{"report_id":"33688a11-852f-493b-8e38-4307171a0ed8","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-03-04T20:54:27Z","url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"title":"Vote to Earn SOL | Moonshot","dom":{"size":48670,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15152)","md5":"c42c35b284de4340e9e8ba620e450ff9","sha1":"764884c88d9b6593626868fcd4b8755836ae38f0","sha256":"31f532f08f2cd3636c66bd25de90bf9975a8ca9e15e50ff06313355ebf02ee8f","sha512":"6337062212b03fffb59b25ed830ff46cece4b19758c67bfcd793d220c78c9749e79978e1e8477ba1e820bc825735ed437116dac40d12bc424d3d17ec82218ed0","ssdeep":"768:tsS/AhpTb+WbQVkalPfGViQh6jeQs0p/mFt0:tpAhpTsGcx/m8","tlshash":"6c23f86532f1043e5c9781f6ebe16b6e7a29e287ce1fc55db15d02406fc3e928ca3648","dom_hash":"domhashde3141ae410c1be11d0ef8ca4f308200","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T20:54:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":3,"urlquery":2,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T20:54:06Z","timestamp":1772657646,"ip_dst":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42744,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-03-04T20:54:06.055120+0000\",\"flow_id\":781557814953539,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":42744,\"dest_ip\":\"172.67.140.23\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"moon-shot.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-03-04T20:54:06.034371+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T20:54:07Z","timestamp":1772657647,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":44026,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T20:54:07.614524+0000\",\"flow_id\":1589801940654021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":44026,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":918,\"bytes_toclient\":4500,\"start\":\"2026-03-04T20:54:07.563141+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T20:54:07Z","timestamp":1772657647,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":44034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T20:54:07.618693+0000\",\"flow_id\":942034973071484,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":44034,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":918,\"bytes_toclient\":4500,\"start\":\"2026-03-04T20:54:07.563324+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-04","alert":"Detects file containing Telegram Bot API","trigger":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"cdn.dexscreener.com","ip":{"addr":"104.18.38.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-06-11","domain_rank":1560830,"first_seen":"2023-07-13T11:22:42Z","last_seen":"2026-03-02T20:27:42.125961Z","alert_count":0,"request_count":1,"received_data":614869,"sent_data":534,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-03-02T04:56:47.471326Z","alert_count":0,"request_count":2,"received_data":815942,"sent_data":818,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-01T22:18:12.522658Z","alert_count":0,"request_count":1,"received_data":15848,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.telegram.org","ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":206724,"first_seen":"2015-06-25T10:09:00Z","last_seen":"2026-02-27T20:05:35.942475Z","alert_count":0,"request_count":2,"received_data":1405,"sent_data":1123,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"moon-shot.icu","ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-03","domain_rank":0,"first_seen":"2026-03-04T20:54:28.874311Z","last_seen":"2026-03-04T20:54:28.874312Z","alert_count":2,"request_count":5,"received_data":728973,"sent_data":2641,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-01T22:15:00.771016Z","alert_count":0,"request_count":5,"received_data":246835,"sent_data":2765,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ipapi.co","ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2026-03-04T13:45:40.669464Z","alert_count":0,"request_count":1,"received_data":2488,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.dexscreener.com","ip":{"addr":"104.18.38.