{"report_id":"86de5189-55de-4245-8a5e-4217486cb64c","version":6,"status":"done","tags":[],"date":"2025-09-25T01:50:03Z","url":{"schema":"http","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"title":"The Asian Commercial Sex Scene - Forum Rules"},"submit":{"url":{"schema":"http","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-30T01:50:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-25T01:49:41Z","timestamp":1758764981,"ip_dst":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.9","port":50650,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-09-25T01:49:41.796194+0000\",\"flow_id\":495019135201371,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":50650,\"dest_ip\":\"173.231.16.77\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api64.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":4668,\"start\":\"2025-09-25T01:49:41.520283+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"samsguide.shop","ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":14,"request_count":14,"received_data":260954,"sent_data":7887,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"vBulletin:3.8.11","description":"vBulletin is tool that is used to create and manage online forums or discussion boards. It is written in PHP and uses a MySQL database server.","website":"https://www.vbulletin.com","common_platform_enumeration":"cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*","icon":"vBulletin.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"YUI","description":"YUI is a JavaScript and CSS library with more than 30 unique components including low-level DOM utilities and high-level user-interface widgets.","website":"https://clarle.github.io/yui3","common_platform_enumeration":"cpe:2.3:a:yahoo:yui:*:*:*:*:*:*:*:*","icon":"YUI.png","categories":["JavaScript libraries"]},{"name":"Statcounter","description":"","website":"https://www.statcounter.com","common_platform_enumeration":"","icon":"Statcounter.svg","categories":["Analytics"]},{"name":"vBulletin","description":"vBulletin is tool that is used to create and manage online forums or discussion boards. It is written in PHP and uses a MySQL database server.","website":"https://www.vbulletin.com","common_platform_enumeration":"cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*","icon":"vBulletin.png","categories":["Message boards"]}]},{"fqdn":"api64.ipify.org","ip":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"domain_registered":"2014-01-05","domain_rank":26688,"first_seen":"2020-08-17T05:58:17Z","last_seen":"2025-09-22T07:19:43.764417Z","alert_count":0,"request_count":1,"received_data":199,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-25T01:49:41Z","timestamp":1758764981,"ip_dst":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.9","port":50650,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2025-09-25T01:49:41.796194+0000\",\"flow_id\":495019135201371,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":50650,\"dest_ip\":\"173.231.16.77\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api64.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":4668,\"start\":\"2025-09-25T01:49:41.520283+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ffff6c765f30b36048df7c0166cb18f","sha1":"29301f7c7a9675603cba375343a782910a645221","sha256":"13d1398eb97ac550be263b4754eed6d045da6466b4f206b348a27783da2b724f","sha512":"21ae1b03f5745b5b94fdf030299cb86509b5d67d2462372e1ea6078b6072080d0041812bece572891a29adc45c1066ab9fc85e0feff1ad286970c511b6ac6708","ssdeep":"","tlshash":"34c0801a05965c0d417066913ddfc45b8990cb711708d75d750fc084341e457f1fae6d","size":172,"data":"","first_seen":"2025-09-25T01:50:09.464281Z","last_seen":"2025-09-25T01:50:09.464281Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"05c6d8e5b4833387707eabecbdf1caae","sha1":"ac8e7e6a1a5d