{"report_id":"37025144-a90d-43ee-a19f-a6a866f3df78","version":6,"status":"done","tags":[],"date":"2026-01-02T23:52:06Z","url":{"schema":"http","addr":"go-moonshot.sbs","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":0,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"go-moonshot.sbs/","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"title":"Moonshot - Token Voting","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"go-moonshot.sbs","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":0,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-06T23:52:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"go-moonshot.sbs","ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":5,"received_data":39786,"sent_data":2200,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"tools.applemediaservices.com","ip":{"addr":"17.253.142.4","port":443,"asn":714,"as":"APPLE-ENGINEERING","country":"United States","country_code":"US"},"domain_registered":"2018-11-13","domain_rank":357597,"first_seen":"2020-01-10T22:07:45Z","last_seen":"2026-01-02T07:16:27.724525Z","alert_count":0,"request_count":1,"received_data":11119,"sent_data":498,"comment":"","tags":null,"fingerprints":null},{"fqdn":"luridness-gazing.fontmaxplugin.cc","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-02","domain_rank":0,"first_seen":"2025-12-30T22:10:24.030457Z","last_seen":"2025-12-30T22:10:24.030457Z","alert_count":12,"request_count":4,"received_data":678886,"sent_data":1935,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"toolbox.marketingtools.apple.com","ip":{"addr":"17.33.194.218","port":443,"asn":714,"as":"APPLE-ENGINEERING","country":"United States","country_code":"US"},"domain_registered":"1987-02-19","domain_rank":287040,"first_seen":"2024-09-10T08:11:40Z","last_seen":"2026-01-02T07:16:28.489377Z","alert_count":0,"request_count":1,"received_data":11847,"sent_data":502,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-28T22:17:10.032556Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"play.google.com","ip":{"addr":"142.251.38.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":48,"first_seen":"2013-05-30T23:24:35Z","last_seen":"2025-12-28T23:08:25.687005Z","alert_count":0,"request_count":1,"received_data":5734,"sent_data":488,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"go-moonshot.sbs/script.js","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"494354b59dac803fb4a5d8bd597f9123","sha1":"e1c4f82005cf94717988b2e63e9b07b214cc240e","sha256":"558d03083deeff8dae1defd0f74ce27397ff771d51fcb070bc29767d9b0c4622","sha512":"df14354194258833247d7defec431863614e9eb58f76948dc958c2fd2ad53677494566ebbf95eb180d833431d7e356de4d8f648b234cd4d08eced14a0d90b5c9","ssdeep":"192:+We7QIMc/mtM6dFgI1ILMBXaUVsiWYJL2osrCBYuYo+yuOwa0g/uAyQknd1i/VGH:cmognkLLsXLVsiWYJL2oVGbXAaENLejT","tlshash":"3192765d37f721245667a1bb6baf93182134e4176946cc287f8cc3844f92b60b9e7ac8","size":20487,"data":"","first_seen":"2025-12-30T22:10:28.658892Z","last_seen":"2026-01-07T06:15:22.526522Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luridness-gazing.fontmaxplugin.cc/_nuxt/assets/index.js","fqdn":"luridness-gazing.