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-06-11","domain_rank":2085659,"first_seen":"2022-05-19T18:07:24Z","last_seen":"2026-02-28T22:41:54.275125Z","alert_count":0,"request_count":1,"received_data":6630,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"md5":"6a7a44e6a21ba6b56783ab78d22fb8a6","sha1":"0e2b017c35a71b17b3b9bdc35ef83658b98a9f40","sha256":"cf560c05e8c5354538b485044f8a94cf4b1d9809bdce1fc84c94cb65d6bfee75","sha512":"a446197da9e9efc0a10254aee0a47ca3d221ca354b0220ba18615aae49df754b8ccdcd0247918d927a46d2c8c945d2eea100cd728843a235c571b17f0f5e7a4c","size":10780,"token":"7699604831:AAG0UhkaM9sCHfNvn2NrAkv1AYTTMo1uGKo","is_revoked":false,"bot":{"token":"7699604831:AAG0UhkaM9sCHfNvn2NrAkv1AYTTMo1uGKo","user_id":"7699604831","username":"TwitterShdhsjhsBot","first_name":"Twitter","last_name":"","chat":{"chat_id":"-1002631734661","title":"FullWork","type":"supergroup","bot_is":"administrator","total_users":16,"active_members":null,"admins":[{"user_id":7699604831,"username":"TwitterShdhsjhsBot","first_name":"Twitter","last_name":"","is_bot":true},{"user_id":6093967758,"username":"Klasniypasasn27727","first_name":"Kim","last_name":"","is_bot":false},{"user_id":8295505035,"username":"","first_name":"","last_name":"","is_bot":false},{"user_id":7943997111,"username":"John777John","first_name":"John","last_name":"","is_bot":false},{"user_id":6424847572,"username":"","first_name":"Клим","last_name":"","is_bot":false},{"user_id":8279387209,"username":"heybroheybro","first_name":"☠️","last_name":"","is_bot":false}]},"pending_messages":21}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"230df10c500d9f5cb719442096a381cd","sha1":"4a25bd50f8204c643366bfe4a30822f596370432","sha256":"82989a5a1e6a5e4ff17f835682ce98d83d28d282f7b0e61b39535fe622c251c5","sha512":"4fc39a2ff5f5b56a93a6fa3d6f8b3347b787bb0dc8c70606ac3f0c26be501c3fcfd42dc39b291cc0db86b1ca6a961ab7643aaa0bee2b415f711108a90ff1a8ab","ssdeep":"","tlshash":"d9f0d8758ded06371992e111507d46126914544fdc057c2a7b5c32409f1c40c9ae9f4c","size":601,"data":"","first_seen":"2026-03-04T20:54:32.476427Z","last_seen":"2026-03-04T20:54:32.476427Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"61d300aaceb21964553895f8d9827978","sha1":"fa86ad07ca3e68aae091a183396f49e0a8b15259","sha256":"78c780a8f4d62fc77efaae81edd91ca184eb6c214e51e033c7cc4906e36d5276","sha512":"bf39001b0ad60fdd7624fead35a90684e438f2dea394d164942243cceb797448eac5083d7fc5625a86598074024cba57381fc85e1c17cc065915091a57a32512","ssdeep":"","tlshash":"65c0c060e0b4cd7d451c00e72074128a34c0183e0092d08bc3fcdc6724ccfc08a8c800","size":186,"data":"","first_seen":"2026-03-04T20:54:32.477144Z","last_seen":"2026-03-04T20:54:32.477144Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/secureproxy?s=%2Fipfs%2Ft3EYHG_aOeA_nKAeEjjkjA78a7cd6b545205a3191ccd0954cdffb2%3Ft%3D1772657646514","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a60ef3aa6500a59ca4fe4e70e2f4a97","sha1":"910e4b51b446d7d9595482d16e3c278d4ed95e61","sha256":"e02bf45eb4d0c1ab3bef44e099737dff058712faa91aab6f889749528bcd36cc","sha512":"bedfb40d2b2672d8fbc9f359f0fcc57628028f1fcab2bd1629d86ad4eb4da6b3164a94ee43a10eb02110db94ef49c88ca49f3f7eb5bb4286957ac3db71b54e89","ssdeep":"6144:QhmpMLJVVRvznB1lAGNb9Cy1LU3leMnHYQQaciA5RFTZZ6Gk1Hj3oeNRnxmc:/MLJVbrBhpUqIBB","tlshash":"c3c4a1c0870e1ffb5ea03aad1873a81fdf480dd4358fa954d7c218a2b645f42aad5f58","size":575864,"data":"","first_seen":"2026-03-04T20:54:32.473224Z","last_seen":"2026-03-04T20:54:32.473224Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-07T21:38:42.52131Z","times_seen":39735,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"ca47538621e85e9f977b5723181cbbc1","sha1":"5d4b2a75fb973d3d0c41c5f450704167f6d0b352","sha256":"a7041db96c57dc29bb94b6d0980a2cee7ef744b3f842bb020c57a39ac05d67bf","sha512":"3e557940e46be32dc3cbf7bef5329367fe5ae09154979576146e83d2cbb6fe023727976b989d24f27afdcacef317875bb349a6384c110cc4bee2d561aaa1a345","ssdeep":"","tlshash":"2f700082280a82080288802000a00b22202a200c0ac0a20c8c2000a0820a8a820300b0","size":25,"data":"","first_seen":"2023-04-11T08:24:11Z","last_seen":"2026-06-07T18:41:19.09031Z","times_seen":1949