51eb566f47b9a889135f44ef8e6f","sha256":"3459fc1a0705eaee9972f6b57d4108eb98c4d5d595f2ef3467e76e63fd620d63","sha512":"0c87dfb9d8de383b0dcc136032a1d9fcc4e17d3879a0cd7303f63fc43d3769f5c8db3d06ec86a695fb570f76b3985f7092737d228926b6317b341f61707c69e5","ssdeep":"","tlshash":"39e02b340e573405446fb51b6ac5078c5738dc5a7b36cd3609a56136608372d7672dd9","size":390,"data":"","first_seen":"2024-08-20T21:47:02.602985Z","last_seen":"2026-03-16T11:26:09.587989Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c81468136fd197f73a4059b9b3ca1905","sha1":"3f52afbadf12589bfbaa0fe7507a98ddbae2b6ba","sha256":"09ee7712cf7f75a6f7cf07acd7f91327018ab90c8b3a527aff8021d4f2b3f6d6","sha512":"e2c759b487257220661cee09bad66f0ed5a67dd54fe519f30f6dc2322e41c3c71bc910c1ce2cb6bad916ae974299c273692981d424ca05f86d735ef8213301e1","ssdeep":"","tlshash":"e701df4f2ef50363380fade5746e50da52d847ba933dc391ed058714fa96a81837a6a0","size":693,"data":"","first_seen":"2025-08-28T05:07:49.641261Z","last_seen":"2025-09-25T01:50:09.465828Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7fa7167025bbda0cede842f0719d0fe","sha1":"634e028fb8ae70596cddeae4fffde9fb76ec22fc","sha256":"0b73ddba7fc868f102f89c287bb676ebb86bb31f5ff7c846777c189fe124c5f9","sha512":"a08dc59827fd274cb40283fe1d41bf46ab75323e307d443a1f49f497b303bc71eaa482813fa5b30dc285ced2b461a8a038221ae08bc851e4b7577627ec22425e","ssdeep":"","tlshash":"d6f05c6021297a70eddbb5a9821be21c30a8571c9f1a8542171cd74c5718117cbf4fe4","size":447,"data":"","first_seen":"2025-05-02T09:36:44.418474Z","last_seen":"2026-03-16T11:26:09.591955Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0141d76a696afbad1a1ea4a0704f015a","sha1":"9cf3c6c886cc9fd0ff2e3b5681d768d7458aafe1","sha256":"a1276cb5308668bdba2adbb64a634cb52aa9d030c46e45ec785c5ce66dd5271a","sha512":"edccb3a44576524d36c586f7280f1e1e935e6ffef9624d283fc77bdbcbb6d68017b8388d34d5f2bdefbfc423a9298b393f825709b40218f70f874b07a5b7dbaf","ssdeep":"","tlshash":"d5b092402a35a81432a03574387ff704e0f50901a00ee339882af10eac08ab603b84ca","size":116,"data":"","first_seen":"2024-08-20T21:47:02.630288Z","last_seen":"2026-03-16T11:26:09.593034Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T00:41:57.221912Z","times_seen":292550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/yui/connection/connection-min.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed935da9668b7350505daa30027a6f44","sha1":"10ebcea9a5b9a89ad271c462fdafb5d012b9af64","sha256":"a0297b3ea37cda46af5a08ed89b1563987e6f6a233286e1a373668776134841c","sha512":"b53009564c3e69ca1803a4f185e647226dbcaecd2bd58a7f0ff00645e475b13f163c3bd243000356843f8dab471c6eb842253cd2f74f9ed4e86155f3b3d853b5","ssdeep":"192:gzADNoHX4dmPXOYeylk25sOzIGDclyBeBUef913P6KnEyCUt:gzADNoHX4d5ylk25sOzlcUjefP3P6Zy5","tlshash":"0e32f936315124f34efe9055857f9f85ba3458972488b49a38e8eccf856cac1c06bfb8","size":11604,"data":"","first_seen":"2023-03-08T08:27:38Z","last_seen":"2026-04-01T10:56:09.055725Z","times_seen":292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/vbulletin_global.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"65d1deea45d4f4d120ca5fb36cb7e63c","sha1":"16479827e5ccc7b28c7166478c7bbb987f64450a","sha256":"bf0eb76e9a497db4c3a1383fa3dd4cf67459e24c02e9dd565943b230260264d1","sha512":"df59e1311a4f34acaae152c64f8b48f621f6b70e539e4c752ef6411d659d7d9e7dd3df88bfda85b0b77aa03189134a417513ab1a77fab35fe383741574d9592d","ssdeep":"1536:aEhUg+w7fWWsEiL/fzEAZ995dd9eDsz4fifDspPQ1dCbo9s7ShaVCyjAJ:lLJsn/f5d/eDB8J","tlshash":"b333e986ae1c92370776206d14df418c51bd44312d6364f2f88ce9e5b1b4b5b82bfeba","size":54580,"data":"","first_seen":"2025-05-02T09:36:44.358752Z","last_seen":"2026-03-16T11:26:09.571939Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/vbulletin_menu.