{"report_id":"6808fe86-5658-4a2c-a50f-91c9b651c269","version":6,"status":"done","tags":[],"date":"2026-03-23T09:04:40Z","url":{"schema":"http","addr":"hub0g.signinpath.com","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":0,"asn":0,"as":"","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"https","addr":"hub0g.signinpath.com/","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"title":"Get more out of your crypto with MetaMask Rewards","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hub0g.signinpath.com","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":0,"asn":0,"as":"","country":"Iran","country_code":"IR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-27T09:04:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-23T09:04:16Z","timestamp":1774256656,"ip_dst":{"addr":"Client IP","port":37042,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 36","source":"{\"timestamp\":\"2026-03-23T09:04:16.316238+0000\",\"flow_id\":1613531200916107,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"185.93.89.91\",\"src_port\":443,\"dest_ip\":\"172.18.0.6\",\"dest_port\":37042,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400035,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 36\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-03-23T09:04:16.297611+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"hub0g.signinpath.com","ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":90,"request_count":45,"received_data":5856343,"sent_data":20497,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Contentful","description":"Contentful is an API-first content management platform to create, manage and publish content on any digital channel.","website":"https://www.contentful.com","common_platform_enumeration":"","icon":"Contentful.svg","categories":["CMS"]}]},{"fqdn":"metamask.io","ip":{"addr":"172.64.147.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-07-02","domain_rank":3456,"first_seen":"2015-11-15T17:16:41Z","last_seen":"2026-03-17T23:31:52.65644Z","alert_count":0,"request_count":1,"received_data":5031,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hub0g.signinpath.com/","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"eval","is_inline":false,"md5":"fe727f21725ed790bceed411129abcd1","sha1":"8d1548ec54678928e87197d93db368d70af2f95e","sha256":"e78693fa7dec366950dc3b42097842cccb495188fbe047bf30c215018258fb3e","sha512":"f91cf25f1bd2c79430de68027bfef95e0b3c4cb35046933fa0a227f8898b3205742c6d197f07e323990f09ea234b3fc56a681bc65111ec796a7a2af0dbe78ce7","ssdeep":"768:cvuocfpP0ls6aEQcfugcaOqYwIZ97aoAtKcCTAZiocRyn:0EpmhU01ZR","tlshash":"aa1395e0664bd0e89e1611ded033e801f06819abceacf093e92dddc2752df26859757b","size":45132,"data":"","first_seen":"2026-03-23T09:04:47.091205Z","last_seen":"2026-03-23T09:04:47.091205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/nlne8sc.php","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ccbb3e3c783604a7ee092f8bc45d745","sha1":"6726b409f5140ab264646247ba5f94b79a0c8f74","sha256":"f340b09e507e9a0fa4db886049ae1d86c0ce734f7c06c02a9e0909dde03ab59a","sha512":"d717193a09fdfddc40751b8da38e4b5279ae46123b6accb87d6f88d317e0f33a903bc3af4aad3680c334e63ee1e62c6d5deb70f1632bf949efe1df1730fb0f01","ssdeep":"1536:Nv5KrjUNu4TURfFrsGsjVMri1LhVDsjG7h/k6nq3ZvmcfH:NvgRvRRsjjVMoVDm33ZvmQH","tlshash":"e804a6c656d150947e0952ad8ce39c88e4248e137d9ce0a7d7ddfed4632af6280c73ab","size":186996,"data":"","first_seen":"2026-03-23T09:04:47.088886Z","last_seen":"2026-03-23T09:04:47.088886Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/4fbb6693-4d54-4e81-903f-eb66ba9db6d5","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f11bcdc7b7757c117a8de0db3a4c25b8","sha1":"962e4d08a960106c829d0f9d492d7b891927adab","sha256":"b60b89c0c92cf57329c8590a2c5540cece4def64e4e7bf04f2d39b8ffa3b2748","sha512":"7461553dadb09db423bda8c47a58f8cdade82aa710a0f4415cde912e7a88cd4471ea86aa58a2e5097c90e2cb45ac410104019c56a04c35955e827f0bb0796040","ssdeep":"6144:vkWGL6BSn5NGCk3zi0mCw8wLPNU2HZjGfty3:cjkSnv1k20mCwFnHRGfty3","tlshash":"1044810609ac4f7986ec22e015f72cc401794e0ad9dc3cbfb9ada1579e25bd6e0c279d","size":259964,"data":"","first_seen":"2025-07-13T03:04:16.940864Z","last_seen":"2026-06-13T15:26:27.77669Z","times_seen":5042,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"76244d8526da359429886b03a7ada498","sha1":"90415cd87cc2f928fc8e16b7740dfb09f7e5bc10","sha256":"3f699786f5f750c5ee9696bce7941003b51f5e5628b55aa6ca59917195d8b490","sha512":"3ba24210155df81c4378587bf70fa4a66f8eb44e60d01deca3b32a8ccdd092d350a1fd870334d90469b750c2fc86822743811cba384e7baa95635291061c3adb","ssdeep":"","tlshash":"dcc0125970206966048e787d4ccf088ebe268412a20849c999dcd8547fb1e6c42e484c","size":184,"data":"","first_seen":"2023-09-20T06:28:52Z","last_seen":"2026-06-13T04:20:14.575575Z","times_seen":1765,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"297a907d4e5b4c2198915e66274d9c9a","sha1":"e0f98af49ab0f7a270e2d739436181f924449098","sha256":"0fdbc26d9d5bd7f6a4bc38acfb91fc663c57463d43a08447f1386b3354cd84de","sha512":"48487cbd59e60a259a5836fc0315243da500d617e94e06b3073f79bb834bd141c9e5cfb59c42a3c2086c920c21be5996e589d4658513cf31d95bfc5757a4a44e","ssdeep":"","tlshash":"1371bc3beb00173bdc8fb9fdced5b4c02e62497262496560691ce102b16cd7087bed88","size":3741,"data":"","first_seen":"2025-08-14T22:39:51.132287Z","last_seen":"2026-06-13T04:20:56.618354Z","times_seen":3154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"Function","is_inline":false,"md5":"9a47d57019b0e14de9e8ae7cbbb795ed","sha1":"a54638715d920c6393fac505ae3b283ae507f99e","sha256":"32b685dda1a35aaa0544372fc165c704535e6e5b047736b33095035a9a129557","sha512":"041cdbcb9f9d2340d64d46abcf6bc04fa8687e5ffab42373ec3995cf416e1d8d95daf9ecb84e6401f91cd449b76948659fe0e977a7e7ace7c357d54fbdad2da6","ssdeep":"1536:2dK0m5xZhflgUJvl70mU71UjS9zhdDMbez5dK8s3ZwwD3:2dnm5xZhflVJ50r71UIdD2R3Zwu3","tlshash":"c7f3a795d792408c8e1961afd0b3b649d5288e114aacf467da1fded03b19f7281c32bf","size":158031,"data":"","first_seen":"2026-03-23T09:04:47.094294Z","last_seen":"2026-03-23T09:04:47.094294Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"hub0g.signinpath.com/acc7138d8614ce9b.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /acc7138d8614ce9b.