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a7a44e6a21ba6b56783ab78d22fb8a6","sha1":"0e2b017c35a71b17b3b9bdc35ef83658b98a9f40","sha256":"cf560c05e8c5354538b485044f8a94cf4b1d9809bdce1fc84c94cb65d6bfee75","sha512":"a446197da9e9efc0a10254aee0a47ca3d221ca354b0220ba18615aae49df754b8ccdcd0247918d927a46d2c8c945d2eea100cd728843a235c571b17f0f5e7a4c","ssdeep":"192:k3oM3cyY5iD171ph+LqZVcutmFg44Wxx7TpZRWEScj:k3oMpIomFP4Wxx39","tlshash":"0b22b76b33b314354ae73aba2bdb93443124d047694ad42d7a6c86940fd3f51e8b3bc8","size":10780,"data":"","first_seen":"2026-03-04T20:54:32.478511Z","last_seen":"2026-03-04T20:54:32.478511Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-04","alert":"Detects file containing Telegram Bot API","trigger":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"api.telegram.org/bot7699604831:AAG0UhkaM9sCHfNvn2NrAkv1AYTTMo1uGKo/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:07.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 25 Mar 2025 13:09:41 GMT","end":"Sun, 26 Apr 2026 13:09:41 GMT"},"fingerprint":{"sha1":"8B:AA:E2:A3:48:3C:0E:62:9D:B5:49:3A:BD:47:60:BA:AD:18:AA:8D","sha256":"80:58:CE:C7:28:68:D2:99:42:91:1E:43:06:54:D2:D6:F0:9C:DD:E2:F7:6F:68:A0:8A:EA:0C:15:FB:DB:8C:CD"}}},"request":{"raw":"POST /bot7699604831:AAG0UhkaM9sCHfNvn2NrAkv1AYTTMo1uGKo/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://moon-shot.icu/\r\nContent-Type: application/json\r\nContent-Length: 283\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Wed, 04 Mar 2026 20:54:07 GMT\r\ncontent-type: application/json\r\ncontent-length: 674\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":674,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0db4a49931baf4729364be2be22296a3","sha1":"d1e1d590da967fe7c77418d3b9c0987653b71b09","sha256":"5c3fa304fefdb7bb291b6f8e5b8725a808cb2fc494085333be3857f270a6f848","sha512":"6f817568cc5ed8a18eeeebd991a6674cc4e26ae9c8b2f4f7699597b340555ec7db77a5126b4a4993ed21e621fe971395b83d790b7785ec8c7e87e73f117b457f","ssdeep":"","tlshash":"d6017b6316044dae105d9fc688c32f4ac9b56023829ed850d89dab545380698f1272db","first_seen":"2026-03-04T20:54:32.467179Z","last_seen":"2026-03-04T20:54:32.467179Z","times_seen":1,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/vote/logo.png","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moon-shot.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 16:36:34 GMT","end":"Mon, 01 Jun 2026 16:36:33 GMT"},"fingerprint":{"sha1":"76:04:52:7A:9D:51:78:A6:5B:B1:A5:F9:C8:64:E2:68:DF:1D:E9:D4","sha256":"EC:FD:15:07:94:D7:FD:6B:EB:CB:E4:AC:82:EB:CC:BB:63:4B:3F:D2:22:5C:0F:B0:7C:78:46:AB:49:5E:87:44"}}},"request":{"raw":"GET /vote/logo.png HTTP/1.1\r\nHost: moon-shot.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 04 Mar 2026 20:54:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 119657\r\ncast-mode: default\r\nlast-modified: Wed, 04 Mar 2026 12:59:28 GMT\r\netag: \"69a82cb0-1d369\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zIcVEJ3yX3hS%2FfGNUW7%2Bsf%2FtTcHQ3U3uCm%2F78nx2upCe%2FRTNCadGkvwTdaDblyEIUp%2BmP1W4dRdxIYrRpw25XZNbAuZFN%2F%2BEAIu6JRE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d73c6314925f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119657,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 249, 8-bit/color RGBA, non-interlaced","md5":"5832359875266f103263a8cd203a85de","sha1":"df1559cd3f12ee739e713cd25e4d790bf971b943","sha256":"3739919f051aea8c49dd006859732dcc68487659f40c1381fb4d1ee55343c457","sha512":"08756bc4205677a018f39f6a7d9527777ddb3f14d642bd51a402ef9b2ce585b06c1bcd9a26c0a9bf2d5fcfbcc7bb3fd9dbfb5a89225f5e33e39bb1c6715080b6","ssdeep":"3072:eA7DlBwHn3QWP18keJulaqlz8xTZ98tHiu2umy/C8z9Rr2:eA7kHn3QWP+keJyN2kVmy76","tlshash":"76c312b0c6bdfa736f14b13067365bad1d83d4e4a6c01890f47844aab12de554bb2fb2","first_seen":"2025-01-19T16:39:27.162338Z","last_seen":"2026-06-06T23:47:52.460409Z","times_seen":766,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 04:27:56 GMT\r\nexpires: Fri, 26 Feb 2027 04:27:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 577570\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-07T21:34:54.625742Z","times_seen":205719,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":54,"dns":0,"connect":8,"send":0,"wait":11,"receive":11,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:07.