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"760959e8572ceaaffd1e56020fd98912","sha1":"2c26fda7ab63a9ab4c1e2be11de0cd46408dcc2a","sha256":"2a56bc645dbcb80d0b0589398ae88dee1a375d3c495aaa3799b5e6d8c46b268c","sha512":"35dce99f0cc1a2a6350fcc1bfd67ce71cf0f0834d8fc31f7341c1e74061d83b9ab00d3301161d93f0aa462ec754d4cb14e5c4d0c124ec8bf2829733996c8fd7c","ssdeep":"384:ySH3VsMEV51tuG0eugtX8WhjzGMCETNEPhUXqnkPBQQhtuObsUltp22b+Ql9FR7L:ySH3VsMEV51tuTgtX8WhjzGMCsdPBdhT","tlshash":"5f72a5855fbc92324325504c629f83a9d23d407aad57de9e78bcaee424d536400ffe36","size":17324,"data":"","first_seen":"2025-05-02T09:36:44.367676Z","last_seen":"2026-03-16T11:26:09.565484Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"232c7f905401a513a0e06fd1a817f897","sha1":"863f5dc55123afe14147c8d306de82ba5ca4078c","sha256":"1df81b84f2ae45e72a665084543d2bad76cb753dc942fb79d7736bd6bb9d8d1d","sha512":"3c723f604caa3b8d374889ed554439e07de163fdff3658fb27dec1e5c2e2ef87eb91c13cf3a2e737f3ca9a1c6e4eb82c7528b60ee8c9412329167b2fdd2a4139","ssdeep":"","tlshash":"1fe07d0f0fe28774a423a1182f779351316594727711f400f97c121d8fb2dc22702f68","size":313,"data":"","first_seen":"2025-05-02T09:36:44.420979Z","last_seen":"2026-03-16T11:26:09.593917Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/ncode_imageresizer.js?v=1.10","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"07cd6ae7d2ea9ab97930c7a2ff9ef9bd","sha1":"71bf39fe4f9b01af373ab6f7555692e59ca17384","sha256":"337d0e29bbff50b40a2b3b8ea18cfd9ae362d05af24ffcc989c501949e7ea15d","sha512":"7ff63c5278c43e540c3719824f892b27cad0dee17b38f7d1619b3003c58596f6ddb6897f404b9785ea20879143d364dae6ae151789c3b02316a3cd32b78fc383","ssdeep":"96:T0haZooyIH4e3SmNnFxa/iCEsgTKI/3fJQDJDecQeRi:UaZooyIHLbNnFxa/ivsgTp/3fJtcQeU","tlshash":"efd1048fb7b62176b02534d6ad7e51cd694c97a313018ea9fc1887d8ec94db5827ca30","size":6337,"data":"","first_seen":"2024-08-20T21:47:02.63255Z","last_seen":"2026-03-16T11:26:09.566477Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f16dcd51fd1d51fac21a9724911184c4","sha1":"5549ff428576843dcbb70b9986e77dfbec09853a","sha256":"d40743d2f62e70a29644f823731551ac1f13903f07f8e0756aa664bb684f276c","sha512":"f754d5b364fd0697ad5f464555ea65ad786aa2e50a514eb0ffed96ef9eb68e1a0285f0f1feff43bab03aff3c8068acc76378c794a798128377a28bf149e38b3c","ssdeep":"768:gO7yLMbTHtxO03JQdPB4OdXkb3pOLVU2mTCTCraPKLIrC0qZbpa:jWLMbTHtM03JaZdXkb3pOLVNlPFrCppa","tlshash":"fbf2f8d937d2787603d6317a006fa605a23ba8d3998851d8e9e2e8c16d7478dc437fbc","size":36628,"data":"","first_seen":"2023-03-08T08:27:38Z","last_seen":"2026-04-01T10:56:09.035298Z","times_seen":246,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"samsguide.shop/images/gradients/gradient_tcat.gif","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /images/gradients/gradient_tcat.gif HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3728\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BE62J%2Bp3ZMN65uKll9ldu5dMMU8YtBnhaSPsrPKaqZnIM%2BMYnEES5AnNRBA63k9W20bXUJa1va2r9PuTZrStODMEkg8d5JtKtxHBjYkw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: image/gif\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9846ddce9c2176ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3728,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 100 x 100","md5":"953e268b2370fe9d1e26b5f0150fa9bc","sha1":"3fa3df11741f7daa456819cfc9d54ddeabecd9e4","sha256":"1322e161abae06807da173925edfcda17f71ef6014b8009779e7ef1f99d7caf6","sha512":"48bdb5a2750c9e8ccc3efed3f4a6ca624c6f9ead5918640dce9d50e706f07ca6bd033045e2b66550a66fccca8813ee1f861e8ad8bed84109f3f4641e956c8c37","ssdeep":"","tlshash":"e4718d76514923eee29f85f93ec7b273580982abc15e1b990f6434c1f52398da0ad0c2","first_seen":"2023-05-10T10:54:48Z","last_seen":"2026-03-23T13:32:57.807171Z","times_seen":118,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/images/gradients/gradient_panelsurround.gif","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /images/gradients/gradient_panelsurround.gif HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3395\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJg4jaxn65YzKc%2FBb40bA6G%2BOdtoZOTGd5NZEQK33eizn%2Fa40aJsTEbwd54wHc8TJ7wdmgRlyMIEpsi%2Fwwgg4BryXqY5zvxjD9HCv1Ph\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: image/gif\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9846ddce9c2276ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3395,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 450","md5":"f7664719a1698c0eb659b284ee33b666","sha1":"645db90f3be319f6e9a0959ef0b3557085202413","sha256":"c2f201d4c4da428fa908e41016f8d08ffb16a4591b7666010762b434648f0737","sha512":"011411e2987432f1501fd4166d962af6f095cf4c3f05829fa50dc909541ee84338701e11e43613d3876da4c6689f1ceb98d4b0123fdb7b6ed7483831f29a3b3b","ssdeep":"","tlshash":"da615c837069ce74f90506f5d6e8eadd23c8ed3d694a3b4aa23df5c530d7422aa81724","first_seen":"2023-05-19T12:36:21Z","last_seen":"2026-03-17T09:21:15.334942Z","times_seen":42,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/images/gradients/gradient_panel.gif","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /images/gradients/gradient_panel.gif HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3314\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MfQedBnk3%2Fsr3eqXovQB9HJkKHrSLyqNY1GIlrUQPgdouKaq7woZPQK9mevcZ7igXABs9nUJZfVxeZqEE9Q66hEihDbuRb%2BSMrfKNshZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: image/gif\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9846ddce9c2476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3314,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 450","md5":"9f0d6a317b48bbba4dc663f8ef19aa73","sha1":"a3142f1a1e4b727de843c06765892030b409ed48","sha256":"d57d331b58ba51c9b04b7be3ceed937b9a5ca12b555baa25c584394223c7882c","sha512":"aeab11c60ae25636e108c3213288bf7d34f755d4e689413b00e801aee8c16c50d85d2559fbd0641475289a131e2ced74e18a10cdfef88764373c001d0ea9599c","ssdeep":"","tlshash":"1e616ddc989017b8e15bc0355d42b099289add60f63f03bbb0952c595bf8e8438acb0f","first_seen":"2023-05-19T12:36:20Z","last_seen":"2026-03-17T09:21:15.391544Z","times_seen":42,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-25T01:49:40.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /register.php HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: text/html; charset=ISO-8859-1\r\nserver: cloudflare\r\naccept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height\r\ncritical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height\r\ncache-control: private\r\npragma: private\r\nvary: CF-Ray\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i0QO5IZcExA%2BQ1w1eVGYPmyrlml2r%2BLdxzjeFX7L6i9gCgZzSu1dlGwhVFY2h%2ByM%2FG6rXT40HZk8kzoePoDgkYnkfpsVbmLCMCXGAQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: bbsessionhash=156482af917bf61f5dc865f98255d172; HttpOnly; Path=/\nbblastvisit=1758764981; Secure; Path=/; Max-Age=31536000; Expires=Fri, 25 Sep 2026 01:49:41 GMT\nbblastactivity=0; Secure; Path=/; Max-Age=31536000; Expires=Fri, 25 Sep 2026 01:49:41 GMT\r\ncf-ray: 9846ddcb19fd56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"vBulletin:3.8.11","description":"vBulletin is tool that is used to create and manage online forums or discussion boards. It is written in PHP and uses a MySQL database server.","website":"https://www.vbulletin.com","common_platform_enumeration":"cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*","icon":"vBulletin.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"YUI","description":"YUI is a JavaScript and CSS library with more than 30 unique components including low-level DOM utilities and high-level user-interface widgets.","website":"https://clarle.github.io/yui3","common_platform_enumeration":"cpe:2.3:a:yahoo:yui:*:*:*:*:*:*:*:*","icon":"YUI.png","categories":["JavaScript libraries"]},{"name":"Statcounter","description":"","website":"https://www.statcounter.com","common_platform_enumeration":"","icon":"Statcounter.