d68c773691e15b3dc9d6d9d0d63642c1","ssdeep":"24576:+K2gXQA9Syyoaqe3nFMDixYlBZpznWNYYG0tykDsMbo+TLRN1:+K2ggw0qEndYlBjjwy08kDsMbo+TLR3","tlshash":"b42523a3f4e928ba92a7c5af9203dceb9bd5150e9574c0967336030935af1b6e1713e0","first_seen":"2026-03-18T19:03:25.895393Z","last_seen":"2026-03-18T19:03:26.813572Z","times_seen":2,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":40,"dns":1,"connect":2,"send":0,"wait":37,"receive":61,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ipfs.io","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}