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 15:59:25 GMT","end":"Sun, 17 May 2026 16:59:23 GMT"},"fingerprint":{"sha1":"37:8F:7A:B7:BF:60:24:8D:1C:83:4F:C2:59:C3:0A:0C:EE:B3:75:A5","sha256":"8D:E6:B5:3D:41:1D:D8:B2:FA:03:95:07:E2:54:7C:1F:A2:22:E9:05:05:5E:D2:99:7D:DF:46:3F:32:52:53:F9"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://moon-shot.icu/\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 20:54:07 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: POST, HEAD, OPTIONS, OPTIONS, GET\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://moon-shot.icu\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iIa7dmhPu%2BC4R3%2Faqm1McCRDNNYgIVCWehsps1JKc%2BuPrnlR8bmGxh%2Bd%2FSuiG0HframZ%2BA%2B2Zptn1ced8ommO49N8JNS%2BXw%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9d73c6377b385610-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e04f1469fffe997f86caaa7556ea45e3","sha1":"1d27c4b7717eb0815a21b1cc77b4ecfa46da686b","sha256":"de7561aa66cb3b68b9ca8c76e969396ca71f8b045e3dc76024fd96aae7cce322","sha512":"c2b87b634c6cded9140ef5ceb496f18359645a78fd5b19f9e1953d5f47d3d7a447c32b352720691f07853b90a0445fd1fe1d3cdad3e391e308b850bb0a7856a7","ssdeep":"","tlshash":"82012428e4680e7b88b80358b4686a07162422075f16354e7fd4874d0f8d8bf20b124e","first_seen":"2026-02-11T12:27:33.810968Z","last_seen":"2026-03-11T11:01:39.516772Z","times_seen":1299,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":52,"dns":20,"connect":9,"send":0,"wait":217,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 04:27:56 GMT\r\nexpires: Fri, 26 Feb 2027 04:27:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 577570\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-07T21:34:54.625742Z","times_seen":205719,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":63,"dns":2,"connect":22,"send":0,"wait":13,"receive":2,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.dexscreener.com/latest/dex/tokens/jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"api.dexscreener.com","domain":"dexscreener.com","tld":"com"},"ip":{"addr":"104.18.38.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dexscreener.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 02:42:49 GMT","end":"Sun, 26 Apr 2026 03:42:47 GMT"},"fingerprint":{"sha1":"EA:3A:CC:F0:58:31:D8:82:DD:90:88:D9:E2:47:C9:DE:99:A8:7D:70","sha256":"4B:39:97:86:5F:AC:80:42:4E:F8:21:24:18:C5:D9:10:D4:35:57:60:C8:6A:A9:21:C7:42:7D:41:22:F3:20:B0"}}},"request":{"raw":"GET /latest/dex/tokens/jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump HTTP/1.1\r\nHost: api.dexscreener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://moon-shot.icu/\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 20:54:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-ray: 9d73c6358ed323eb-OSL\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\netag: W/\"16d9-Q9qfz2v6eAUZ9n05eSzzCfLPuyY\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nexpires: Wed, 04 Mar 2026 20:54:37 GMT\r\ncache-control: public, max-age=30\r\nset-cookie: __cf_bm=IrqVxwPWAA6mdjgUpAUStZEAofRxpRrPijOiH51akwE-1772657647-1.0.1.1-RNSTVaz5NJ7uJuV40Jd3gOzXhvSMvzGm2G_KEoK2TK.7C67PA6BCfhD7rWXoezs71kRYE1iQnqMf6fm9kkX89Aja.kbNx4YHeMf9iv.CnTWwonVi8zklPag5clYQgmEg; path=/; expires=Wed, 04-Mar-26 21:24:07 GMT; domain=.dexscreener.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":5849,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"94ff28594ccb4d128f45ffd9c799b92b","sha1":"43da9fcf6bfa780519f67d39792cf309f2cfbb26","sha256":"b21ea06fc06f9ea34a1a0f2bd1cc683e1a71b4e60791ee4b3a3902965da21033","sha512":"22179d0ba4ef517a3361e09b89a09275671d917e82c842473f15e3328de3f48ce9c66791e65d9fdf6945aeb63f7a74f361db8eafa4e849e022138814d9d93b46","ssdeep":"96:/hlBDzeQRyCYtxmsD88zeuxGJCYtxmsDqczeQF65vCYtxmsD+Vzeu0gCYtxmsDZ:/jNeQRyCYvmeesGJCYvmweQECYvm/Re4","tlshash":"2bc195bb03d869af87856ea31ce6343c90d032435bbca58fd184dfae41d879b650f514","first_seen":"2026-03-04T20:54:32.470032Z","last_seen":"2026-03-04T20:54:32.470032Z","times_seen":1,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":53,"dns":32,"connect":1,"send":0,"wait":217,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dexscreener.com/cms/images/95a7371650eff76016f8f14c4587546fe4c71cfbc3b9696f5e90669bd2b15132?width=800\u0026height=800\u0026quality=90","fqdn":"cdn.dexscreener.com","domain":"dexscreener.com","tld":"com"},"ip":{"addr":"104.18.38.