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"89abe9488d4f35cb12db177dc2630fa6","sha1":"8c38409f6e0c487b93ba9189f8e4e0344f4e11d9","sha256":"03c05f06e89bafa8807ca12537fffe4ed84bd0ab5dc88a86da15c9dc4ca05493","sha512":"796781dd8143c251e10eecbc685bd2b56da45acf2e8ef5584436c538772315eb4ccdbb773d3efa9f9ebf852eb253ee3f635b291f695e979fff9d3156affc1758","ssdeep":"12288:+u5Oe9uZs/7WS9+OQvR/THhNspgSqGPHKnjWJQt:h5p9u6/v+eiVnjWJG","tlshash":"37e4f9b3d06660e435757ed9ace02cb20def6470c80a1876a14fd9f7ef2286563e2e51","size":674454,"data":"","first_seen":"2025-12-31T23:15:32.728486Z","last_seen":"2026-01-05T03:38:25.622957Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-moonshot.sbs/","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"introduction_type":"Function","is_inline":false,"md5":"9954e43674af578668a6e7b70192de02","sha1":"81ac1165ee69ecf84d725b6139165db25020e227","sha256":"0429402c6513f8388d21119f3a44b48b23ff427de091821ee1661a99d85ecfc4","sha512":"4114b4445bd29316e45e15d19d39fc794b559dc19228a83af89895266ba9a39c6322e4864c5239e607bd2bd855b4de7f9ef62d75a46951802bb4816a3dfacc7c","ssdeep":"12288:Mr3BaFzmHp/5iqGd/hlZNi/a/s0mNyJVwlRQ:Mr3Ba0H3i6AJJVwlRQ","tlshash":"e9d41835e06624e9347a51ee7cc424c65e2f6870c4ce1e7ae19cd1f7ef22d6252a6f20","size":645721,"data":"","first_seen":"2025-12-31T23:15:32.740933Z","last_seen":"2026-01-05T03:38:25.622152Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"go-moonshot.sbs/","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-02T23:51:44.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-moonshot.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:57:41 GMT","end":"Wed, 25 Mar 2026 21:57:40 GMT"},"fingerprint":{"sha1":"4A:3D:62:DC:26:37:79:9D:27:24:35:B2:95:48:A1:86:A5:0C:BD:AA","sha256":"56:1C:FE:B8:5B:37:B3:91:73:C0:F7:FE:68:55:DF:36:30:A6:DC:8A:6A:B3:A3:7B:21:5B:CC:FC:5D:7C:95:3E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: go-moonshot.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 02 Jan 2026 23:51:44 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nCache-Control: public, max-age=0\r\nLast-Modified: Thu, 25 Dec 2025 22:49:41 GMT\r\nETag: W/\"16fb-19b57b42158\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}],"data":{"size":5883,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (598)","md5":"b99c4425d6ad53dbb5aa69fffcbdde4d","sha1":"86a08e9ed9e284e7ee31fd3eee360c5470c886b7","sha256":"c6ad4cb08baa8f6ced993b69689fb87b08414f501b56ed53fc33272b2298bc38","sha512":"0a3a8ef18a400a14f5b7c532dcbaef27f455a94dc36449451d307cefe0589646f50a4aeb5222c465aa91edc7768581f10dc47a0ed1c6c260d1b5a1962da0b49a","ssdeep":"96:TcD/offLOnWXjGXTiqFNUS6qS+1QzC9bJ0tG1l4CRx:TcroHLOnWzqTioO+/B/Rx","tlshash":"8bc121a0a1f2023301a2c4c3ea966b1b7ed2da9bcb8a410077fd46d45fcad67ec47159","first_seen":"2025-12-30T22:10:28.667047Z","last_seen":"2026-01-04T21:40:54.594967Z","times_seen":3,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":105,"dns":45,"connect":25,"send":0,"wait":27,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us?size=250x83","fqdn":"tools.applemediaservices.com","domain":"applemediaservices.com","tld":"com"},"ip":{"addr":"17.253.142.4","port":443,"asn":714,"as":"APPLE-ENGINEERING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:44.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple401k.com","organization":"Apple Inc."},"issuer":{"commonName":"Apple Public Server RSA CA 11 - G1","organization":"Apple Inc."},"validity":{"start":"Tue, 04 Nov 2025 03:51:03 GMT","end":"Mon, 02 Feb 2026 04:01:03 GMT"},"fingerprint":{"sha1":"73:E6:89:AE:B4:AE:1B:21:AB:25:51:3B:0E:A0:32:01:F5:59:C5:72","sha256":"95:10:95:61:6A:1E:6B:5F:4B:6C:FC:1B:79:16:C4:53:5B:E5:10:BF:BB:BD:79:4D:EB:62:ED:A3:99:BF:CA:F6"}}},"request":{"raw":"GET /api/badges/download-on-the-app-store/black/en-us?size=250x83 HTTP/1.1\r\nHost: tools.applemediaservices.