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 20492\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-500c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":20492,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20492), with no line terminators","md5":"7be0532eb21e79ea01b91b9f55b5fb4a","sha1":"1e68a7546e340da229c2c4e9e54ac162a898788e","sha256":"7efc4b76397e897ceca28bc4f6d9c49fa81c81b7665870014e74573f3e7777df","sha512":"0ade5db4c29062f35aa2b05a1dcd8b2b137819206e3d7f0aa99b13c228de559982f2c6dd055beb2dfa295cfe792ade1a461728836fdd32fe4c1999d0ba7cbaf0","ssdeep":"384:vH0FA14MFXMku/D0wBapxmS9/pkSW8CyYsN:fwA14+6D0DkSWc","tlshash":"539275e6ce6e373c4b1241148bcfaa38336d9440e9f179f5b25784f94ad82a6731d213","first_seen":"2026-01-23T18:39:51.769034Z","last_seen":"2026-03-23T09:40:34.944039Z","times_seen":3,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":64,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/c4da9ca865868ef6.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /c4da9ca865868ef6.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 96255\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-177ff\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":96255,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"19ae3ae4b1e4b50423a53c314b1f6f5b","sha1":"038997240a3b6c59721641f3cd9beda07346ffc6","sha256":"20be49c333355aac13a7c6cc73e4b4c2b8f033dacef49c2f6262f0bcc99099fa","sha512":"5434b950136f4d342d3fe916e6100bfe0d4fb2979df1aa160bb388909d3162f1648ccb3c2412ae14a716102ef5b3c4811f95b31ef38a0792cc5e65c4d4f7c5f7","ssdeep":"1536:IsUSzxl+ScdnLBpTa6GjTqZq5pc5gIYr9H+FhIHKInjCpCxeqrkSqcHk8jEK1we0:IsUSP+Sc1BpT+jTqo5pcqIYr9+FhTIna","tlshash":"ee9344336d26b13d493e5706d96cd8dc4736e921eb1791d6b382b8192e4ebe00a13edc","first_seen":"2026-01-23T18:39:51.751272Z","last_seen":"2026-03-23T09:40:34.941348Z","times_seen":3,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":43,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/78f27de15aa0790f.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /78f27de15aa0790f.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 1333\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-535\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1333,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1333), with no line terminators","md5":"3fb6fd1ed4f419c80febb383e18be83e","sha1":"176baf4d6bfbf23bd4f0646371c0a35c4258176a","sha256":"3f0ab8b6e10dffc009de36523cdca1767965463d698f630e2640f8e7ccb295bd","sha512":"c500227dba8cb8a6a53ad6395f82ebc935a119693d1db15a8125d43af360fc1615e8aed4333394c3c673c55f76ccd13d428f56f4857564e170fb4700c678c417","ssdeep":"","tlshash":"f821474a5e36f17f217e10b8e5f4fd044f28872bf6460498ba06dd2854888c237bbd2e","first_seen":"2026-02-11T15:16:29.563951Z","last_seen":"2026-03-23T09:40:34.916233Z","times_seen":6,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":137,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/linea.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /linea.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 2354\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-932\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2354,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2df4e0be742ee760784a5f42756c6ffe","sha1":"ffa6740241696049e62816c681f6b0a81ee28654","sha256":"ee04d7829d80152caee6652fde4a2267f450f04200e3bd9487e93cdf7e1e2a64","sha512":"23c12a152d57ff9d11079c2624ec8f2978a9e66086fa79e51ce69a46dbcc4972c137f5165c58895ce5ec647dc4752a7515a077c9c693a4dea419434b07e2cc35","ssdeep":"","tlshash":"5241b7a53330b0d0b027ce96ce1bacfe2e1b64ba5b43018549e49742f8a3ee96844d74","first_seen":"2026-03-23T09:04:47.007907Z","last_seen":"2026-03-23T09:40:34.951738Z","times_seen":2,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/yuga.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /yuga.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 8545\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-2161\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8545,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fab124e95e2eac59bd5baa18a97e0771","sha1":"f769c6306c1ab92c0e286d80a162a36238a5b647","sha256":"d643f322f1bcaea34e9dce2c66d62211e6f911718e99ec23df21a2f87c597dd7","sha512":"4bc63db12a9b31b370665825690137e631406ad2b2dd610807b1133b80afb01bd6cc86e814350ca1fae004ad09214a36e25f73d0cf42d14850837f13e5ec26d1","ssdeep":"192:VUow0k02OV4x/D4n6evFzR/NDj5inZ3eLNavmmOh27w8liUuKJ4e9RN:vBkuV4qFzRFDjonZ3yNav6h+ulM","tlshash":"7f0272c91770a1e4f0db6f5edf37ad982e1fb0fa4e11468541beda0c1997d84aa48c00","first_seen":"2026-03-23T09:04:47.009659Z","last_seen":"2026-03-23T09:40:34.934986Z","times_seen":2,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/musd-3.jpg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /musd-3.jpg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 12158\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-2f7e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12158,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 99x106, components 3","md5":"707839acad62eed6e362df018f123cf0","sha1":"60dafeba4e97f259b7d5c4be3bdec6b7a3f4361e","sha256":"dacd3167d6345f80fdc600dbdcd21213d4caec221a1d669459fa19ef52ddae57","sha512":"e2b530dc32d54893f9f423444b9cbdcb874be16b823c98ef7128bb3d26f91cf7bf06761453f325af13a52c1aca95006050fe0240c3e0f36b4d107a4553f39478","ssdeep":"192:H3vE583QCwyAhMzfev3Gb7P6ql8rbTBRNDpzCJwOCg7PnEPvfeNPGyVfzdOEdplb:H3jQxyuM7rPnl+3dpzCZCg7P6XeNPGyL","tlshash":"0742bf9a9162ed97fc940c39b8acc40427485f69c7b3b8bb73422b89cf42fd56c59079","first_seen":"2025-11-03T20:20:12.892372Z","last_seen":"2026-03-23T09:40:34.943396Z","times_seen":4,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/01a6478c6bbab05c.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /01a6478c6bbab05c.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 28554\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-6f8a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28554,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28554), with no line terminators","md5":"1026f12f85d0a47a403e0f4052abb39a","sha1":"959edde99a5b7551bfcd9b2aa6eecf41d0a9b014","sha256":"583a64e09e39628b04fd207a3f4ae78bc48aa883466476f02e76e94205eb4788","sha512":"d8c8dc4e945bb08f826ce70626ed1e188697930551965df8e48f007712b83c847c52ea5d2c4b02380f442b5886c8460f718b215c9888a85d2996bbce667c4504","ssdeep":"384:rWCcbDgiL9+GzBRU4R3grIHdXiotKRVe6snSWgs7QEKXjXk68jGdfUo1J9aAWcZv:y9hsWg8WWNq","tlshash":"31d2b575ab017b3cd42b4437e9b5f4585324f881ca2b8faafa32f519c5c2e911e16ec4","first_seen":"2026-01-23T18:39:51.789567Z","last_seen":"2026-03-23T09:40:34.942049Z","times_seen":3,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":99,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/rewards.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /rewards.