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:07.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dexscreener.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 02:42:49 GMT","end":"Sun, 26 Apr 2026 03:42:47 GMT"},"fingerprint":{"sha1":"EA:3A:CC:F0:58:31:D8:82:DD:90:88:D9:E2:47:C9:DE:99:A8:7D:70","sha256":"4B:39:97:86:5F:AC:80:42:4E:F8:21:24:18:C5:D9:10:D4:35:57:60:C8:6A:A9:21:C7:42:7D:41:22:F3:20:B0"}}},"request":{"raw":"GET /cms/images/95a7371650eff76016f8f14c4587546fe4c71cfbc3b9696f5e90669bd2b15132?width=800\u0026height=800\u0026quality=90 HTTP/1.1\r\nHost: cdn.dexscreener.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moon-shot.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 20:54:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 613850\r\nserver: cloudflare\r\ncf-ray: 9d73c6373bd8c272-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nage: 1146294\r\ncache-control: public, max-age=31536000\r\netag: \"cfR8fQJY8JewXO0ErtfGK9Gnsi5UDRFBISq1utimumDQ:864ef64e1ea96b38bd81011cbbb8504b\"\r\nlast-modified: Sat, 07 Feb 2026 13:32:32 GMT\r\nvary: Accept, Accept-Encoding\r\ncf-resized: internal=ok/h q=0 n=10+10 c=9+0 v=2026.2.9 l=613850 f=false c2=0\r\ncontent-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=vlTdYXUkWzZ68iSbSfGZvtSYzZNeW9H4UJ.gI.EwpfI-1772657647-1.0.1.1-dYp8pxCQrAE9ZsGFneLkrhjnxtsIVWrjIhhDh7YecIOwx_bjJU3AQOKOtB5iqToPumLCCGZR_ZCyaF4OOVpnZyeq08WGo5CYpuIRkAu57oDsBPh62DrbTqfPUg9vOd9_; path=/; expires=Wed, 04-Mar-26 21:24:07 GMT; domain=.dexscreener.com; HttpOnly; Secure; SameSite=None\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":613850,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced","md5":"864ef64e1ea96b38bd81011cbbb8504b","sha1":"2060afc35dd81a710ebc8fdae659f2661f3417bd","sha256":"219196bf39054b2edd5fdac1e2758c6b341d491e9fbf9927ab578fa9c834d815","sha512":"1003b1be31b1d8811521dee6df12f2a8ff69c7fe3f0010d254d5f9b18e513e8fab76269684a2c80499b0da5ce8f3bbd8aefb3bdc0fd218490afe8d17aee0a48a","ssdeep":"12288:JzQ1M5nuMgjA78l+8JDKld/L4F8xB+vFeW1DDd16fxJU3S82SxPr:B8M4GUgj/Ol4wDd16ZESixj","tlshash":"dad433c3cac5cf66130e27692064a9e86c98df27c381e762762cc9d97d5f08175923fa","first_seen":"2026-03-04T20:54:32.470932Z","last_seen":"2026-03-04T20:54:32.470932Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":38,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T20:54:05.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moon-shot.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 16:36:34 GMT","end":"Mon, 01 Jun 2026 16:36:33 GMT"},"fingerprint":{"sha1":"76:04:52:7A:9D:51:78:A6:5B:B1:A5:F9:C8:64:E2:68:DF:1D:E9:D4","sha256":"EC:FD:15:07:94:D7:FD:6B:EB:CB:E4:AC:82:EB:CC:BB:63:4B:3F:D2:22:5C:0F:B0:7C:78:46:AB:49:5E:87:44"}}},"request":{"raw":"GET /vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump HTTP/1.1\r\nHost: moon-shot.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 20:54:06 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 04 Mar 2026 12:59:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rdg4CQdlnGFRxf%2FAkXdw0aql7RPU4q%2FF8HE9Zq7GtY0YWZW2dPuzprZr84eknbOA2EVX26e%2FWJBvzfeqjfBW5t%2BsGbwxOg8hCw4EXnI%3D\"}]}\r\nage: 4\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9d73c62fea6fa0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27581,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (415)","md5":"585ea71a5a60f68af8475149843065c2","sha1":"5e38a02ced133aae199ce6f8957f7de4914d26a0","sha256":"9d42a68bfdad51bdd13d8752aa5508603d7653de60538f1819a07c8b15d23424","sha512":"8456708f5681bd91cef620da0d36dbf06835c955e6a6bb91c50bca222c4c07e9247dbbe8d01a4b6085a1a3c9b30fe2bfb92771c21c5389182e80c818c34e9734","ssdeep":"384:qMBoBttLE5LaKIHD+NIsG53oMpIomFP4Wxx3C:qp/xEBHI1s0p/mFtC","tlshash":"b1c2b66532f2153a00d396f2bbe6ab6a3a64d60bc94fc41c767c46d00fc7d81d8a36d8","first_seen":"2026-03-04T20:54:32.472235Z","last_seen":"2026-03-04T20:54:32.472235Z","times_seen":1,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":77,"dns":52,"connect":8,"send":0,"wait":18,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-04","alert":"Detects