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nLocation: https://toolbox.marketingtools.apple.com/api/badges/download-on-the-app-store/black/en-us?size=250x83\r\nReferer: https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us\r\nServer: purple\r\nDate: Fri, 02 Jan 2026 23:51:45 GMT\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":10804,"size_decoded":0,"mime_type":"image/svg+xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":1080,"timings":{"blocked":480,"dns":12,"connect":110,"send":0,"wait":110,"receive":0,"ssl":364},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-moonshot.sbs/script.js","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:44.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-moonshot.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:57:41 GMT","end":"Wed, 25 Mar 2026 21:57:40 GMT"},"fingerprint":{"sha1":"4A:3D:62:DC:26:37:79:9D:27:24:35:B2:95:48:A1:86:A5:0C:BD:AA","sha256":"56:1C:FE:B8:5B:37:B3:91:73:C0:F7:FE:68:55:DF:36:30:A6:DC:8A:6A:B3:A3:7B:21:5B:CC:FC:5D:7C:95:3E"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: go-moonshot.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 02 Jan 2026 23:51:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 20487\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Thu, 25 Dec 2025 22:49:41 GMT\r\nETag: W/\"5007-19b57b42158\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":20487,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"494354b59dac803fb4a5d8bd597f9123","sha1":"e1c4f82005cf94717988b2e63e9b07b214cc240e","sha256":"558d03083deeff8dae1defd0f74ce27397ff771d51fcb070bc29767d9b0c4622","sha512":"df14354194258833247d7defec431863614e9eb58f76948dc958c2fd2ad53677494566ebbf95eb180d833431d7e356de4d8f648b234cd4d08eced14a0d90b5c9","ssdeep":"192:+We7QIMc/mtM6dFgI1ILMBXaUVsiWYJL2osrCBYuYo+yuOwa0g/uAyQknd1i/VGH:cmognkLLsXLVsiWYJL2oVGbXAaENLejT","tlshash":"3192765d37f721245667a1bb6baf93182134e4176946cc287f8cc3844f92b60b9e7ac8","first_seen":"2025-12-30T22:10:28.658892Z","last_seen":"2026-01-07T06:15:22.526522Z","times_seen":7,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luridness-gazing.fontmaxplugin.cc/api/is-banned","fqdn":"luridness-gazing.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:45.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 11:56:15 GMT","end":"Tue, 31 Mar 2026 12:53:57 GMT"},"fingerprint":{"sha1":"D6:83:D3:47:74:B7:E6:E8:64:9F:3A:41:17:FB:3D:04:E3:31:CD:3A","sha256":"B2:34:93:2F:CD:A1:EE:01:BA:D9:22:2A:A0:39:00:C1:F8:DB:B3:73:29:23:8A:62:B5:3B:7A:FB:4B:52:53:83"}}},"request":{"raw":"GET /api/is-banned HTTP/1.1\r\nHost: luridness-gazing.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://go-moonshot.sbs/\r\nOrigin: https://go-moonshot.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 23:51:45 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncache-control: private, max-age=300\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bY2nmj0jwkQ4AKduPVHU91e0NRSxkNvB3vSnO7W3O%2FIBJk1UB0Zevj5ZL3q6CxYTcjdBJETnaMHzcYcmcUnLspKRgJFgqta9hoBDXoqGze00y%2BioSs1b1j8BJseaHYWACA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b7e2a8dfddb8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/json","magic":"very short file (no magic)","md5":"cfcd208495d565ef66e7dff9f98764da","sha1":"b6589fc6ab0dc82cf12099d1c2d40ab994e8410c","sha256":"5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9","sha512":"31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-03-07T01:37:31Z","last_seen":"2026-06-13T19:33:34.406539Z","times_seen":114877,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"toolbox.marketingtools.apple.com/api/badges/download-on-the-app-store/black/en-us?size=250x83","fqdn":"toolbox.marketingtools.apple.com","domain":"apple.com","tld":"com"},"ip":{"addr":"17.33.194.218","port":443,"asn":714,"as":"APPLE-ENGINEERING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:45.