{"report_id":"63ea9149-7dff-4aec-994f-435723f232a4","version":6,"status":"done","tags":[],"date":"2025-07-20T23:02:35Z","url":{"schema":"http","addr":"pipigou519.top/","fqdn":"pipigou519.top","domain":"pipigou519.top","tld":"top"},"ip":{"addr":"172.67.152.55","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pipigou502.top/?ref=pipigou519.top","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"title":"导航"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-08-24T23:02:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"pipigou502.top","ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-02","domain_rank":0,"first_seen":"2025-07-20T23:02:36.091418Z","last_seen":"2025-07-20T23:02:36.091418Z","alert_count":0,"request_count":4,"received_data":305778,"sent_data":1847,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-07-16T15:11:30.352104Z","alert_count":0,"request_count":1,"received_data":373506,"sent_data":435,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pipigou519.top","ip":{"addr":"104.21.32.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-02","domain_rank":0,"first_seen":"2025-07-20T23:02:36.093833Z","last_seen":"2025-07-20T23:02:36.093833Z","alert_count":2,"request_count":2,"received_data":12988,"sent_data":882,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2025-07-20T23:02:11Z","timestamp":1753052531,"ip_dst":{"addr":"104.21.32.133","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":42920,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-07-20T23:02:11.800187+0000\",\"flow_id\":1959189957303982,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":42920,\"dest_ip\":\"104.21.32.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"pipigou519.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://pipigou502.top/?ref=pipigou519.top\",\"length\":168},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":980,\"start\":\"2025-07-20T23:02:11.515758+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pipigou502.top/?ref=pipigou519.top","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b13c7d6ad7d0ebccabe3ecd56d7c8edc","sha1":"6bab9afffc3b5da457df924736bd40e3ab55c4ab","sha256":"273239a68e90c7fb4f9039c695b0dd0f53616dd30d022ec3fdb8e0f72ae1d80a","sha512":"41cc086501a9eae7e872133f7f65f8f329fa734434f1749c93edb6ec114656437f76aca900943ef8d4e46ad01d0f1b9bb4091006cfefcdec480e46e0385e9ab6","ssdeep":"","tlshash":"f761beb4a23341fb0453405b23e71538d59851b7a899ce46bcec8acb5fdc9b4e0c60be","size":3278,"data":"","first_seen":"2025-03-25T06:30:14.062817Z","last_seen":"2026-03-19T12:21:33.261553Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pipigou502.top/?ref=pipigou519.top","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"087d97cd38e9feb12b23c960f5acbfe3","sha1":"8bab7b34eca6a6b43a725849dc8cda225daab435","sha256":"24c33654de88882394ca80d2736208a88dff06073f8a9ba23e4733aea8580e7a","sha512":"91e605e638dcb54257778e4afedabbff0d50d1971b1f61b8940ee082de308c741520a0c5ac129c5e6e89e493b99e0d9842e5f1bd63c0da0f950aac8bafe4ecd0","ssdeep":"","tlshash":"75c08c8826829c7154fa26404b3fb308b2022090a0901e20095a63888722c2bb208804","size":155,"data":"","first_seen":"2025-03-25T06:30:14.063859Z","last_seen":"2026-03-19T12:21:33.262028Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pipigou502.top/js/jquery.js","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a509c54b5330e1e3386a99004732dd64","sha1":"0c858ce6baba14a44f983abc9dfa00198e24eea3","sha256":"c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686","sha512":"7f091c733b51fedf75aaeef06aa32b74b1da80dabbaf37240be841f076663515ef24d4379d7a6b797d58d5f867f463f097a759bea04400105832f4e2d224c1ac","ssdeep":"1536:TNjxXU9rnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQA:TcqmCU3zhINzfmR4lb3e34UQ47GKb","tlshash":"f79318ddb2c6b06247a770ba407f610ff236199d684d4400f169d8e9bc78a4a827bf7d","size":89947,"data":"","first_seen":"2023-03-12T18:12:58Z","last_seen":"2026-04-24T16:14:14.744669Z","times_seen":953,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-K0GM16CJEG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"80f4a8ebfd4a0fca60aa644c901a0f95","sha1":"9fabc5c89638ffde06f7347b55a32b690ff8b2a0","sha256":"75fe05447aa673f7f3c085654d15d1d0d060eb7b5af0efabe129994fd1e1b14b","sha512":"55bcef224ace683c759a8c4e3ced0a3fa3008da2413111c7971900f02955fbdffbd90dcd118b6c7aad4034843ff064fa3899a78d83554bc46a4854ac4d20fa48","ssdeep":"3072:PIZnUNqPx370/45XAWD60Bi1fwT0GBRznCrC14Md3ArKsml5FoAqhRctjNDsaeAw:9sr0/4+z4eKzFoAqbSj9+A3qN2/G","tlshash":"1a841acdb3c6b4625393b478503f018ba57b68a2b48cc899f185cce42e74a9a4177f7d","size":372505,"data":"","first_seen":"2025-07-20T23:02:39.577078Z","last_seen":"2025-07-20T23:02:39.577078Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pipigou502.top/js/jquery.js","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://pipigou502.top/?ref=pipigou519.top","date":"2025-07-20T23:02:12.