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 11606\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-2d56\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11606,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"535d9718f6f898f4889153a61e2c7e74","sha1":"bd8e8d1eddead828fd2e8329d4d5a05669c6c1aa","sha256":"21370a8bc61b14445e382abcffa45820f2bfe6f5bcb5a2859f05d5f906160917","sha512":"598007ad7c1fef4c16a5045136ce26cdbea43051a3e9781074354cc26a3282d8c12270047b2c71e0132194206e2955fe0ba2f5ea23d1190df8bb57351be959fc","ssdeep":"192:AcrO+QyKGRDzTJxYNHxd6iujiuSyb8w88o4c256bVlO4NZZWLRxce:AcrOTy/DhxYNHKiujiuV7m1Zyfd","tlshash":"7032eba29340c77a9c8bc45cde7250a5210f94d8f6bff1e8a5f3cb79645b9c8f604828","first_seen":"2026-01-23T18:39:51.74028Z","last_seen":"2026-06-09T03:15:43.255693Z","times_seen":18,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/musd-icon.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /musd-icon.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1635\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-663\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1635,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dca0ff73a1234848ae5ac6712b96153f","sha1":"26941ec3eecff954df2ecd98c9bcd8692aefd59c","sha256":"1665c149426986e476ee1d3850af23410df3855e2368f72e993f13792008101f","sha512":"a621ad3830a97a01ba236501b3314d3a70690367dd17cc1ff7dcbabaeb436d445be9b9a2463d6fd4a980a3c4f0f5f9b90dc1337cfd958576e69352d40a168613","ssdeep":"","tlshash":"10311099657c91746802c3ed5eb9f8e9306b50cc4249461cfc653b093a32b8ea0a868c","first_seen":"2026-01-23T18:39:51.779252Z","last_seen":"2026-06-09T03:15:43.307042Z","times_seen":18,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/card-back-3.png","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /card-back-3.png HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 19236\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-4b24\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":19236,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 784, 8-bit/color RGBA, non-interlaced","md5":"0641f2d8c39d8112d9425fa4d0c09950","sha1":"5d38edd71d0b8e81f175d368133dc9c02058149a","sha256":"142dcdc47e61d952ffc6219a6135b232cf28cf33b988e8ddbbdebb22c684d2f3","sha512":"03882837d682652743f16c7782e40359d3238cb3a63246029f3209b4ea800aa447f5eaecd6dc10d15d674bb19a947b51462358e8387946016982192f3dd445ef","ssdeep":"384:SvtzVeprb8OufHiI1XkkAVp5n7l/8r2TIH+2kw2pfLsihLh:SFbOw71X4VfR/tTIH772pAsV","tlshash":"1782bf423a977391bbb45ce502521a0e7019369d1cdecb7da1be242dc1a7e2ad1f18fc","first_seen":"2025-10-20T18:15:57.27502Z","last_seen":"2026-06-09T03:15:43.387067Z","times_seen":21,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metamask.io/favicons/default/apple-touch-icon.png","fqdn":"metamask.io","domain":"metamask.io","tld":"io"},"ip":{"addr":"172.64.147.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metamask.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Feb 2026 01:39:24 GMT","end":"Sat, 02 May 2026 02:39:08 GMT"},"fingerprint":{"sha1":"DE:BA:BD:2F:CB:AD:3C:C2:DD:2B:75:CC:F1:D3:6B:E3:B2:33:75:D8","sha256":"BE:18:71:34:3A:A5:E7:1D:2D:E7:D9:19:DB:E0:25:3C:48:07:B7:FE:C5:B4:DC:37:D7:49:0B:8B:22:89:19:96"}}},"request":{"raw":"GET /favicons/default/apple-touch-icon.png HTTP/1.1\r\nHost: metamask.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Mar 2026 09:04:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 3990\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-disposition: inline; filename=\"apple-touch-icon.png\"\r\netag: \"3dc40dc71436fb7c15dba38d80fc3331\"\r\nlast-modified: Mon, 23 Mar 2026 07:23:14 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=15778476; includeSubDomains; preload\r\nx-frame-options: DENY\r\nx-matched-path: /favicons/default/apple-touch-icon.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::dft5v-1774256657407-2149a8d48adf\r\nset-cookie: __cf_bm=97bwG4qqbtHqP5JXBbpdkdBDj.iTJ6PKrEydVsLY8CY-1774256657.3599195-1.0.1.1-LNLzfpEdHLAHqo9oopil9B9X3jpRoRViJYdHdHYkbHYakF1kWqy1Q8TPBz_kQXdYAd_qzQInKmyP9YHse4smGVKhtQt9X7pP1su5cS6z8MGC55DlLKWyL4AeI51HXmri; HttpOnly; Secure; Path=/; Domain=metamask.io; Expires=Mon, 23 Mar 2026 09:34:17 GMT\r\nexpires: Mon, 23 Mar 2026 13:04:17 GMT\r\ncf-cache-status: MISS\r\nx-content-type-options: nosniff\r\ncf-ray: 9e0c448c7abd4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3990,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"3dc40dc71436fb7c15dba38d80fc3331","sha1":"a289fa60e01bf1ae8f62a151f407546943ce2976","sha256":"8a1e0e6b72f243a122d0a365ba26c692c03d58c1308db10958713d602d0c819b","sha512":"a0f467a18a8d072cd7bfd2e3d847ca8740692208641ba681a604ac6b5892aba7e6df4e25c987e0cda38c52866f798f7df4ce1d6760359f09b028affdfb53c4ee","ssdeep":"","tlshash":"27816ba25e21bfadff2901f10b1e2f44d905201bb3710388a927f40a28ca0ede922652","first_seen":"2025-05-21T00:41:02.261665Z","last_seen":"2026-06-09T03:15:43.268207Z","times_seen":41,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":42,"connect":1,"send":0,"wait":101,"receive":1,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/index_3.html","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hub0g.signinpath.com/index_2.html","date":"2026-03-23T09:04:17.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /index_3.html HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/index_2.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"697b83bd-13c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":316,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"6354111def7435abc91b00b2d04995bc","sha1":"f5377bfc4852f7bd64d152e18f8a353c8bf3f7a3","sha256":"d279c0a8a0d490dde4bcf36dd9758d345be324513d668848b5c171fb23d610bc","sha512":"11f9148805fc9a03d6a02c4bae0dd7259f44111af2566b3ad2c135663fcd3be77bcbde429749d47b7e5b810ea2eac1c16a44860dfbc98affbf13c91d5badd429","ssdeep":"","tlshash":"43e07d535751890669a097d11bd2f1008007d91a64529d60bdf3a45878e82376416ad4","first_seen":"2026-02-10T18:38:29.080566Z","last_seen":"2026-03-23T09:40:34.897971Z","times_seen":4,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/nlne8sc.php?m=2957094","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /nlne8sc.php?m=2957094 HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Max-Age: 3600\r\nCache-Control: public, max-age=300\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4133077,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2a03a955bbb5ef59bad9c977f650bbd1","sha1":"88ac45869b2409a65b37ae6b1ac444ede479c359","sha256":"7584f07ead444464ce032c05bb48100c3c38ffea028ea2233fa3da29b0a99949","sha512":"fd44a41e83cce63c5639a77cce66794e36733896d4057ee31aad5ec9a684afd59ceede514fa1af56c8d00810b39559c5f3ab338ec3e45ea12ee5f8136b24252d","ssdeep":"24576:u7M0RHw73ZSBMCQaudwXzRos0Hp2GhT2m7H5aZoWTHQz1F:u5H9TvRos0AGvUHy1F","tlshash":"5c252345ae07a07b83cc5ae7b86fdc4e1420ae438c85d2d5de98e9c2267dfb082d745d","first_seen":"2026-03-23T09:04:47.036589Z","last_seen":"2026-03-23T09:40:34.946762Z","times_seen":2,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/f37ec80c3bb3909d.