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"toolbox.marketingtools.apple.com","organization":"Apple Inc."},"issuer":{"commonName":"Apple Public Server RSA CA 11 - G1","organization":"Apple Inc."},"validity":{"start":"Sun, 16 Nov 2025 20:56:47 GMT","end":"Tue, 10 Feb 2026 19:21:05 GMT"},"fingerprint":{"sha1":"84:78:77:67:FB:0B:55:A0:DA:4A:2F:75:BB:ED:0F:16:CB:75:A9:75","sha256":"7F:E9:06:55:C5:4B:D4:C8:F5:5A:44:5B:B9:88:3E:D7:0C:5D:4A:EA:30:54:65:4A:F9:DC:19:62:EC:02:40:9C"}}},"request":{"raw":"GET /api/badges/download-on-the-app-store/black/en-us?size=250x83 HTTP/1.1\r\nHost: toolbox.marketingtools.apple.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://go-moonshot.sbs/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Apple\r\ndate: Fri, 02 Jan 2026 23:51:46 GMT\r\ncontent-type: image/svg+xml\r\ncontent-security-policy: default-src 'self';  script-src 'self' 'unsafe-inline';  style-src 'self' 'unsafe-inline' https://www.apple.com;  connect-src 'self';  img-src 'self' blob: data: https://toolbox.marketingtools.apple.com https://tools.applemediaservices.com https://apple-resources.s3.amazonaws.com https://*.mzstatic.com;  font-src 'self' https://www.apple.com;  object-src 'none';  base-uri 'self';  form-action 'self';  frame-ancestors 'self';  upgrade-insecure-requests;  frame-src 'self' https://embed.podcasts.apple.com https://embed.music.apple.com https://embed.tv.apple.com;  media-src 'self' https://audio-ssl.itunes.apple.com;\r\nvary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url\r\ncache-control: public, max-age=604800\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":10804,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2928664fe1fc6aca88583a6f606d60ba","sha1":"2f2fe1cbd0563b3ce3ea79fcdf1549ed244b3993","sha256":"a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f","sha512":"7d6f8b7e54a4da3cf81c767b4aa40c3b04bafe35f2dd77b85944de4442f0b1dd1a8eda0175deb4652cf055094acdc0d4b6e38abe51c52a3dfbf887481315b347","ssdeep":"192:v6+WE7QxvAjShzwzb7M1/myAYUNNdZnvGuQTF4U:v6+Pkxv44q/EH10U","tlshash":"7122a3b753748ad262d183c52d2e27a83b74a5feb22042c4778f155abf429b35439cd2","first_seen":"2023-05-03T18:10:19Z","last_seen":"2026-06-13T13:44:11.4907Z","times_seen":7363,"resource_available":false,"data":null}},"time_used":1311,"timings":{"blocked":572,"dns":14,"connect":161,"send":0,"wait":164,"receive":0,"ssl":397},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luridness-gazing.fontmaxplugin.cc/api/visit?origin=go-moonshot.sbs","fqdn":"luridness-gazing.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:46.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 11:56:15 GMT","end":"Tue, 31 Mar 2026 12:53:57 GMT"},"fingerprint":{"sha1":"D6:83:D3:47:74:B7:E6:E8:64:9F:3A:41:17:FB:3D:04:E3:31:CD:3A","sha256":"B2:34:93:2F:CD:A1:EE:01:BA:D9:22:2A:A0:39:00:C1:F8:DB:B3:73:29:23:8A:62:B5:3B:7A:FB:4B:52:53:83"}}},"request":{"raw":"POST /api/visit?origin=go-moonshot.sbs HTTP/1.1\r\nHost: luridness-gazing.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://go-moonshot.sbs/\r\nOrigin: https://go-moonshot.