file containing Telegram Bot API","trigger":"moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"moon-shot.icu/secureproxy?s=%2Fipfs%2Ft3EYHG_aOeA_nKAeEjjkjA78a7cd6b545205a3191ccd0954cdffb2%3Ft%3D1772657646514","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moon-shot.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 16:36:34 GMT","end":"Mon, 01 Jun 2026 16:36:33 GMT"},"fingerprint":{"sha1":"76:04:52:7A:9D:51:78:A6:5B:B1:A5:F9:C8:64:E2:68:DF:1D:E9:D4","sha256":"EC:FD:15:07:94:D7:FD:6B:EB:CB:E4:AC:82:EB:CC:BB:63:4B:3F:D2:22:5C:0F:B0:7C:78:46:AB:49:5E:87:44"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2Ft3EYHG_aOeA_nKAeEjjkjA78a7cd6b545205a3191ccd0954cdffb2%3Ft%3D1772657646514 HTTP/1.1\r\nHost: moon-shot.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 04 Mar 2026 20:54:07 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"8c978-kQ5LUbRG19lZVILRbjwnjU7ZXmE\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=PhiSAz76KKAEXo4_LnMmnQ.js\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/04/2026 20:54:07\r\ncdn-edgestorageid: 879\r\ncdn-requestid: 6d5737ca5d1ee1f458371ebbd503b9b8\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mLKKT4%2BzrBgBT3sUD2%2B0hX6S8xFY31Xdn3f6ow2YCuTjVkyF23dMoEEPILmgwXJqOYCtdyyBB5RMNj6KCl4ZKfaVdg35ekRxlbebMr4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d73c632b951f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":575864,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"6a60ef3aa6500a59ca4fe4e70e2f4a97","sha1":"910e4b51b446d7d9595482d16e3c278d4ed95e61","sha256":"e02bf45eb4d0c1ab3bef44e099737dff058712faa91aab6f889749528bcd36cc","sha512":"bedfb40d2b2672d8fbc9f359f0fcc57628028f1fcab2bd1629d86ad4eb4da6b3164a94ee43a10eb02110db94ef49c88ca49f3f7eb5bb4286957ac3db71b54e89","ssdeep":"6144:QhmpMLJVVRvznB1lAGNb9Cy1LU3leMnHYQQaciA5RFTZZ6Gk1Hj3oeNRnxmc:/MLJVbrBhpUqIBB","tlshash":"c3c4a1c0870e1ffb5ea03aad1873a81fdf480dd4358fa954d7c218a2b645f42aad5f58","first_seen":"2026-03-04T20:54:32.473224Z","last_seen":"2026-03-04T20:54:32.473224Z","times_seen":1,"resource_available":true,"data":null}},"time_used":800,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":702,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 04:27:56 GMT\r\nexpires: Fri, 26 Feb 2027 04:27:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 577570\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-07T21:34:54.625742Z","times_seen":205719,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":59,"dns":1,"connect":22,"send":0,"wait":14,"receive":6,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 04:27:56 GMT\r\nexpires: Fri, 26 Feb 2027 04:27:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 577570\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-07T21:34:54.625742Z","times_seen":205719,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":63,"dns":1,"connect":21,"send":0,"wait":8,"receive":6,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/favicon.ico","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:07.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moon-shot.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 16:36:34 GMT","end":"Mon, 01 Jun 2026 16:36:33 GMT"},"fingerprint":{"sha1":"76:04:52:7A:9D:51:78:A6:5B:B1:A5:F9:C8:64:E2:68:DF:1D:E9:D4","sha256":"EC:FD:15:07:94:D7:FD:6B:EB:CB:E4:AC:82:EB:CC:BB:63:4B:3F:D2:22:5C:0F:B0:7C:78:46:AB:49:5E:87:44"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: moon-shot.