{"report_id":"332f2669-bc1e-4e07-9dbf-3097cd19d128","version":6,"status":"done","tags":[],"date":"2026-04-06T13:00:56Z","url":{"schema":"http","addr":"bybit-bitcoin.com","fqdn":"bybit-bitcoin.com","domain":"bybit-bitcoin.com","tld":"com"},"ip":{"addr":"104.21.18.7","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"bybit-bitcoin.com/","fqdn":"bybit-bitcoin.com","domain":"bybit-bitcoin.com","tld":"com"},"title":"404 Not Found","dom":{"size":137,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"5069ae5ba7662051a8d27184c55dba54","sha1":"df42dfb9decb3b58c3cfaaa329ae52454abb9370","sha256":"b397fa9962efd76e5ee42ce027eab7e86742e163f1aa64dec3cf255fde584e2b","sha512":"82f93a9c14934897bc5dbab690b84d4c8962ebfd652a58cbf362e5aa980f0d1fe8b29182739aaaa5d5cb451298395d068bc6df34cf84a57701a23a3f800fd909","ssdeep":"","tlshash":"99c02b0d3463614cdd03116017c33240c088c33f685ac01008018483b0cf2aac4c23a5","dom_hash":"domhash18da208b3b39949e9ba09528a720f5c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bybit-bitcoin.com","fqdn":"bybit-bitcoin.com","domain":"bybit-bitcoin.com","tld":"com"},"ip":{"addr":"104.21.18.7","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T13:00:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:00:36Z","timestamp":1775480436,"ip_dst":{"addr":"Client IP","port":53428,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"172.67.179.31","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body","source":"{\"timestamp\":\"2026-04-06T13:00:36.683784+0000\",\"flow_id\":2237818326994330,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.67.179.31\",\"src_port\":80,\"dest_ip\":\"172.18.0.17\",\"dest_port\":53428,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2847953,\"rev\":1,\"signature\":\"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2021_04_01\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_04_01\"]}},\"http\":{\"hostname\":\"bybit-bitcoin.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":138,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1165,\"bytes_toclient\":1130,\"start\":\"2026-04-06T13:00:35.904602+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"bybit-bitcoin.com","ip":{"addr":"172.67.179.31","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-18","domain_rank":0,"first_seen":"2026-04-06T13:00:56.345279Z","last_seen":"2026-04-06T13:00:56.345279Z","alert_count":2,"request_count":3,"received_data":9274,"sent_data":1247,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bybit-bitcoin.com/","fqdn":"bybit-bitcoin.com","domain":"bybit-bitcoin.com","tld":"com"},"ip":{"addr":"172.67.179.31","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T13:00:35.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bybit-bitcoin.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 07 Mar 2026 14:23:41 GMT","end":"Fri, 05 Jun 2026 15:22:25 GMT"},"fingerprint":{"sha1":"24:46:5A:0A:41:DC:33:8B:C2:B3:6D:44:BD:A6:39:93:F9:9A:23:83","sha256":"4C:14:3F:45:76:B4:59:4D:60:94:C9:C3:D2:78:12:CF:45:CF:D6:65:95:95:56:86:5B:06:8E:9A:78:47:63:50"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bybit-bitcoin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 526 No Reason Phrase\r\ndate: Mon, 06 Apr 2026 13:00:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 7267\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nserver: cloudflare\r\ncf-ray: 9e80f9ef7d5456c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"526","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7267,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (596)","md5":"b29a550bb2f398b19abf9510776ff343","sha1":"19dd6337dcc084f6b82590be3b4867a94e86ac4e","sha256":"9cfbaae3f37b21bc2cba44daaf103a44a99fec1b49d02b0cf32f2cfa9ff68ef7","sha512":"e6aafea63fe91b76469518696f189eb00ba5e952d5b005fadf64cf627ac1efa34e5791037d486f83911fc51a2b3b90c3670fabe5e5edc3a6c25f47b09541288b","ssdeep":"96:1j9jwIjYjBDK/D9KU4HmSG4Fh8/G4Fz1424F9+skKmcmH+0E4GRfWS87RLlxaQxP:1j9jhjYjVK/BateobVtHz4GP871l8eP","tlshash":"82e14576b1f5127610a382a23695fb5a69e0c253cbef449473ddc2632fdef81d903294","first_seen":"2026-04-06T13:00:57.78918Z","last_seen":"2026-04-06T13