{"report_id":"f701de61-560b-4dde-9c23-3011f511394b","version":6,"status":"done","tags":[],"date":"2025-10-04T14:25:45Z","url":{"schema":"http","addr":"simpcity.cr","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"190.115.31.84","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"http","addr":"simpcity.cr/","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"title":"DDoS-Guard"},"submit":{"url":{"schema":"http","addr":"simpcity.cr","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"190.115.31.84","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-08T14:25:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"simpcity.cr","ip":{"addr":"190.115.31.84","port":80,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2025-07-16","domain_rank":50493,"first_seen":"2025-07-22T23:50:09.712339Z","last_seen":"2025-10-04T03:23:16.232144Z","alert_count":0,"request_count":5,"received_data":35190,"sent_data":2167,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"simpcity.cr/.well-known/ddos-guard/wrongip.js","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"190.115.31.84","port":80,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa83093b54cc45784e7b3416237dc61f","sha1":"4f93cb43dc130732f0eeb558e3ad6cc595589f11","sha256":"5e89fd3c7c928d63f050e24a6f536cc5ae2def0fd51a7b3cc64113499c136c1e","sha512":"28cabc87dce4b59aab1e2de8759092a8e854414339dd7c431d3b83a0f2cc7fa10d4d3b8cfc635ee18b3a3d80a064eb3e7b6f83a5116e68db32fcc1451eb9e0ae","ssdeep":"384:ekMzelCQR05TN23zWEkoIsOzWY3r1toVkJKfgwUnqyZFrdW4WKtm3tV9wzl6T+94:ekMzelCImyWqGWwHKfgwUNP9ODZWOMmB","tlshash":"97d2c2c9f6c2f064439b7561403f100bf33a2d69a86e8094e2aad4d47cbd94ac17bf6d","size":30406,"data":"","first_seen":"2024-12-18T07:13:09.332755Z","last_seen":"2026-04-12T03:28:07.220487Z","times_seen":275,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"simpcity.cr/.well-known/ddos-guard/wrongip.js","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"190.115.31.84","port":80,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://simpcity.cr/","date":"2025-10-04T14:25:24.168Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /.well-known/ddos-guard/wrongip.js HTTP/1.1\r\nHost: simpcity.cr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://simpcity.cr/\r\nCookie: __ddg8_=aJtzdE0HW8xzflLe; __ddg10_=1759587924; __ddg9_=82.148.169.64\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 Ok\r\nServer: ddos-guard\r\nDate: Sat, 04 Oct 2025 14:25:24 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=60\r\nContent-Type: application/javascript\r\nExpires: Sat, 04 Oct 2025 15:25:24 GMT\r\nContent-Length: 30468\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"Ok","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":30468,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (25340), with LF, NEL line terminators","md5":"aa83093b54cc45784e7b3416237dc61f","sha1":"4f93cb43dc130732f0eeb558e3ad6cc595589f11","sha256":"5e89fd3c7c928d63f050e24a6f536cc5ae2def0fd51a7b3cc64113499c136c1e","sha512":"28cabc87dce4b59aab1e2de8759092a8e854414339dd7c431d3b83a0f2cc7fa10d4d3b8cfc635ee18b3a3d80a064eb3e7b6f83a5116e68db32fcc1451eb9e0ae","ssdeep":"384:ekMzelCQR05TN23zWEkoIsOzWY3r1toVkJKfgwUnqyZFrdW4WKtm3tV9wzl6T+94:ekMzelCImyWqGWwHKfgwUNP9ODZWOMmB","tlshash":"97d2c2c9f6c2f064439b7561403f100bf33a2d69a86e8094e2aad4d47cbd94ac17bf6d","first_seen":"2024-12-18T07:13:09.332755Z","last_seen":"2026-04-12T03:28:07.220487Z","times_seen":275,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":29,"dns":11,"connect":20,"send":0,"wait":23,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"simpcity.cr/.well-known/ddos-guard/wrongip.css","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"190.115.31.84","port":80,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://simpcity.cr/","date":"2025-10-04T14:25:24.168Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /.well-known/ddos-guard/wrongip.css HTTP/1.1\r\nHost: simpcity.cr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://simpcity.cr/\r\nCookie: __ddg8_=aJtzdE0HW8xzflLe; __ddg10_=1759587924; __ddg9_=82.148.169.64\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 Ok\r\nServer: ddos-guard\r\nDate: Sat, 04 Oct 2025 14:25:24 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=60\r\nContent-Type: text/css\r\nExpires: Sat, 04 Oct 2025 15:25:24 GMT\r\nContent-Length: 