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18860,"size_decoded":0,"mime_type":"text/html; charset=ISO-8859-1","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (672), with CRLF line terminators","md5":"da4083a6d0468cca45dc9db00b726814","sha1":"ca51e71aecc58ab01ec325f45d676421d4fdf948","sha256":"afa765f0dc2989a13b3e88d210e14b8fd6503dab10146338fa83080770469695","sha512":"f7b88bb012fccb92750dfa5baf608e57c28aec7ebf354ed990be9f7fb15df9feb92e0f1f58c20bd30fcfd3e92ce962506b6baa9e0f224ea1e6295f106e47f20d","ssdeep":"384:S07SN9LCjK6SjuAHg5/tbj/Gy6CKJU+HbNfd9i8:S07SNcjK6SsuUwxvh","tlshash":"92822a0b6c45da3a472310e0f371ce96ebbdd048db15cf50b4d6227b6b419a85ab76cc","first_seen":"2025-09-25T01:50:09.45636Z","last_seen":"2025-09-25T01:50:09.45636Z","times_seen":1,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":194,"dns":1,"connect":1,"send":0,"wait":164,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/vbulletin_global.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /clientscript/vbulletin_global.js?v=3811 HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aLWZ51lh3WEu7maAoRVWoCSEZLsIZkBUbSLZ9Yk%2FwySo2bJNNHxVZFpH3xhwL7OPVSN1y0CrT5YabQxKBP2vaEVS%2BcrosKjIwh90Cw%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9846ddcd8a8556a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54580,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"65d1deea45d4f4d120ca5fb36cb7e63c","sha1":"16479827e5ccc7b28c7166478c7bbb987f64450a","sha256":"bf0eb76e9a497db4c3a1383fa3dd4cf67459e24c02e9dd565943b230260264d1","sha512":"df59e1311a4f34acaae152c64f8b48f621f6b70e539e4c752ef6411d659d7d9e7dd3df88bfda85b0b77aa03189134a417513ab1a77fab35fe383741574d9592d","ssdeep":"1536:aEhUg+w7fWWsEiL/fzEAZ995dd9eDsz4fifDspPQ1dCbo9s7ShaVCyjAJ:lLJsn/f5d/eDB8J","tlshash":"b333e986ae1c92370776206d14df418c51bd44312d6364f2f88ce9e5b1b4b5b82bfeba","first_seen":"2025-05-02T09:36:44.358752Z","last_seen":"2026-03-16T11:26:09.571939Z","times_seen":48,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/ncode_imageresizer.js?v=1.10","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /clientscript/ncode_imageresizer.js?v=1.10 HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 05:42:25 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BcKnF1roK693vnmycbfgXnWaPnMocGZuv2JB2l3hbO9m%2BNFligx7UGpLqtL9uWa90ZGHPab27ufwa45%2F0NDnoszk53cVcnl2fRxmTQ%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9846ddcd8a8756a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6337,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"07cd6ae7d2ea9ab97930c7a2ff9ef9bd","sha1":"71bf39fe4f9b01af373ab6f7555692e59ca17384","sha256":"337d0e29bbff50b40a2b3b8ea18cfd9ae362d05af24ffcc989c501949e7ea15d","sha512":"7ff63c5278c43e540c3719824f892b27cad0dee17b38f7d1619b3003c58596f6ddb6897f404b9785ea20879143d364dae6ae151789c3b02316a3cd32b78fc383","ssdeep":"96:T0haZooyIH4e3SmNnFxa/iCEsgTKI/3fJQDJDecQeRi:UaZooyIHLbNnFxa/ivsgTp/3fJtcQeU","tlshash":"efd1048fb7b62176b02534d6ad7e51cd694c97a313018ea9fc1887d8ec94db5827ca30","first_seen":"2024-08-20T21:47:02.63255Z","last_seen":"2026-03-16T11:26:09.566477Z","times_seen":49,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api64.ipify.org/","fqdn":"api64.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"173.231.16.77","port":443,"asn":18450,"as":"WEBNX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ipify.org","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 06 Feb 2025 00:00:00 GMT","end":"Mon, 09 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9B:74:6A:25:D6:31:FF:C3:36:8D:D7:54:7C:C2:B6:CC:A3:CD:17:03","sha256":"FD:FB:ED:F7:BB:34:34:80:84:89:30:C9:CD:7E:D5:3D:1C:26:7F:A1:2F:28:2A:ED:F5:7F:C8:CD:8D:7E:5E:A7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: api64.