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 02 Jan 2026 23:51:46 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=waP%2BXJrm%2BpDvD%2BjcpW6Q6V3d9O7FVakuckJdzyjPCTUnoo62n6S91qpSCrlu5fMd0lkecsyIkPM9JEq3SfVl6B%2FTVCcj3ROHxSHJkxYdmNULwbpFZJtSP4W93r%2BP5NM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b7e2a947a39b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-13T19:33:18.471037Z","times_seen":425353,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-moonshot.sbs/style.css","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:44.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-moonshot.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:57:41 GMT","end":"Wed, 25 Mar 2026 21:57:40 GMT"},"fingerprint":{"sha1":"4A:3D:62:DC:26:37:79:9D:27:24:35:B2:95:48:A1:86:A5:0C:BD:AA","sha256":"56:1C:FE:B8:5B:37:B3:91:73:C0:F7:FE:68:55:DF:36:30:A6:DC:8A:6A:B3:A3:7B:21:5B:CC:FC:5D:7C:95:3E"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: go-moonshot.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 02 Jan 2026 23:51:44 GMT\r\nContent-Type: text/css\r\nContent-Length: 10800\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Thu, 25 Dec 2025 22:49:41 GMT\r\nETag: W/\"2a30-19b57b42158\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10800,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"17d8914c1660d0d989641fada8209803","sha1":"b6c806c85b85610052abe374da091e04cfa3ce80","sha256":"3c81516531cbfbbb9657ad1dc530ce89de77dd1eda0f6c47842c4f3b3adc67c6","sha512":"31c318cdc3248c22943cd0fa82e3849631a7981dc346d85a91fec9c90b2cd57e4a78d4290ae07c51c076317c0f0946c105efb5b0fc8c06a32aaebb05151ce683","ssdeep":"192:UUc+SiC4+SCCSdIadlvH/FMZkBXc51t/FC+d0htn0EjEYJfx35Yuk05McAeoeXLz:NWqP3Qd40cy","tlshash":"8222439b6aa71845b41be4946ff78721636cd883810ed9bc3fcc318c8f452d99466f4d","first_seen":"2025-12-30T22:10:28.66962Z","last_seen":"2026-01-07T06:15:22.533146Z","times_seen":7,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luridness-gazing.fontmaxplugin.cc/_nuxt/assets/index.js","fqdn":"luridness-gazing.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:44.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 11:56:15 GMT","end":"Tue, 31 Mar 2026 12:53:57 GMT"},"fingerprint":{"sha1":"D6:83:D3:47:74:B7:E6:E8:64:9F:3A:41:17:FB:3D:04:E3:31:CD:3A","sha256":"B2:34:93:2F:CD:A1:EE:01:BA:D9:22:2A:A0:39:00:C1:F8:DB:B3:73:29:23:8A:62:B5:3B:7A:FB:4B:52:53:83"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: luridness-gazing.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://go-moonshot.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 23:51:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 31 Dec 2025 17:16:51 GMT\r\netag: W/\"69555a83-a4fc6\"\r\ncache-control: public, max-age=300, must-revalidate\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5aocDTtNwhsZUSXNeVvD4I97aLpk%2Fp3tLBTCX6E46JysIsrEAxbO0FpJ%2BY6%2Bfk9fbG6YiYmgPXMXteVVFlnfHWjUrbAt%2F8VYEU0lIjiH%2FzKoKucJW%2Bfqd937P5zcr2DECw%3D%3D\"}]}\r\ncf-ray: 9b7e2a896a968be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":675782,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (57266), with no line terminators","md5":"6ef121c7f074361d92056379e0439bc1","sha1":"4e1f14ebec1505a5eca2f40ec2abd9002d33eda1","sha256":"b93b52111c65a71b6b610408ff1879fc41485c4c35ae47b466ec1dfcb32ee1ac","sha512":"a6eaa363d94b60e7e2f7984d4318802445b0b3ad5e3ec2bbc16f5dbbc8acf72767614995a187d72668f68580cce5f7622a9e830eca18898e75954ca2c249433f","ssdeep":"12288:+u5Oe9uZs/7WROQvR/THhNspgSqGPHKnjWJQt:h5p9u6/+eiVnjWJG","tlshash":"65e40ab3e05761e435717ed9ace02cb20cfe68b0c80a597aa24bc9f6df11c6563d2e51","first_seen":"2026-01-02T23:52:11.30813Z","last_seen":"2026-01-02T23:52:11.30813Z","times_seen":1,"resource_available":false,"data":null}},"time_used":397,"timings":{"blocked":52,"dns":39,"connect":1,"send":0,"wait":283,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:45.