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /f37ec80c3bb3909d.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 54013\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-d2fd\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":54013,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (54013), with no line terminators","md5":"d5b11a479d274eed45ea025a15c7ebb3","sha1":"cecf8805b164b6cd09f9ace5aecbe123eb5df6a5","sha256":"e1914cf04d3865600875338d826133c693abd81816b283a317b4f40d2a03f0bb","sha512":"9418b2cd09a5ea76868b5f9b527758f8ed54a6ec43409418297b2ecff6d3a82c91d0eb8aba5c528d49729564b1afede9c8a968c6fd8ed4dc567d8d7cca735d93","ssdeep":"768:GYkYwoR65zxiy8V+156hiNOfYK60S2IF7:CYwoR65/1UhWOAX","tlshash":"383394934e05313cd43fb797c2a9f6480368c555ebd751d7e642ae3ddbc9ba402b2888","first_seen":"2026-03-23T09:04:47.037884Z","last_seen":"2026-03-23T09:40:34.90416Z","times_seen":2,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":57,"dns":1,"connect":19,"send":0,"wait":38,"receive":23,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/e12559a43426635a.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /e12559a43426635a.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 1048\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-418\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1048,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1048), with no line terminators","md5":"53297ed2c416dcd81f90557ade324f3d","sha1":"b6051d400f4fab9844a71f50e5913008bdb0020e","sha256":"fb169ebbe7eb0bbb48f0d68ba888b6c05074802f6c4b59459b4e011187205ec5","sha512":"c8001fa8776f2d6d5e3bbe100376f02fb6d08863cbf83153f23c86772e4000175952463ab27e02debf560fbbef08cc46b63c79eecb87253a1f89ced20bb3435f","ssdeep":"","tlshash":"9d118b18800eb27a86b4c9c77347ff832986a424ca6d14ae70512b5d0cfa1ad15f17f4","first_seen":"2026-02-10T18:38:29.068026Z","last_seen":"2026-03-23T09:40:34.925822Z","times_seen":4,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":55,"dns":0,"connect":22,"send":0,"wait":19,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/2affdca62b13d893.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /2affdca62b13d893.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 25815\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-64d7\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25815,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (25799), with no line terminators","md5":"74d980e7e493d5600c16300eab721767","sha1":"485c3d4c0277f8b4d98c856180b349193776851c","sha256":"66abf3604b569338c3a46d22f560ffcbaab5d0b39656839aa4ce3c9b92996008","sha512":"45c2cb6a0b3db19db1b1d44b2254b9df300bc612b2a7515e0c308915bb458ff3afb208118ffbcf7f17af9c5847cb836e61d26b5c28d8ad01a464f18017a6c877","ssdeep":"384:vadnqLPmtcht1Cw6JrXwEthF4W28KiTuhqI6MUNYwv7puvtcGJGA7kj47sUSDKC0:CwSl771uvtAyKlZM","tlshash":"35c2e9b2a915717475374c3b72b4f9642524c892e16786a9a702bd3d86cbfbf0322f4c","first_seen":"2026-03-23T09:04:47.039959Z","last_seen":"2026-03-23T09:40:34.92965Z","times_seen":2,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/847db3dee30f6caa.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /847db3dee30f6caa.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 44981\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-afb5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":44981,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (44979), with no line terminators","md5":"6fa32d1c492ccbe83ef0602f283a9c87","sha1":"ef586035a7a0c4a6237ecaf52393fc1d6c1d7e6e","sha256":"4ef541087ef9f64bed93b975a2cacc28144f94779acf5c560be9cc9592dfc0cf","sha512":"3433a5abd72aa037415c5c2e7b723887515a0b670efa2fb9a41284bdfef8e564dd75b4c10d97c455ba5cb462e861f4f2eee0a2893bed4fac26c79e8a6c089568","ssdeep":"384:cen+bsHYtfBVISuakJ86avnV1fHgJXIR3mDnGDJTEVv3XTw+89vcFERJAhINjBj9:OEJ0Kaq4t73JHlIIF","tlshash":"9b1352611d1f33bf753fa232e1bf95cd22288c54ef17db9aa706e62987827a14533444","first_seen":"2026-01-23T18:39:51.787427Z","last_seen":"2026-03-23T09:40:34.944689Z","times_seen":9,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":40,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/ef704f4ab06f99e8.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /ef704f4ab06f99e8.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 20840\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-5168\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20840,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20840), with no line terminators","md5":"065740dfe4dba88c24e6a9fdaf78102a","sha1":"ce3d1bb9eaa0fd3b179410578df7ce9a11028f37","sha256":"687b01af826287edea070b1398896e42188f172600a28ba89604a972b8dd3a3d","sha512":"716f599dfca75ef7df40a5ca9b15cb4e5afca78597faaabbd29fd303cd34fb063f0facede6e1936ec00e7b2c28165c040652637ed83869a4b316a4996c3deb69","ssdeep":"384:sVJ/Td0Il0k0LT8/0LAWwWJ4INTScig0BZIY0O1vK3ooodod9tR0H1D0605t0k0T:K/Td0K0k0LT8/0LLJ4INTSg0V0rooodx","tlshash":"cd9220948a55333e68af520dbadad75c11fe94c1ae22d2cae706107f53c62b70d33a4d","first_seen":"2026-01-23T18:39:51.709461Z","last_seen":"2026-03-23T09:40:34.931356Z","times_seen":3,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/f888d9ffed4ebdf8.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /f888d9ffed4ebdf8.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 49113\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-bfd9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":49113,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (49113), with no line terminators","md5":"e79badbf45fee21f3571d7ab2d40344b","sha1":"7ff7a17b59284a1c4cd3aef845c4e00b25f2d849","sha256":"57e2250d12780cdffc79cea44ff5135d0f3a9221dd89bac2cbc3899e178ddb3b","sha512":"ff2b6acb78acc9739b4cea0e25e57e7bd83fd72546d228c836eba8b0614110350e3b173d0330ee082c870d63e5f8737f989a47ec6fa4aeb4465a37752699f13a","ssdeep":"768:9OCNBxexr25+TQq9uS1nXy+7Io3CcUg3xLE:mxbQq9N1nXyU3a","tlshash":"fe2355654e1f326e743f9236d07fb949132c8c66db0bd35a9a03ea38478f6e01236c59","first_seen":"2026-01-23T18:39:51.764655Z","last_seen":"2026-03-23T09:40:34.911325Z","times_seen":9,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":132,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/card-head.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /card-head.