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://samsguide.shop/\r\nOrigin: https://samsguide.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 25 Sep 2025 01:49:41 GMT\r\nContent-Type: text/plain\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"35b0bce9d250429df012c0426f88d0bd","sha1":"f81d80af9cbeb0011316fbba3da8002b32251f7a","sha256":"da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d","sha512":"32c9df1064e730e1a2358dae62aff741118007187d89510bfbdf93efaaa7356b71a570ea8c5d96bdc0b47155bbaa77df86b6847cc4d95d2d1b7fa2a1484a7144","ssdeep":"","tlshash":"dd600003000000000c00c00cc303030303c00003c30f0000ccc00f000c003300300000","first_seen":"2023-03-07T01:19:04Z","last_seen":"2026-04-04T23:57:48.171467Z","times_seen":25243,"resource_available":true,"data":null}},"time_used":831,"timings":{"blocked":347,"dns":4,"connect":135,"send":0,"wait":136,"receive":0,"ssl":207},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/favicon.ico","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Fri, 07 Mar 2025 02:56:46 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yMOzRc4eiUv7z%2Feed9Jw8Qx2bENKA%2BRavcEjygfS6JW1Mrw8LET%2Feg7SLEk9eFTEAyN9J2HxGPGsj1r9uTd8PMDAyU9aBMxHgjm3hEP6\"}]}\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: image/x-icon\r\ncache-control: max-age=14400\r\ncf-ray: 9846ddcffc2976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"43e5675322214fce4f7920bb8f26780f","sha1":"01e40b1bbf468be2421d34bdd7b73bffaef0a92e","sha256":"f08cf401ea1e45c8fb57e4e3482463a97a5d7450a24da7aa3114a9a531de2cca","sha512":"8feac6266ce520ee1287388bbe88cfceec2b7bafa3e90bca35bb7a58eee5ef0656922d55631f8f306ec2a6df6774bd645222a88f79d84576a56f04fd2b861469","ssdeep":"192:C8Ya8CLfCq8ANeHtIFrmTwjMGiyG/QchKTH3s65PThNqBMryv:rj8MfCq3EHtIFqTDYG/QchUscLnqK+","tlshash":"27625ca87314c95ac8107bbe915efb740397e8243d1c9b33fa17a79c1da22da9f34950","first_seen":"2025-05-02T09:36:44.389142Z","last_seen":"2026-03-21T06:32:46.675985Z","times_seen":49,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/register.php","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:42.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"POST /register.php HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://samsguide.shop/register.php\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 19\r\nOrigin: https://samsguide.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:42 GMT\r\nserver: cloudflare\r\naccept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height\r\ncritical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height\r\ncache-control: private\r\npragma: private\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PUfWF08cJvjoLu3hbtLfbEpmtrkpqA8Q3E%2FKSPSL%2FElkPu6gYzd5%2F4K%2FU2bNQx3VNP8iSvLpf1sXxC8sClyyqjFZUv%2Br9RtkRMu1ax87\"}]}\r\nvary: CF-Ray\r\nset-cookie: bblastactivity=0; Secure; Path=/; Max-Age=31536000; Expires=Fri, 25 Sep 2026 01:49:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=ISO-8859-1\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9846ddd1dc2e76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"vBulletin","description":"vBulletin is tool that is used to create and manage online forums or discussion boards. It is written in PHP and uses a MySQL database server.","website":"https://www.vbulletin.com","common_platform_enumeration":"cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*","icon":"vBulletin.