:00:57.78918Z","times_seen":1,"resource_available":true,"data":null}},"time_used":734,"timings":{"blocked":29,"dns":9,"connect":1,"send":0,"wait":673,"receive":2,"ssl":16},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:00:36Z","timestamp":1775480436,"ip_dst":{"addr":"172.18.0.17","port":53428,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"172.67.179.31","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body","source":"{\"timestamp\":\"2026-04-06T13:00:36.683784+0000\",\"flow_id\":2237818326994330,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.67.179.31\",\"src_port\":80,\"dest_ip\":\"172.18.0.17\",\"dest_port\":53428,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2847953,\"rev\":1,\"signature\":\"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2021_04_01\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_04_01\"]}},\"http\":{\"hostname\":\"bybit-bitcoin.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":138,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1165,\"bytes_toclient\":1130,\"start\":\"2026-04-06T13:00:35.904602+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bybit-bitcoin.com/","fqdn":"bybit-bitcoin.com","domain":"bybit-bitcoin.com","tld":"com"},"ip":{"addr":"172.67.179.31","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T13:00:35.906Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: bybit-bitcoin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Apr 2026 13:00:36 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 09 Jan 2026 18:28:49 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mAQVvjXLI2Bha07tlDu2AoXM8mRK61XxiHCHnI9rmY9alFtL02PnYWXn%2BovkjIuVK8ffD9QCbJjj3GstBYoXOliTjfmdI2itn4QOLoH0hxQpgq2X9uHIwlengqEPWMQr9Za7gA%3D%3D\"}]}\r\nStrict-Transport-Security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nContent-Encoding: gzip\r\nCF-RAY: 9e80f9f4689edfec-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-05-01T18:41:28.220863Z","times_seen":258972,"resource_available":true,"data":null}},"time_used":642,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":640,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-06T13:00:36Z","timestamp":1775480436,"ip_dst":{"addr":"172.18.0.17","port":53428,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"172.67.179.31","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"medium","alert":"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body","source":"{\"timestamp\":\"2026-04-06T13:00:36.683784+0000\",\"flow_id\":2237818326994330,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.67.179.31\",\"src_port\":80,\"dest_ip\":\"172.18.0.17\",\"dest_port\":53428,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2847953,\"rev\":1,\"signature\":\"ETPRO HUNTING HTTP 200 Stat Code with 404 in Body\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2021_04_01\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_04_01\"]}},\"http\":{\"hostname\":\"bybit-bitcoin.com\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":114},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":138,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":5,\"bytes_toserver\":1165,\"bytes_toclient\":1130,\"start\":\"2026-04-06T13:00:35.904602+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bybit-bitcoin.com/favicon.ico","fqdn":"bybit-bitcoin.com","domain":"bybit-bitcoin.com","tld":"com"},"ip":{"addr":"172.67.179.31","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bybit-bitcoin.com/","date":"2026-04-06T13:00:36.684Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bybit-bitcoin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bybit-bitcoin.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Mon, 06 Apr 2026 13:00:37 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e14iwcyBlKLiqvnLL8ruMhkHyBvll6xgwwXaLoPMOFGZkvUnK26yV5P5hZef56Ou9s3TPh9E5pWLlLZqrHPZWm0IKCAZWCe62fQQyq4i0JU8i4OE%2FnwagMug09ZyoifHSHxxIw%3D%3D\"}]}\r\nContent-Encoding: gzip\r\nCF-RAY: 9e80f9f94f81dfec-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-01T18:39:39.979963Z","times_seen":500269,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}