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 02 Jan 2026 23:51:45 GMT\r\ndate: Fri, 02 Jan 2026 23:51:45 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-06-13T18:53:31.946366Z","times_seen":30193,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":171,"dns":0,"connect":29,"send":0,"wait":49,"receive":0,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"luridness-gazing.fontmaxplugin.cc/api/config","fqdn":"luridness-gazing.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:45.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 11:56:15 GMT","end":"Tue, 31 Mar 2026 12:53:57 GMT"},"fingerprint":{"sha1":"D6:83:D3:47:74:B7:E6:E8:64:9F:3A:41:17:FB:3D:04:E3:31:CD:3A","sha256":"B2:34:93:2F:CD:A1:EE:01:BA:D9:22:2A:A0:39:00:C1:F8:DB:B3:73:29:23:8A:62:B5:3B:7A:FB:4B:52:53:83"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: luridness-gazing.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://go-moonshot.sbs/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://go-moonshot.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 02 Jan 2026 23:51:45 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lHTbA3nZpWwHUAOZ8btaBENlHD0RqmgdYZMq%2Fz9jPnJ%2BLIukPyjgcRGIVYbBCUhCR%2BhtS2HRTG7goKVZz7j1grs1ChuTgMpy263DOtj13Xu0Ht7MX8dIX2hqU8poPNcffg%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b7e2a8dfdde8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":175,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"81d0d45eb30f605bb77a294c3dc0d8c3","sha1":"645f5703595ee04d368478006104830c0fb21663","sha256":"462eff33a8adb9b03f9f91c9701655a61ef136ad086b5f33a9759a34de0e0240","sha512":"ddebed95806a42e3f41da4270fc83b7f5e41233fd4a0f201e7c08bd46d5908fcf1cbad4b98702514b9465befe6b4a020d5135e21417cf61325c703873c45b2d5","ssdeep":"","tlshash":"a1d02b3b86dc121075815c57c76c198c27460163d6df09984709a8c554994896ab5ac4","first_seen":"2026-01-02T23:52:11.309738Z","last_seen":"2026-01-02T23:52:11.309738Z","times_seen":1,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-02","alert":"Sinkholed","trigger":"luridness-gazing.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png","fqdn":"play.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.38.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:45.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /intl/en_us/badges/static/images/badges/en_badge_web_generic.png HTTP/1.1\r\nHost: play.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"uxe-owners-acl/play_google\"\r\nreport-to: {\"group\":\"uxe-owners-acl/play_google\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google\"}]}\r\ncontent-length: 4904\r\ndate: Fri, 02 Jan 2026 23:51:46 GMT\r\nexpires: Fri, 02 Jan 2026 23:51:46 GMT\r\ncache-control: private, max-age=0\r\nlast-modified: Thu, 04 Aug 2022 06:08:00 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4904,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 646 x 250, 8-bit colormap, non-interlaced","md5":"1e91d02cf5a902f38f2923c006d79281","sha1":"cb8126b32c2274e0394246b40bd0b7f9f847e44c","sha256":"f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849","sha512":"54b69544dc55addc0b2ddc08418d1a0a34240697070fe47feae9e915c70d33ef662ce1b7154cbcad84019d22f3291f138cc7298224d381cc740c2097478d4042","ssdeep":"96:OdBnjzG7DZTxqIfy33nn/qf46vhPQuAgul5SZBsj51v1f:OdBnjwDZTx5fy33no4ShRjuX2sd1vt","tlshash":"b0a18e8f3e019ae0faca1277c6d3c835e4206c672c3767045a82f2ef51a25e7493e566","first_seen":"2023-05-03T20:05:42Z","last_seen":"2026-06-13T09:31:24.952135Z","times_seen":1681,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":57,"dns":30,"connect":7,"send":0,"wait":17,"receive":2,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-moonshot.sbs/favicon.svg","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:45.