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18343,"size_decoded":0,"mime_type":"text/html; charset=ISO-8859-1","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (327), with CRLF line terminators","md5":"402bfdc17b917090d2a4e13442725023","sha1":"2c9a8d62c66adbeeb188b8d7c2e1b1e795fde866","sha256":"caea0126ca54b82003662876c06145e329ae055a0c555f9db71f723792bce8e1","sha512":"5ec538d75cb3139077fa2bb4555de95651c2c11e8216ed76764ab661a6f8c08dca19a4796c4596e408e72eb4046eef9e15937d117ee89d3b9bcb7c3cbcce06e9","ssdeep":"384:807SN9LCjKFSjWAFgb/tbj/Gy6yJUvbNfd9i8:807SNcjKFSefUvxvh","tlshash":"9282190b6c45d93a472350e0f371cd96ebbed084d715cf50b4d7227baa829a81a776cc","first_seen":"2025-09-25T01:50:09.459917Z","last_seen":"2025-09-25T01:50:09.459917Z","times_seen":1,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/vbulletin_important.css?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /clientscript/vbulletin_important.css?v=3811 HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NlAC73sQGhGeEj0sGkdkUy3c5zw72c0BxKvx0Pyaoz978MumGd2%2B7%2B2sUHNsm9dQZ4kfwL8MZVmuynUUBwGQsYnly9wDlI4tQOWgjw%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9846ddcd7a7f56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1715,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"aca03c2c92d45418d34f2a58a76bb793","sha1":"ad3d7c65896cc279f19b45ce15bd22949570c9a3","sha256":"535d86718d32acc9f28eaa47dda4ae0535ecb2117d8dc22782415bcc415d6b71","sha512":"7f23112590b48aa3b86cd98d7e5b0eb9c37913973a0963648cddaf8db926ee3f8af2d8b18d83fc4f4671d8cdf851f768fa9773d7d51df7cb35014ad55220973c","ssdeep":"","tlshash":"8331e14c0ea07f415b69c06f4e962712cb2bc0221dcb2a5ffc9ce18593ce35a205cb8b","first_seen":"2025-05-02T09:36:44.357652Z","last_seen":"2026-03-16T11:26:09.545527Z","times_seen":48,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/vbulletin_menu.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /clientscript/vbulletin_menu.js?v=3811 HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xWzdsp7styGFlWLs3RrNRmwxXyY7N60tyXGDZZYyOECe2K1ulgZX4K8569rnAU%2F3It0gQ0YSbO3Lb%2FaZNKeCUI%2BfEpDLtuCsXxMNvA%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9846ddcd8a8656a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17324,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text","md5":"760959e8572ceaaffd1e56020fd98912","sha1":"2c26fda7ab63a9ab4c1e2be11de0cd46408dcc2a","sha256":"2a56bc645dbcb80d0b0589398ae88dee1a375d3c495aaa3799b5e6d8c46b268c","sha512":"35dce99f0cc1a2a6350fcc1bfd67ce71cf0f0834d8fc31f7341c1e74061d83b9ab00d3301161d93f0aa462ec754d4cb14e5c4d0c124ec8bf2829733996c8fd7c","ssdeep":"384:ySH3VsMEV51tuG0eugtX8WhjzGMCETNEPhUXqnkPBQQhtuObsUltp22b+Ql9FR7L:ySH3VsMEV51tuTgtX8WhjzGMCsdPBdhT","tlshash":"5f72a5855fbc92324325504c629f83a9d23d407aad57de9e78bcaee424d536400ffe36","first_seen":"2025-05-02T09:36:44.367676Z","last_seen":"2026-03-16T11:26:09.565484Z","times_seen":48,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=3811 HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kTbAYlfQRY3%2FKmeRZbomMgOASF9BQSKutRTDCeXzqW0%2BBtKekzGibohs2kbhN8PBsJsd4SV2jOKi77oz6DnTnN8bjolnB5vFxeTXxA%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9846ddcd8a8156a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36628,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11752)","md5":"f16dcd51fd1d51fac21a9724911184c4","sha1":"5549ff428576843dcbb70b9986e77dfbec09853a","sha256":"d40743d2f62e70a29644f823731551ac1f13903f07f8e0756aa664bb684f276c","sha512":"f754d5b364fd0697ad5f464555ea65ad786aa2e50a514eb0ffed96ef9eb68e1a0285f0f1feff43bab03aff3c8068acc76378c794a798128377a28bf149e38b3c","ssdeep":"768:gO7yLMbTHtxO03JQdPB4OdXkb3pOLVU2mTCTCraPKLIrC0qZbpa:jWLMbTHtM03JaZdXkb3pOLVNlPFrCppa","tlshash":"fbf2f8d937d2787603d6317a006fa605a23ba8d3998851d8e9e2e8c16d7478dc437fbc","first_seen":"2023-03-08T08:27:38Z","last_seen":"2026-04-01T10:56:09.035298Z","times_seen":246,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/bannergraphics/vBulletin_wastesbfnz.png","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /bannergraphics/vBulletin_wastesbfnz.png HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: image/png\r\ncontent-length: 