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 04 Mar 2026 20:54:07 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 04 Mar 2026 12:59:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1QLHoGutoJi%2B6UV2Bp%2Bhk6rA0vVFmrpO%2BlIg2cK1BXiZrv%2FKCJOSamm9Qd2FaGZIgOuvGjriOdWIMWR7ExrSBkEYlxcNxDgDr83zy0U%3D\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9d73c6386a07f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":304,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"3f232733da85f4f972fb8b0f0b374e1c","sha1":"723c8c9440f6dc3e749c29fe0a80ec3fe6db45e5","sha256":"fd11e5272ac368c3049f027fdd0f156fc0a3491244aaadfadf8b75435a101ad0","sha512":"df56d9d6b0ff2c691073519ab0fef2dfb538e072bdaa3fb30c98f84357b14141b5bb31d1be1fdd59756ad1b7948073a993c4eeed313ae6f4739444812d7f0159","ssdeep":"","tlshash":"a9e0ebeb30a011091a709380ced0be04ecc32447048cc268f1c1f458aebcb2ac4cb2b3","first_seen":"2026-03-04T20:54:32.47405Z","last_seen":"2026-03-04T20:56:55.03798Z","times_seen":2,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot7699604831:AAG0UhkaM9sCHfNvn2NrAkv1AYTTMo1uGKo/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:07.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 25 Mar 2025 13:09:41 GMT","end":"Sun, 26 Apr 2026 13:09:41 GMT"},"fingerprint":{"sha1":"8B:AA:E2:A3:48:3C:0E:62:9D:B5:49:3A:BD:47:60:BA:AD:18:AA:8D","sha256":"80:58:CE:C7:28:68:D2:99:42:91:1E:43:06:54:D2:D6:F0:9C:DD:E2:F7:6F:68:A0:8A:EA:0C:15:FB:DB:8C:CD"}}},"request":{"raw":"OPTIONS /bot7699604831:AAG0UhkaM9sCHfNvn2NrAkv1AYTTMo1uGKo/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://moon-shot.icu/\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.18.0\r\ndate: Wed, 04 Mar 2026 20:54:07 GMT\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T21:34:24.355052Z","times_seen":16222068,"resource_available":true,"data":null}},"time_used":460,"timings":{"blocked":218,"dns":10,"connect":24,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"moon-shot.icu/secureproxy?s=%2Fjmpd%2F","fqdn":"moon-shot.icu","domain":"moon-shot.icu","tld":"icu"},"ip":{"addr":"172.67.140.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:08.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"moon-shot.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Mar 2026 16:36:34 GMT","end":"Mon, 01 Jun 2026 16:36:33 GMT"},"fingerprint":{"sha1":"76:04:52:7A:9D:51:78:A6:5B:B1:A5:F9:C8:64:E2:68:DF:1D:E9:D4","sha256":"EC:FD:15:07:94:D7:FD:6B:EB:CB:E4:AC:82:EB:CC:BB:63:4B:3F:D2:22:5C:0F:B0:7C:78:46:AB:49:5E:87:44"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: moon-shot.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump\r\ncontent-type: application/json\r\nContent-Length: 1435\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1435,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QB9AIxAyQACwCyAiIDLgDQAh4AAAECPAMAAO8nhn2XtsKCAccSzsgxFAhK9hzg9WkCAABR1dK6NACKhzrn56kUSdapepeXSNfNOKvN8kI4mSUt1Lr96Z5Xr9YPnlMj9N7cHOmK9xU4CnP-klWrMgANzryEzAxzlyMNtkV8hkQJ3WyUqND9Rxn9jlAfsr0kw67t2qqW2R5JlDv7BkZEs3XTqTbc0wWhoi4jOtNKh84Y1sf29HmbQrmbnkoR3QPgNHs0GClYSxh68M3vACIhVWc2lYn1EhLXzEOjR302mlEEyNiopCx7IBVBm6jK_Tsc1iXGEaZIvpFqQhhegEEJJFhDiIem1nJHng9_d2ZHlUkQ-kqILxzpFTu9qiYRPIm1i7DTPHmzMx1Pc9XSvN0wrDNz6SZyhQm6IG6XAimLZN56Ql0Nk3_j6Z-GsumdFsoGDpb2BRmDD7rcwt-tVclQbzXCnYdIgbcLRB_JvzZXYzYkYGnaUvfx8iYxT6ctdhfZw9eujTz9SsWIGLowut7UO7B09veKcpDAT88Rkd8R4Amjoct3Xb4oyxXQ875ptSLSdm_wHhy1eGezQYjKQjfvp_K-RN7OWTgMsyA90yuzOuYPGFnhaMgwEw0NGisVXkAWX0CFQaVTBIInHASEjV5IHzXHdDzR4eR1Kug-Bvz4PIuyw-5oTOLyzwOw61vRD_JujSDSm6nr-tDofLb47_AXp3MYxOxSs7BlaMJ8fxv-t0Xn8T3d6kV2bgmXxaEMjl1XKyh15uy6cR5hQrhbri-eP9Guk16mzFVGUrdEtjpPI-p3XZHOd-vxKe1Y9hrLZ9qQEUuvoHL2PQ81yY0wSam1PGAeckI4doh9PVJJexLkm1SE5AhQrAvXYLX3cqcXJiUAo_r6nIBXz9ngQLDNPp4tzHYVcPqIYddH5bPueyzL_kLz5BtxAvbp0xze5qxqj0a50aavWta4uMln76TPwzRrItVfK6yr6ddl0SKQOXI_MjTbT8dUDerbPT_17vdDHM2B7pOSOkWyYdzYKq-GDdfsnwcE0kMA2EkGM1PzwOaRtgGpJxWhX35zpdJwytKHGj1UdGPiscUgcneIl1LXfkqbmwLfQfqcA2gzpAwECCYzgCzMpHoLICkvx3EhYiAAEhwY5_mP31MXBYcqM2P13vxEC0q9v6f4JvcUx7delikkpTXII06uOdO9SRA\",\"challenge\":\"eyJpZCI6IktBVFNnaFJBRnNfSm4wdjNmVFFHZ1EiLCJub25jZSI6MjIyLCJoYXNoIjoiMDBjZDNhNDRhMTg2NTYwNTE4MjU3NjcwMWQ4ODhhY2NhNDFmN2U5MmZmMDYzODE4YTI2MzRmYmJlZWU0ODQ5MiJ9\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 04 Mar 2026 20:54:08 