2037\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"Ok","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":2037,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2037), with no line terminators","md5":"a68b0d6dda5b68426925486b7c8d6ca7","sha1":"3b4fe309ca96432b919974676e4d6165754cec64","sha256":"1ad07bb78a8ce1d938b93339581d963edb773041deda339bc3bf1b5ebcfe9533","sha512":"f0866c9cb447917f327636c287d6f0bcad38db12bb90cecc47efb92ae6ce47ad26f4c291c7a63dd383ea4c0a68b0416d748aa6d5122d69994baf1c0d8fb69396","ssdeep":"","tlshash":"e54152226660b02db4b7c8a525c9aa993424ca15a0aff7fcde537131dacf1932e3174d","first_seen":"2025-02-26T21:52:29.856114Z","last_seen":"2026-03-23T03:15:25.75936Z","times_seen":255,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"simpcity.cr/favicon.ico","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"190.115.31.84","port":80,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://simpcity.cr/","date":"2025-10-04T14:25:24.252Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: simpcity.cr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://simpcity.cr/\r\nCookie: __ddg8_=aJtzdE0HW8xzflLe; __ddg10_=1759587924; __ddg9_=82.148.169.64\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: ddos-guard\r\nDate: Sat, 04 Oct 2025 14:25:24 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=60\r\nSet-Cookie: __ddg8_=9MnwKnkjdmmDUW8q; Domain=.simpcity.cr; Path=/; Expires=Sat, 04-Oct-2025 14:45:24 GMT\n__ddg10_=1759587924; Domain=.simpcity.cr; Path=/; Expires=Sat, 04-Oct-2025 14:45:24 GMT\n__ddg9_=82.148.169.64; Domain=.simpcity.cr; Path=/; Expires=Sat, 04-Oct-2025 14:45:24 GMT\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 587\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":587,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (587), with no line terminators","md5":"0044f599bb1614bc412f3b3331bf4ff6","sha1":"e1c98e479ba8f8d01ad96090f0ecc69d2246b4a9","sha256":"bb4ad35776dadba17794f9a00462fbfd625cde7e155e42fe99fb4a107776f451","sha512":"da657684c2778690720d0e3dfe19c1c9731b5c200b371fed973bc8b2e474062d71a5749fc762968d032a05dec20156635b6b15361d90c5ded71ae0d46d93cf21","ssdeep":"","tlshash":"5ff0a2fbc870382f605347c4bc81370c1699da0dee95a4316be9569d86d67649913448","first_seen":"2024-12-18T07:13:09.325278Z","last_seen":"2026-04-12T03:28:07.22179Z","times_seen":282,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"simpcity.cr/","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-04T14:25:23.950Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: simpcity.cr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-15T21:38:41.569918Z","times_seen":13799339,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":51,"dns":0,"connect":22,"send":0,"wait":0,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"simpcity.cr/","fqdn":"simpcity.cr","domain":"simpcity.cr","tld":"cr"},"ip":{"addr":"190.115.31.84","port":80,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-04T14:25:24.053Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: simpcity.cr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: ddos-guard\r\nDate: Sat, 04 Oct 2025 14:25:24 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=60\r\nSet-Cookie: __ddg8_=aJtzdE0HW8xzflLe; Domain=.simpcity.cr; Path=/; Expires=Sat, 04-Oct-2025 14:45:24 GMT\n__ddg10_=1759587924; Domain=.simpcity.cr; Path=/; Expires=Sat, 04-Oct-2025 14:45:24 GMT\n__ddg9_=82.148.169.64; Domain=.simpcity.cr; Path=/; Expires=Sat, 04-Oct-2025 14:45:24 GMT\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 587\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":587,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (587), with no line terminators","md5":"0044f599bb1614bc412f3b3331bf4ff6","sha1":"e1c98e479ba8f8d01ad96090f0ecc69d2246b4a9","sha256":"bb4ad35776dadba17794f9a00462fbfd625cde7e155e42fe99fb4a107776f451","sha512":"da657684c2778690720d0e3dfe19c1c9731b5c200b371fed973bc8b2e474062d71a5749fc762968d032a05dec20156635b6b15361d90c5ded71ae0d46d93cf21","ssdeep":"","tlshash":"5ff0a2fbc870382f605347c4bc81370c1699da0dee95a4316be9569d86d67649913448","first_seen":"2024-12-18T07:13:09.325278Z","last_seen":"2026-04-12T03:28:07.22179Z","times_seen":282,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":20,"dns":1,"connect":19,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}