58502\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 26 Apr 2018 01:44:21 GMT\r\naccept-ranges: bytes\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J6%2FA6j%2B8tmo6IlX0Loy%2FLrJ3HoRC6yCmwOqk%2FzQO13N1XnV5g8CaKF%2FwzN8WqEngV0hLbBWdy48H%2BXAzSQt1TxQXq%2BkJjYbrRb1F2w%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9846ddcd8a8956a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 880 x 81, 8-bit/color RGBA, non-interlaced","md5":"5fd20305e5eac3e4fa792e51684cf8b2","sha1":"65162a2cab6f9665e21143154b3e8f8bc23d0b8c","sha256":"fba7bc2a34058dadfdf216a1090ae43671c539eac3cf99cf1fb61f6ef6741a91","sha512":"4df03342209ff3bfd1c5b3b8cace78af3b44b56aafb80a0692e0626c772e82f87b989f96dc5902862f645dfc2a4fa0e154b61922807077211c858eaaf7668b5d","ssdeep":"1536:EpOWs2VXo+ZkX5z0KVB6T7Kg26wMQMqTZ/2Ns0Qob34J6lcbBx3C7K:EwWs2VOXl04c7NX2d2NkIcBx3d","tlshash":"0143028f06af6ad05407d7805d8f1880876d3f22935b6949b23598ef6a389d5efd6c03","first_seen":"2023-10-30T16:28:06Z","last_seen":"2026-03-16T11:26:09.572899Z","times_seen":49,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/clientscript/yui/connection/connection-min.js?v=3811","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /clientscript/yui/connection/connection-min.js?v=3811 HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nvary: CF-Ray, accept-encoding\r\nlast-modified: Thu, 06 Mar 2025 18:44:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NbYhMnH3x7UsED4lsUyUbnnjzJiXRwr9nFjKRCDy7%2Bw7zwjx2Fw15WxCNhMD4%2BT9XafaWf8nQbWcDRaPmu%2BaYygzhtcAdxloNAaTrA%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9846ddcd8a8356a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11604,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6004)","md5":"ed935da9668b7350505daa30027a6f44","sha1":"10ebcea9a5b9a89ad271c462fdafb5d012b9af64","sha256":"a0297b3ea37cda46af5a08ed89b1563987e6f6a233286e1a373668776134841c","sha512":"b53009564c3e69ca1803a4f185e647226dbcaecd2bd58a7f0ff00645e475b13f163c3bd243000356843f8dab471c6eb842253cd2f74f9ed4e86155f3b3d853b5","ssdeep":"192:gzADNoHX4dmPXOYeylk25sOzIGDclyBeBUef913P6KnEyCUt:gzADNoHX4d5ylk25sOzlcUjefP3P6Zy5","tlshash":"0e32f936315124f34efe9055857f9f85ba3458972488b49a38e8eccf856cac1c06bfb8","first_seen":"2023-03-08T08:27:38Z","last_seen":"2026-04-01T10:56:09.055725Z","times_seen":292,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"samsguide.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"samsguide.shop","domain":"samsguide.shop","tld":"shop"},"ip":{"addr":"172.67.165.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://samsguide.shop/register.php","date":"2025-09-25T01:49:41.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samsguide.shop","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 27 Aug 2025 16:38:40 GMT","end":"Tue, 25 Nov 2025 17:37:15 GMT"},"fingerprint":{"sha1":"5E:8F:51:A5:01:05:7C:95:4A:C8:50:C1:87:7E:62:64:ED:2E:18:29","sha256":"B8:8F:6C:59:97:26:A4:A0:3C:5D:09:6F:9C:C6:EB:23:9A:AE:70:47:E5:87:17:40:69:E9:9B:1F:EE:C0:CE:30"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: samsguide.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://samsguide.shop/register.php\r\nCookie: bbsessionhash=156482af917bf61f5dc865f98255d172; bblastvisit=1758764981; bblastactivity=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 01:49:41 GMT\r\ncontent-type: application/javascript\r\nexpires: Thu, 25 Sep 2025 02:37:41 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mGWl0Zm%2BmiAPeeokOgD4SVpm9PxWzLZOVUWeqj%2BVd5Los6Eso4gTz05Mgy2yRup4j2U9T4kU%2Fpx%2BAh%2FyJIpcDPXUpxlj%2FCCv06isYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9846ddcd8a8a56a2-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T00:41:57.221912Z","times_seen":292550,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"samsguide.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}