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 12816\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-3210\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12816,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6f8faf36bf4d4134464225267e029508","sha1":"e835ef0818d911d68220af329411bfeadb1f867b","sha256":"5ee26117fcae92d3fbd64deb39d0e76c7588400848949774bd6acf38980ef726","sha512":"3f4503a7af9f299533a44f384fa374ff2ff227b967f73f130fcfc283242343f40f4cb557f72242c52dd4b042f12cad5df8e7077958444fe2f6562a4cf8a5b877","ssdeep":"384:YQAvEksJ4pogwX4JXtO2Lp7gbS8oYDbywO6p:YQAvEksJUcEd7t7OfoY3yT6p","tlshash":"07424c6593a0b79d8b86c1c21f26ede8614bf4d878724af656d12b49cc0bdd4bb08dc8","first_seen":"2026-01-23T18:39:51.710615Z","last_seen":"2026-06-09T03:15:43.239544Z","times_seen":18,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/card-back-md.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /card-back-md.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 4340\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-10f4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4340,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"11d597f2af02f3c2f13a1b8877b68978","sha1":"3b31b3d3e6e4b7e842c2a5adde042744b3b5e303","sha256":"c819df956aec7c4dad9e94b47ec31e44fb26b4875c444b342b6b68e634a27a35","sha512":"1a784219464b0ef39c9dddad2b133476ba814722099ddf45bc0e6a24e7457c22e77c2b6bbe25546da59bfdba557a88c32f6099c9d25b53f559989a7774590693","ssdeep":"96:RKrreun8QLk5tixSK+kOHW4i+ezeXjDPNwgqPtZ60D+/ZceC:YzrkzixSK+JHW4i+es76ltZrqC","tlshash":"3991b7e617a2e5c40a9fccdeff135a55280fe0b266e391dd83f1a504ed218f91b408a8","first_seen":"2026-01-23T18:39:51.805507Z","last_seen":"2026-06-09T03:15:43.396536Z","times_seen":18,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/3ac2f4f1a0b4ad70.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /3ac2f4f1a0b4ad70.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 97932\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-17e8c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":97932,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"fb00d66d5935be93864677d23702cb13","sha1":"f6a9fc7e0437b0333891c12c689dcc364d4fd960","sha256":"b6250e32cdf8fa6a01904bba992edb62e32833475e01ebee2a4e0e76ecd34a2c","sha512":"aadf126f555c1215d6fcb57c7511c006ef43eebc149f19a7f613be2527e6654d56b5c46ed73c43eb79a166e1239d2b70c6fa04dc408bd822e2c70cbd2d3b4611","ssdeep":"1536:SkR03MVGAg9n9anE7DXAx9giMHcdoHyv1WIvPdzBg1Fzzn0n/W:SkR03M69anE7DXYgiZWIvPdzBg7vn0nu","tlshash":"2ba395ba0f19623c943bb817c7d9a59c03388012fb1752d6f742e9397bc97e2163658b","first_seen":"2026-01-23T18:39:51.777775Z","last_seen":"2026-03-23T09:40:34.932405Z","times_seen":3,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":24,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/card-btn-l.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /card-btn-l.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 2460\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-99c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2460,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"45e244d048395b90d58cc772fb0c2b7b","sha1":"3e24cf781b00e0ac77e764528a0ecc68d186d7ad","sha256":"4d3d5860710e11ac4a59bbdfbc76a1784654b608f23bf380ad79dc8662120d9d","sha512":"35edd46d0b78605bc8ed2ee41105cce015623a226a58ea16093fb1c815774b1e312c44a27b536d5b6ec8491de95934810525c05b08bd89a861c583ab0b5b29f4","ssdeep":"","tlshash":"445187d363a093c8a509c7965d37e4e93007d1e6b9ba4cf486c55b0890abe8a1f4ce0c","first_seen":"2026-01-23T18:39:51.842047Z","last_seen":"2026-06-09T03:15:43.248699Z","times_seen":18,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/rewards-3.jpg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /rewards-3.jpg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 66320\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-10310\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":66320,"size_decoded":0,"mime_type":"image/jpeg","magic":"ISO Media, AVIF Image","md5":"453f47aec3e7412f5af851b4bf1bd174","sha1":"520a3dd29a5f68acc1066504183d087707f2d7b5","sha256":"65f9dd6ab19aa40874cebd17a3edd734ec08ab46b5fcbb0b28ab436265366d67","sha512":"65e0e4ae321898a45d64d5fe888635b0c43f3a26928998fe044edab799ce63d34f325f24e5c2ab8f79fda2940c1cebab8b702d242d63b699defcc48ef1611323","ssdeep":"1536:Ss4B4gr8I/4JVznTrqDzoZHvTS+pf+SDgL8qhP2WxUpFhkxJUpxasg:EB4A8s47z3qkHJWSDVqc4Yvkxcasg","tlshash":"f3531224f171a5bfd39802b65710358913cbf312eb2cb0a7b6ede1491f8f80a9762958","first_seen":"2026-03-23T09:04:47.0499Z","last_seen":"2026-03-23T09:40:34.899261Z","times_seen":2,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/favicon.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 2082\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-822\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2082,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"05ba1cb51809272343f7855f1a30b1df","sha1":"a3606adca40578c41af3e288ba9b14059453d8df","sha256":"bb4609771e2b623c33c53745f035f80fe99e7bbf1564ad75a31eab010efb8800","sha512":"e70660c77b5269b74f14a31a2a8f18ac3c1d93d65f2fcb204b94b97266fb0d176787b84374daff0ac18a85e81f272795d79b3fc56d059398ea76d7c6fda7be15","ssdeep":"","tlshash":"994114e5927cf5b2965b47e1af7e4c78187a70cc521b1d8c39880700c669bfaf2d4d84","first_seen":"2025-05-21T00:41:02.236901Z","last_seen":"2026-06-09T03:15:43.269029Z","times_seen":33,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T09:04:16.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 29 Jan 2026 16:51:51 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"697b9027-40ee5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Contentful","description":"Contentful is an API-first content management platform to create, manage and publish content on any digital channel.","website":"https://www.contentful.com","common_platform_enumeration":"","icon":"Contentful.svg","categories":["CMS"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":265957,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (35495)","md5":"55c3629bb3f87b8e7eece7663c0e7500","sha1":"800b320a6fd6c77e4d42a1117305789172414c34","sha256":"0442b2ef9b4fa55b582c418f89213834288602409db04c117d28cdb3124763c7","sha512":"41c198bc9d9bfd5be28e5816a1c4d3bd5995d6dbfa653cd8f29afd52da0ba27b8c961c5a2556c6bea9ec6dfa7fbe71c363487fb8cdabd954a0398ffd59e45a06","ssdeep":"3072:qNntPosgumqmE6sJsJ+OHl16yZmZvHUz3UDGSTNta8ZJOkEa:ksJngv0z3UDGSTNVka","tlshash":"7d442a768088313f6223499deb55ab2c32bb54dee64e41cfb25e66e493c7ec0b512c5c","first_seen":"2026-03-23T09:04:47.052685Z","last_seen":"2026-03-23T09:40:34.937307Z","times_seen":2,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":92,"dns":40,"connect":19,"send":0,"wait":41,"receive":37,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/b5bb28d70f1372be.