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-moonshot.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:57:41 GMT","end":"Wed, 25 Mar 2026 21:57:40 GMT"},"fingerprint":{"sha1":"4A:3D:62:DC:26:37:79:9D:27:24:35:B2:95:48:A1:86:A5:0C:BD:AA","sha256":"56:1C:FE:B8:5B:37:B3:91:73:C0:F7:FE:68:55:DF:36:30:A6:DC:8A:6A:B3:A3:7B:21:5B:CC:FC:5D:7C:95:3E"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: go-moonshot.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 02 Jan 2026 23:51:45 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 510\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Thu, 25 Dec 2025 22:49:41 GMT\r\nETag: W/\"1fe-19b57b4215c\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":510,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"95940596438551e4f5943405f3afd431","sha1":"7cb536df2518936e5929cf34ebc609fd452a3e1e","sha256":"f82736817e9c851b846512d1b38a7e0a67d8c673d50ee5ca98b14e4ea929ffe3","sha512":"f911e27085655f129c30adf285c6be5fe6a6bdcb68d8b6c61a127e5b6a0f1052997cdb453da8ad2baa6c745d75c7a4bfc34a7fda3b9cb59f46e3bf35c8e582f2","ssdeep":"","tlshash":"97f09e25c2d94523c50cc745eb00b435674ec6d39bd1c550f4986b0d67958f3268b3a8","first_seen":"2025-12-30T22:10:28.654546Z","last_seen":"2026-01-07T06:15:22.535546Z","times_seen":7,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-moonshot.sbs/favicon.svg","fqdn":"go-moonshot.sbs","domain":"go-moonshot.sbs","tld":"sbs"},"ip":{"addr":"77.105.161.161","port":443,"asn":215428,"as":"Mykyta Skorobohatko","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-moonshot.sbs/","date":"2026-01-02T23:51:45.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-moonshot.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:57:41 GMT","end":"Wed, 25 Mar 2026 21:57:40 GMT"},"fingerprint":{"sha1":"4A:3D:62:DC:26:37:79:9D:27:24:35:B2:95:48:A1:86:A5:0C:BD:AA","sha256":"56:1C:FE:B8:5B:37:B3:91:73:C0:F7:FE:68:55:DF:36:30:A6:DC:8A:6A:B3:A3:7B:21:5B:CC:FC:5D:7C:95:3E"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: go-moonshot.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://go-moonshot.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Fri, 02 Jan 2026 23:51:45 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 510\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Thu, 25 Dec 2025 22:49:41 GMT\r\nETag: W/\"1fe-19b57b4215c\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":510,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"95940596438551e4f5943405f3afd431","sha1":"7cb536df2518936e5929cf34ebc609fd452a3e1e","sha256":"f82736817e9c851b846512d1b38a7e0a67d8c673d50ee5ca98b14e4ea929ffe3","sha512":"f911e27085655f129c30adf285c6be5fe6a6bdcb68d8b6c61a127e5b6a0f1052997cdb453da8ad2baa6c745d75c7a4bfc34a7fda3b9cb59f46e3bf35c8e582f2","ssdeep":"","tlshash":"97f09e25c2d94523c50cc745eb00b435674ec6d39bd1c550f4986b0d67958f3268b3a8","first_seen":"2025-12-30T22:10:28.654546Z","last_seen":"2026-01-07T06:15:22.535546Z","times_seen":7,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}