{"report_id":"1e9f6b3b-8ddf-41c7-a67b-5e44c4584840","version":6,"status":"done","tags":[],"date":"2026-04-26T13:59:25Z","url":{"schema":"http","addr":"cha-ngelly.com","fqdn":"cha-ngelly.com","domain":"cha-ngelly.com","tld":"com"},"ip":{"addr":"176.125.242.151","port":0,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"cha-ngelly.com/","fqdn":"cha-ngelly.com","domain":"cha-ngelly.com","tld":"com"},"title":"Changelly | Swap \u0026 Exchange Crypto","dom":{"size":32566,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (939)","md5":"c98a5b42ca273402ba66eb4a5ce033e3","sha1":"80ac937543d93ab81462937b0e49df9f81c44ef4","sha256":"5af8cfe14ffc7f77e4f231f21e6c753150403d5f5cc00e794591db03e42d638f","sha512":"4ce7906dfae556598a0a104936ab6bdb91e8856026828120b58bf3afc0cccbb8dcdfc765f2226d016636893022006d28464085860e9787854c538148dec060b6","ssdeep":"384:SM+UsxM1UxE41acJynhGzbiupg3JkeFU73F1/vfGL5NEtFklS/wBN:SM+dxeUC41acJVsaeF6D/H8yp2N","tlshash":"30e27365a1f6707270a791e23bb60b9b6be8e583c40a426437fc429c8fc5cd48d67a4d","dom_hash":"domhash30bb7af3350d48918252fdb3d87e5d20","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cha-ngelly.com","fqdn":"cha-ngelly.com","domain":"cha-ngelly.com","tld":"com"},"ip":{"addr":"176.125.242.151","port":0,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-31T13:59:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-26","alert":"Phishing Block","trigger":"cha-ngelly.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cha-ngelly.com","ip":{"addr":"176.125.242.151","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2026-03-26","domain_rank":0,"first_seen":"2026-04-21T16:08:28.141601Z","last_seen":"2026-04-21T16:08:28.141601Z","alert_count":3,"request_count":3,"received_data":36044,"sent_data":1368,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cha-ngelly.com/","fqdn":"cha-ngelly.com","domain":"cha-ngelly.com","tld":"com"},"ip":{"addr":"176.125.242.151","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-26T13:59:04.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cha-ngelly.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 13:23:30 GMT","end":"Wed, 24 Jun 2026 13:23:29 GMT"},"fingerprint":{"sha1":"01:B9:C1:94:C9:02:D4:58:62:D7:58:9A:33:29:76:34:BB:91:BA:62","sha256":"B1:13:90:81:D0:72:16:37:EC:C4:3F:93:73:49:86:AF:61:5F:96:89:50:35:0C:F2:FC:8B:DD:2F:C7:D8:19:AE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cha-ngelly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Sun, 26 Apr 2026 13:59:04 GMT\r\nContent-Type: text/html; charset=utf-8\r\nLast-Modified: Thu, 26 Mar 2026 14:13:35 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69c53f0f-7ff7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32759,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (939)","md5":"c27a076eca0736807af629f0c34d9f91","sha1":"9f1e64ee88ded34ec288103df973da409a602731","sha256":"91742a1a546fe2829b4f0d0a60e5dda1b2906febf9f45af6ff74b7bfe0c174a2","sha512":"e0291f67caf5223b066d5fa1345cfc01d3b43a325b65fd236eac931d59ae764339f799c05d295acd089d72e4b2ad78502e1c66ad58a8423b4ad28f28ff2f49e9","ssdeep":"384:LD+UsxM1znE41aHJUnhGs2iupg3JkeUU73Fe/QxhSaNEtEklS/wBY:LD+dxezE41aHJ3qaeU6k/0TyK2Y","tlshash":"16e29365a1f6317660b791e23ba64b9b7be8f483c40a425437fc429c8fc1cd48d67a8d","first_seen":"2026-04-21T16:08:32.112219Z","last_seen":"2026-04-26T14:34:00.490169Z","times_seen":3,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":242,"dns":116,"connect":59,"send":0,"wait":60,"receive":1,"ssl":65},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-26","alert":"Phishing Block","trigger":"cha-ngelly.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cha-ngelly.com/apple-touch-icon.png","fqdn":"cha-ngelly.com","domain":"cha-ngelly.com","tld":"com"},"ip":{"addr":"176.125.242.151","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cha-ngelly.com/","date":"2026-04-26T13:59:04.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cha-ngelly.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 13:23:30 GMT","end":"Wed, 24 Jun 2026 13:23:29 GMT"},"fingerprint":{"sha1":"01:B9:C1:94:C9:02:D4:58:62:D7:58:9A:33:29:76:34:BB:91:BA:62","sha256":"B1:13:90:81:D0:72:16:37:EC:C4:3F:93:73:49:86:AF:61:5F:96:89:50:35:0C:F2:FC:8B:DD:2F:C7:D8:19:AE"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: cha-ngelly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cha-ngelly.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.2\r\nDate: Sun, 26 Apr 2026 13:59:04 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 25 Mar 2026 13:02:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69c3dcd4-990\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2448,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"51120a3ad49678b13fc902c89575257f","sha1":"53beca436fca85e511c0cb1b06c0ee615597651e","sha256":"db00eb797f93d5568395a8c66da4b027a62fe802d2353769fbc843b10e3f83f0","sha512":"b8ff944465b0102cf4048977ebe8a810b8107408a58e91490a953bc9be982715821be77000125d91e723bf6f77bbfad9474f34fe1c883241c74bcd07120201b5","ssdeep":"","tlshash":"ca510b1957cc3c6d3fe115e6f21c04f328e61653fef8055d11a6c66d20f112907ee825","first_seen":"2025-11-18T09:10:19.348098Z","last_seen":"2026-04-26T14:45:26.879387Z","times_seen":25,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-26","alert":"Phishing Block","trigger":"cha-ngelly.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cha-ngelly.com/favicon-16x16.png","fqdn":"cha-ngelly.com","domain":"cha-ngelly.com","tld":"com"},"ip":{"addr":"176.125.242.151","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cha-ngelly.com/","date":"2026-04-26T13:59:04.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cha-ngelly.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 13:23:30 GMT","end":"Wed, 24 Jun 2026 13:23:29 GMT"},"fingerprint":{"sha1":"01:B9:C1:94:C9:02:D4:58:62:D7:58:9A:33:29:76:34:BB:91:BA:62","sha256":"B1:13:90:81:D0:72:16:37:EC:C4:3F:93:73:49:86:AF:61:5F:96:89:50:35:0C:F2:FC:8B:DD:2F:C7:D8:19:AE"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: cha-ngelly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cha-ngelly.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Sun, 26 Apr 2026 13:59:04 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"aad3bd278f678e0130de8270d76d8685","sha1":"3df1e1de8d09f143b3a86820cccba2ede497ed87","sha256":"1b99284bfc6859dc384b7c81a29eda1eb815005952a1a78f6d7b21ab30726286","sha512":"48f2c31f2e20812e8f9e9e516851bf6fc478bff4dcd0fef5f03a1a4ec4178fe4c2aefdf860da23ae064775a4dcb409bb0aad822bbf42835b7f94761a8085a740","ssdeep":"","tlshash":"6ec02b2d39137c4cc5a3317422c37880c0ca83376cba41128400800331cf2998ac3397","first_seen":"2026-02-09T01:33:08.879169Z","last_seen":"2026-04-30T18:25:40.923288Z","times_seen":3842,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":1,"connect":59,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-26","alert":"Phishing Block","trigger":"cha-ngelly.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}