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /b5bb28d70f1372be.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 95755\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-1760b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":95755,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"216aca0cc770d6e193ad75c6cc153763","sha1":"ed2b205a66c01ad847c6481a86c5191522228ba5","sha256":"66ce98c3fab1ceca5e4ba8fe1d7b15c1c658a860e9748e36cf2557bebe9a51d7","sha512":"48e2de3bf7019adf7d4d773f4b083e45f864b1377a4b861a9e27aca30b6ea5e5f98eef4824bf0beecbfcbd3e757f3ccd2523b1722eb8d60204ce015b33ee6884","ssdeep":"1536:j2LrwNtIzgyWJvR2rt+dLWRXm91QqXP6LKNcw:j2nwNKn5t+dLWRXm91QqXPsKNz","tlshash":"bb9354bb4e16323dd83fa017c2a6f158072ca256ff4b15a6ba02ea785bc57d11237c1d","first_seen":"2026-01-23T18:39:51.792556Z","last_seen":"2026-03-23T09:40:34.912804Z","times_seen":9,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":25,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/index_1.html","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"697b83bd-8e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":142,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"292f74c92c97c686c723a291030cfa93","sha1":"ff7ce2a278d64bb71b8a15797fd10276ea6f0df2","sha256":"baf0572ea402de47c8c0c44f67fe0b4af40bd7bc06f5733bac13f51bb4ac4d08","sha512":"4f34b0d47baba42b1c93958d291540f76e16fb3f67405fec9d87d0d8d57bf4ae454b63e8462a3b238ff1f6306323f7af84e182781658961d0acac1e55b70d953","ssdeep":"","tlshash":"54c02b22dc04480f3d009fd1cb8af1c4c003dc3ce8315c00b867b544e9ac131c012548","first_seen":"2024-08-19T15:34:07.77924Z","last_seen":"2026-06-13T12:25:58.336514Z","times_seen":455,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/db8493ffded6be58.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /db8493ffded6be58.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 1737\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-6c9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1737,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1737), with no line terminators","md5":"b14d74d483bdc0b585886d28f4edc346","sha1":"068db872e0939f99a18d98b88844a47811b8537a","sha256":"07c279c8869ed9dd3d900c9bbeb880a8d6f20a832436b189625da91d2af5fad4","sha512":"c2e521d4703db1d9b72810653cb1dc5220413ed6bdf3370f7101c735c10f53eba75a96ee62544f046c43032f03f43e8004eb7654e69334c06ecff6e674b3a188","ssdeep":"","tlshash":"4b318b34681d813298b59983b24fbf412fc96031857e152b6151176e4eaf0fb47f2f6c","first_seen":"2026-02-10T18:38:29.084762Z","last_seen":"2026-03-23T09:40:34.940586Z","times_seen":4,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":55,"dns":0,"connect":19,"send":0,"wait":19,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/ed56d4169191215f.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /ed56d4169191215f.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 100694\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-18956\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100694,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"d279792cc46fd7b40c192f3daaad1961","sha1":"6f748da433fc547b938526fcea9d208335c1cad6","sha256":"ec4f88de1816ee31745850efb5804b55fd040eff915372662bd0b1fac08a5214","sha512":"d6e5a3064b63889ee5e85f701667fce3e2b3e4d8bb3b2e8523e5bcf95e95827f2e04112db9b313f68b3ab4e55a25848251d3a9540a28a34cb385e06f1d56baab","ssdeep":"1536:twvkLHL97BpLzKGwTPxPWPAP3pUe1n+xn+ezn+e4n+ebn+ePn+e9n+ekn+eIn+eO:twvkLHL97BpLzKGKe","tlshash":"35a396a38f15723e81bedd17c4bab25d032cd802eb2255eaa5529d3d5bcdba10333d49","first_seen":"2026-01-23T18:39:51.770181Z","last_seen":"2026-03-23T09:40:34.908975Z","times_seen":3,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":20,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/nansen.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /nansen.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 4711\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-1267\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4711,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2bc51d0968691a298679f52fc1684e4e","sha1":"f0d2e0e5f098cda10f423978d1130503556e2946","sha256":"7131c6fe1e065c25be6cd2bb2add2f9e52ccb18efbe3ed71277d3593a85b495b","sha512":"993a8a51a339b1db3e636ebc1bfec6e2b01e5ab5153b094290051b9013d85288a263c30fa5d406d7224fae91551c8184e7630e52fe4efa47db05bc07c2291d46","ssdeep":"96:C1rHKqHp3KcKL/Zc/mZHpdelaGxXv79TqCjYW3MBebRls:iFTy/gmXdelfxT9W0h/Q","tlshash":"d3a109ea630497d0521bcee4df2978ea769b78ff3f1841a812617344ad574d97c04f18","first_seen":"2026-03-23T09:04:47.058352Z","last_seen":"2026-03-23T09:40:34.926487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/card-back-handle.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /card-back-handle.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1001\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-3e9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1001,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"10b398331cf16023becea30976fe5c3b","sha1":"6dfdadf567f756b6cddbd709db9a567754089206","sha256":"a76dcbc9a9e6a14a808df62c7f5d938370c37be114fd0e4ea078ef5c46e59fab","sha512":"5ffe8061929f1e3f2ae485e80549c9916f9cdbdcbff49e272216425e0898c5e50f52384c035c71921c6fb0b6d65afb5cf8cc071a92676573ad68ef8dc41dd111","ssdeep":"","tlshash":"e6110eb8a5bab50d99258930f3be6c93076ef174b043068eec4d2631d06a8c7f14b328","first_seen":"2026-01-23T18:39:51.847563Z","last_seen":"2026-06-09T03:15:43.35202Z","times_seen":18,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/card-btn-r.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /card-btn-r.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 2966\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-b96\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2966,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e8e41a98de660235df8de3b7d47c230c","sha1":"fffcc5fe869cdb481abdd927cde1b1ebf94d23a4","sha256":"1eb8f31a1ca265046cd3d74e030908f4dfbfe73a46a625f900eeaee3b9e667e3","sha512":"d4c6a1d994e8e22d3eb4d154b0b4ee5e8d5c20b79a8af6c57f3ed26be5d39f66d980542b0a7ef2421e09611029b83b4c962c865d8d8c2e102600833eb6b40840","ssdeep":"","tlshash":"cc51a8d32380b7c8980ec6835e8ad8b83007d4d6b5bb58e9c0d9db04d5a7d89674da24","first_seen":"2026-01-23T18:39:51.7637Z","last_seen":"2026-06-09T03:15:43.363455Z","times_seen":18,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/ui-2.png","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /ui-2.png HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 31481\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-7af9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":31481,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 