GMT\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1772657708390\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 03/04/2026 20:54:08\r\ncdn-edgestorageid: 879\r\ncdn-requestid: 3db2c3ef95d94e2b3c2b69b81e3894dd\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OdxuBK0unH%2Bd54n87OwZBsDwUcXBWQ%2FZUIed5Ya7ZiRcmZzDAU4uhB40TMat0XnufYac1IqZVMITNF0fdfNyL6aXkWxoYbjSGNN6QLs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d73c63d8ad3f3c7-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T21:34:24.355052Z","times_seen":16222068,"resource_available":true,"data":null}},"time_used":750,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":750,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 08:26:32 GMT","end":"Tue, 21 Apr 2026 09:26:27 GMT"},"fingerprint":{"sha1":"90:9B:CE:CB:FE:F2:C6:A9:53:13:5D:52:B6:07:F4:B4:84:28:97:60","sha256":"61:49:94:E8:FB:D1:24:14:DF:C9:92:BE:60:84:A8:D8:37:E3:89:DC:42:7B:0A:64:D3:F2:32:FD:D0:93:4C:4B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moon-shot.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 04 Mar 2026 20:54:06 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::vdjb8-1772657594437-2615a20d2b4a\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 51\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6MO3OeKoyoefH7Dn8G0k0Vl22As%2FL2w00ABGbRcLrAsM6GmBLsyFLX3rIfYDS2MY%2BgfiI%2BtwPfCD6317KaknVCr8DKzO3uEh774Nwx1d87Ui3w%3D%3D\"}]}\r\ncf-ray: 9d73c631a8a29cae-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T21:34:24.355052Z","times_seen":16222068,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":52,"dns":20,"connect":11,"send":0,"wait":11,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://moon-shot.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 04 Mar 2026 20:54:06 GMT\r\ndate: Wed, 04 Mar 2026 20:54:06 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15162,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"b8d3b4b9d4ee8cae44e2afcef48e7a93","sha1":"ea3c361f22fa31fb8612dd2ca30f1ac7ba03f75b","sha256":"7c966efd5a04f87920e8cef5c332c73b0d529b21c46fa312ff0020047d882c35","sha512":"7418cc24da4237fed57bbd3e92618985c30c29ab320908f146d0fe954c6a49e179007537480bfc7f2bf76e76a47da055c6cb6fb2744991e0c3a471c88fc06f08","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kCxHYNCbOO3L+:vXuM0p2+g7GQK","tlshash":"c2628892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-11T12:17:30.699497Z","last_seen":"2026-06-07T21:49:25.373656Z","times_seen":2397,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":62,"dns":1,"connect":7,"send":0,"wait":21,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 08:26:32 GMT","end":"Tue, 21 Apr 2026 09:26:27 GMT"},"fingerprint":{"sha1":"90:9B:CE:CB:FE:F2:C6:A9:53:13:5D:52:B6:07:F4:B4:84:28:97:60","sha256":"61:49:94:E8:FB:D1:24:14:DF:C9:92:BE:60:84:A8:D8:37:E3:89:DC:42:7B:0A:64:D3:F2:32:FD:D0:93:4C:4B"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://moon-shot.icu/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 20:54:06 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::crrwr-1770516958843-e8a5a5e1e05a\r\nlast-modified: Sun, 08 Feb 2026 02:15:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 2140686\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XINcWVrLdcFZ0YnM87nvoYFV7rl0PP5wtgNrJ3DMrV55h7RpRrlHUKyaoE22aDfRlP7605rr%2F7gmxjoJSBRpn5DXF5z7n%2BMpAjz%2BC0LKEs6HAg%3D%3D\"}]}\r\ncf-ray: 9d73c631c8d39cae-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-07T21:38:42.52131Z","times_seen":39735,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://moon-shot.icu/vote/?address=jkAWzPumRhJE2KyqVy4kB7m9KwXBeSEXnFAGoWtpump","date":"2026-03-04T20:54:06.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://moon-shot.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 04:27:56 GMT\r\nexpires: Fri, 26 Feb 2027 04:27:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 577571\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-07T21:34:54.625742Z","times_seen":205719,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":140,"dns":3,"connect":8,"send":0,"wait":8,"receive":3,"ssl":124},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}