438, 8-bit/color RGBA, non-interlaced","md5":"bb47a27597d716feb518a6ab84d1fcbc","sha1":"ecb32ffb726d6453db86413c78984526327c7c30","sha256":"1f2a1c3ebb238abc94488c3ea1757e578d97bed7dd584519b8f5a7a62810a789","sha512":"371f3cb108eae4af2f79e11002154427703057bd2bb1e7afa3fb7612d99c38250acdffaa4e9df2614b03c5c41587e3422a08de40dac3cfcead8ee47354c548a4","ssdeep":"768:fLdBNkE39pR4PX0TiqyaM24DLYIcdC4geUL9wyqt:TP9pR4PkTfF4wRPgEt","tlshash":"fee2f119dbf15b98d6e13864dedbdba00d9931911471e1134ee23620efb9c2c036bd8a","first_seen":"2026-01-23T18:39:51.725198Z","last_seen":"2026-03-23T09:40:34.952623Z","times_seen":12,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/menu-rewards.png","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /menu-rewards.png HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 27786\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-6c8a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":27786,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 148, 8-bit/color RGBA, non-interlaced","md5":"60ae0932eaff92dfe457e2700f732edb","sha1":"4ca3bc73ed1266441267b480acf717841348b82e","sha256":"9c427ba9c885021030cfd110b9b883525384b7ec9d473e3aff1dad052dbcfde4","sha512":"537ecd7550b6c7315cd713400ebbc6e0407b00aea2624a8e7b792aa87fbf8afff837a612fea8ec5831f47cc5322bea266bd30b2bc1b5346ea6b4d66422d0903c","ssdeep":"384:aXLjxb2xBozCm2RxN4WtzTzdpPtyO9VToyFPzpaqt0mNjHchCdw6LBMvsKvLtu7h:avxgBoz84QTzdjToILptrNML6LItuV","tlshash":"2ac2f151f27af46768a8a47633fbc729545e518dc730cdd4b844a7bf2e1ca4c160e0d8","first_seen":"2026-01-23T18:39:51.753423Z","last_seen":"2026-03-23T09:40:34.92775Z","times_seen":3,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/rewards-one-col-media-2.png","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /rewards-one-col-media-2.png HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 83442\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-145f2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":83442,"size_decoded":0,"mime_type":"image/png","magic":"ISO Media, AVIF Image","md5":"b6e3d60b505c945eacf61a0e14c42610","sha1":"7e44d9fc7e24882c12d8a6f43fbf57606f374495","sha256":"f5bfb6acd175f91528c93c55b037454dd3f62602835fb0fe7258128f0b342ca1","sha512":"c3892476c0ba46a042d676bd98793ad98234c45e7aa5e8eac5ca56dfdc0dbe95700bc11e69d780791106ff5b3c23ee294593743ca2c30441b97d70af342fd4b4","ssdeep":"1536:1nxkEjLAY2+3Wg7sQE9fFSNvVdoLgum18StOvv/aYduXw8oSThWMcK:1xkEjLP/sQE9oTL18StOPaMuZYVK","tlshash":"958302a2167a2ac395afd22952562e29e3d51f5520006e7b4000ef92d4f4b37bafd3d8","first_seen":"2026-03-23T09:04:47.06489Z","last_seen":"2026-03-23T09:40:34.945322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/20edb4b47aafda93.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /20edb4b47aafda93.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 986\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-3da\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":986,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (986), with no line terminators","md5":"5c80c626e6f378924bcd4a66e0d1a6e2","sha1":"fdc03bdeef42b77f604f7d7cbefe47fe739d0328","sha256":"b816224433c388e23efe1e0bb4fdd2f04e2830abd0076c53a4448dfe93df3947","sha512":"0ee3536caad93fede9627bdb71a8bbdfb314ef65aa9aa16a71ffcc8769f58b8c5644c21112458741cbd1fd15b47800a7373d0f3314ffb25227d89914ec5ca886","ssdeep":"","tlshash":"44115224251da235e3f4d587f78a7f132eace030b85819be1061033d4c9a6ac0af17f4","first_seen":"2026-02-10T18:38:29.093861Z","last_seen":"2026-03-23T09:40:34.949249Z","times_seen":4,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":55,"dns":4,"connect":25,"send":0,"wait":19,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/2c66c39d408c480b.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /2c66c39d408c480b.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 99573\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-184f5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":99573,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"930ff092a0c7fb410289d6284f606fcf","sha1":"89a0d61739efcc80931e437ff472be52c80330bd","sha256":"acbf3630060848ac32146c8baef963dcb86249d62b5b444b3acc7c650d16fb4d","sha512":"5f96a8f37b57cdf44aa18e82237e82e644179bfc18fe80bf65475a4bb11fcccdb4d71de3d5bc809243b86a2ec87b3815a1cb92e8bc7105956b98b2c8783db6e2","ssdeep":"768:1dGv98fNwA6fsZCT11ecPUy8Me+4drx6qpJ7aobKKS+jKWZ:/Gv9MUfsZCT6KYDr","tlshash":"3ea3a6b74e19263e983b7127c9f5961803288466f74b91aabb43ed3c9bc97d0163784c","first_seen":"2026-01-23T18:39:51.756389Z","last_seen":"2026-03-23T09:40:34.907435Z","times_seen":3,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":41,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/f7b73867d747c9cf.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /f7b73867d747c9cf.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 100996\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-18a84\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":100996,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a2685c0051f659de4d1b16835cd07a3f","sha1":"47657c64037b8eb19ea92e5ce51daee2adb9d244","sha256":"d66911c9087804b7a611f06b10335332402dd3d12b17cf1f81c47b5b66028db6","sha512":"80e4984d1856f49a5dd36793ec314605beef6646e5eb1cb25c7e30d60be5ea6e623b5ddb8a6b482a049518fa58e71aa541b2649bab25ce59c1738a88adb70dec","ssdeep":"1536:0EJtVJxS1uJToD14LgZUDjOuR6FA5kFA2uWlJPf4tIAKIyIZI8oFVi:kcJJoVi","tlshash":"c0a3c87daa14713ce963523be2d5b5080635e4e0ea17d6e9f307f52e87ca7a2063790c","first_seen":"2026-01-23T18:39:51.839395Z","last_seen":"2026-03-23T09:40:34.930593Z","times_seen":3,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":39,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/ea2d08ae881bd8bc.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /ea2d08ae881bd8bc.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 8516\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-2144\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8516,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8516), with no line terminators","md5":"f24a73168dfc7f2b2e83016d84d14e29","sha1":"8551d3e5eb3caffa4501fa6e83d03dbb46b808e3","sha256":"783dcdd6fbf80da8afe78e3902263117bd8eccdbcd2591cd3b5403f388ad81d3","sha512":"460c22affcf08bcb7754f6e8c5d6f5d20e7d1b1856dbfa4f371a5d7b1ea3065d57947485737d37a7d1e8a46112f51318b73d9bd61f5cdc8a8410f626061d96ff","ssdeep":"192:4z063ZlSsgaUU0/b+JFUIUq0p7wSYBlTXdx43cgkxSfO8/2bS:o063XS4b0/i950NwScrb43cgkxSfO8/P","tlshash":"0d0220a94a60b13c8cb3622e86dcd558573dc080e913579eb21a952f43c76f21f2ba9d","first_seen":"2026-03-23T09:04:47.069788Z","last_seen":"2026-03-23T09:40:34.95053Z","times_seen":2,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/2d12680cfdceeee5.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /2d12680cfdceeee5.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 95523\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-17523\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":95523,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"fe86895aeb96de3c09d0b75b1b8935e8","sha1":"dee5deebca8303bae17b874db1e91da987122f17","sha256":"4e3c6f5beb855dcc1879e7ed29795adea6082ad954394926e7c810c7905da8c7","sha512":"b26ca363ab52dfc7b70c1b60e6fb614a69f3a96ca2f10bc09e515f2032b5809d084af4084f74aaf6409452b778737e0abed342ff9e22aacb4d19438c3686abf2","ssdeep":"1536:a4SNpy0v/sCuicu5suy3lsQhklkGuy9+Y2/CnWPK7z:axEu5suy3lsQhklkGus7z","tlshash":"9093a8a34f561529ac2bdc17b4f9ac5c4138c4c0bb7309cdb582672a5bceea617278c7","first_seen":"2026-01-23T18:39:51.771297Z","last_seen":"2026-03-23T09:40:34.913897Z","times_seen":3,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/index_2.html","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /index_2.html HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"697b83bd-f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"58d0172604c87f3e13d96b30b736b479","sha1":"f32e953186d40f32d4b2ca59f19913d58a3b9698","sha256":"6e5fed25df8a5b837d2b2d090b93247c31ce817f281385d12c729984e100bed5","sha512":"9304b47394f8368a20aa35bbe7b50080663799349c10bfa73cb344309d07ae3c0d116fe98b7bce9231dead0e5720bdf8669c2d2b1742c9a75c8ed17dbde4c879","ssdeep":"","tlshash":"1ad09722d509440e9c018ad2caeae2c8c043d82cfb206d24bcf63b20a65c223842163c","first_seen":"2025-09-12T12:19:27.076801Z","last_seen":"2026-05-22T09:44:23.54911Z","times_seen":22,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/ETH-3d.svg","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /ETH-3d.svg HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 518\r\nLast-Modified: Thu, 29 Jan 2026 15:58:53 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bd-206\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":518,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7df74a1041e6a171fef44cfdfcc420e7","sha1":"0f5b009ac305e662203bf91a0aa7249c72e07add","sha256":"65df379b99ac552e6a3b3ca6c807d61e8d4010092c572cf8309b554c2dddef94","sha512":"d4094088cfcf250ea92e8898f194838761e5068f6e6cbf64fa01fb8529c71f584d9a3b3d76d652d2a22c390619407a0394a2772b4a165cc03c4fc13f3f0322a9","ssdeep":"","tlshash":"03f024c3620634b2e0164be8e6bd181524afa0e06f4c0865af424786ea55e9768e2fc8","first_seen":"2026-01-23T18:39:51.824711Z","last_seen":"2026-06-09T03:15:43.273681Z","times_seen":18,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/card-front-1.png","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:17.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /card-front-1.png HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hub0g.signinpath.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 17420\r\nLast-Modified: Thu, 29 Jan 2026 15:58:52 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bc-440c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":17420,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 733, 8-bit/color RGBA, non-interlaced","md5":"838fae85ac1fc162fe7e12409436bad0","sha1":"6fba0ae461994396a2b6afd993de0a7d7f8b8b6d","sha256":"70b84e538b0f5d534f7cfd9887f71a0a9eec7c00176fefe6c3437cc0c7af77a2","sha512":"8eee82c1f63bc2daf29cefe1d5a12a3dc7ca50c3684ffe65717dbf07cd56c4055d2548577774ed1689e9f35964a21405e0c3a5339cedc42ff3e7a16c725fb3be","ssdeep":"384:DP60vQp8JVGr5aljiEh/c0iV0PVt4FfNFQO:DS0vI4VGrclth/bk0PVtmvP","tlshash":"1472bf52f3d10ac52e3bf9b120d2dad990de1a291c7661771483ee718c3b979cfa10a4","first_seen":"2025-10-20T18:15:57.439044Z","last_seen":"2026-06-09T03:15:43.197876Z","times_seen":21,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/nlne8sc.php","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /nlne8sc.php HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Max-Age: 3600\r\nCache-Control: public, max-age=3600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":186996,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4ccbb3e3c783604a7ee092f8bc45d745","sha1":"6726b409f5140ab264646247ba5f94b79a0c8f74","sha256":"f340b09e507e9a0fa4db886049ae1d86c0ce734f7c06c02a9e0909dde03ab59a","sha512":"d717193a09fdfddc40751b8da38e4b5279ae46123b6accb87d6f88d317e0f33a903bc3af4aad3680c334e63ee1e62c6d5deb70f1632bf949efe1df1730fb0f01","ssdeep":"1536:Nv5KrjUNu4TURfFrsGsjVMri1LhVDsjG7h/k6nq3ZvmcfH:NvgRvRRsjjVMoVDm33ZvmQH","tlshash":"e804a6c656d150947e0952ad8ce39c88e4248e137d9ce0a7d7ddfed4632af6280c73ab","first_seen":"2026-03-23T09:04:47.088886Z","last_seen":"2026-03-23T09:04:47.088886Z","times_seen":1,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hub0g.signinpath.com/2f7c17d06b2d5178.css","fqdn":"hub0g.signinpath.com","domain":"signinpath.com","tld":"com"},"ip":{"addr":"185.93.89.91","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hub0g.signinpath.com/","date":"2026-03-23T09:04:16.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hub0g.signinpath.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 03:40:31 GMT","end":"Sun, 21 Jun 2026 03:40:30 GMT"},"fingerprint":{"sha1":"DB:33:15:B9:31:FB:6B:FA:82:51:78:4E:D0:0A:07:30:30:1F:30:94","sha256":"9B:D9:D4:18:C0:4A:87:99:BE:C0:C7:51:C6:D4:B7:A0:F7:AE:9D:EA:21:94:A3:EA:26:21:46:12:A5:2A:32:B2"}}},"request":{"raw":"GET /2f7c17d06b2d5178.css HTTP/1.1\r\nHost: hub0g.signinpath.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hub0g.signinpath.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Mon, 23 Mar 2026 09:04:16 GMT\r\nContent-Type: text/css\r\nContent-Length: 1104\r\nLast-Modified: Thu, 29 Jan 2026 15:58:51 GMT\r\nConnection: keep-alive\r\nETag: \"697b83bb-450\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1104), with no line terminators","md5":"7bc084c26f9968eb491c46efc06d027b","sha1":"77893393c94ecbd3a784b5c64da1c9298009fea0","sha256":"cd4241475bbb97158eff7e325467c6b81818330fbbc9fa219394526ddab5a67d","sha512":"6b7401f1fc66b5876cd6c326f2c9a767dff2e16840e83cb7e22ced2c937991520ae189595f02f37dca0226f5a450a4525979e1035c09e1e579da640279629162","ssdeep":"","tlshash":"19119b28a60976b0d7b1d88bb78fbb422e75f420a8291d7e7150131c8cf766915f07f9","first_seen":"2026-02-10T18:38:29.055905Z","last_seen":"2026-03-23T09:40:34.947566Z","times_seen":4,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":55,"dns":1,"connect":22,"send":0,"wait":19,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"hub0g.signinpath.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}