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pipigou502.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 02 Jul 2025 00:46:22 GMT","end":"Tue, 30 Sep 2025 01:44:06 GMT"},"fingerprint":{"sha1":"C2:26:D2:27:CC:FC:71:F0:68:5E:AF:71:4F:DB:C1:9E:2C:6B:32:2A","sha256":"46:08:16:E0:8D:1D:0F:79:B6:B0:03:B3:81:8C:56:17:FD:A7:04:BC:CC:6F:5A:EA:0F:E0:B0:1E:71:42:E4:92"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: pipigou502.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pipigou502.top/?ref=pipigou519.top\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 20 Jul 2025 23:02:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 28 Dec 2024 05:07:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"676f87ad-15f5b\"\r\nexpires: Tue, 22 Jul 2025 07:02:12 GMT\r\ncache-control: public, max-age=86400, immutable\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H0u1%2B6Pm8H%2FnxN%2BxzSiGgm4tbUwKMLNWvyT2dMf%2FvJO4uDgUqawbhoumS4ggd5mbKikhyaWMsf%2BIGdrGnL1HlNlozI7x5%2BdiSoDjMLg1ZrXrU94I9g%3D%3D\"}]}\r\nvhtime: Thursday, 10-Jul-2025 13:06:25 GMT, /js/jquery.js\r\nalt-svc: h3=\":443\"; ma=86400\r\nvhserver: HIT\r\ncf-ray: 962615b8af417127-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89947,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators","md5":"a509c54b5330e1e3386a99004732dd64","sha1":"0c858ce6baba14a44f983abc9dfa00198e24eea3","sha256":"c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686","sha512":"7f091c733b51fedf75aaeef06aa32b74b1da80dabbaf37240be841f076663515ef24d4379d7a6b797d58d5f867f463f097a759bea04400105832f4e2d224c1ac","ssdeep":"1536:TNjxXU9rnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQA:TcqmCU3zhINzfmR4lb3e34UQ47GKb","tlshash":"f79318ddb2c6b06247a770ba407f610ff236199d684d4400f169d8e9bc78a4a827bf7d","first_seen":"2023-03-12T18:12:58Z","last_seen":"2026-04-24T16:14:14.744669Z","times_seen":953,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pipigou502.top/css/bootstrap.min.css","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://pipigou502.top/?ref=pipigou519.top","date":"2025-07-20T23:02:12.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pipigou502.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 02 Jul 2025 00:46:22 GMT","end":"Tue, 30 Sep 2025 01:44:06 GMT"},"fingerprint":{"sha1":"C2:26:D2:27:CC:FC:71:F0:68:5E:AF:71:4F:DB:C1:9E:2C:6B:32:2A","sha256":"46:08:16:E0:8D:1D:0F:79:B6:B0:03:B3:81:8C:56:17:FD:A7:04:BC:CC:6F:5A:EA:0F:E0:B0:1E:71:42:E4:92"}}},"request":{"raw":"GET /css/bootstrap.min.css HTTP/1.1\r\nHost: pipigou502.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pipigou502.top/?ref=pipigou519.top\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 20 Jul 2025 23:02:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 28 Dec 2024 05:07:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"676f87ad-329e5\"\r\nexpires: Tue, 22 Jul 2025 07:02:12 GMT\r\ncache-control: public, max-age=86400, immutable\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ons3EeZeXf9%2Fm1sXIGZxTw9Wyey9HD3Kygs65xNczALs6aTK929FYLtr4CP6wNoHECMnOUBmPliFJlT66m1Ur14sFxMdQW93JEBQkPwA52sJhlR7ZA%3D%3D\"}]}\r\nvhtime: Thursday, 17-Jul-2025 08:49:13 GMT, /css/bootstrap.min.css\r\nalt-svc: h3=\":443\"; ma=86400\r\nvhserver: HIT\r\ncf-ray: 962615b85f1d7127-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":207333,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65157)","md5":"e49021d632edd7e891f0899fa2282b39","sha1":"37494fd4e32ab9295df316def571f0580c10ad85","sha256":"4bff417382f9f199b4c136dcb6878741a30507cc1afc00087b0d830a0e5e3ee3","sha512":"dea9b6f4eb9cd4e9a832878995b839bc43986a473d32a2160200d5b81fd325ebaa1467ed9d9c84f52f803fedd319e60890f62de825b3e497622a4bdc676a873e","ssdeep":"1536:3tO9JfwAT8IVOK5wlP7NoIKoz3lpec/KivtQZU1hHFBYuX3xF:3tO9JfwmQdSivtQZU1hHFBYI","tlshash":"321483e6f181353d98a7c1499591befd863fa541d7020aaaf01377a80bca7d70963ecc","first_seen":"2023-11-23T19:33:58Z","last_seen":"2026-03-19T12:21:33.258328Z","times_seen":34,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-K0GM16CJEG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://pipigou502.top/?ref=pipigou519.top","date":"2025-07-20T23:02:12.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Jun 2025 08:40:16 GMT","end":"Mon, 15 Sep 2025 08:40:15 GMT"},"fingerprint":{"sha1":"3A:12:37:38:16:E5:9F:51:4E:B7:1D:5F:1F:C0:84:BB:92:EA:9E:20","sha256":"7C:C3:2F:91:ED:C8:F9:0D:09:BC:07:8E:79:FB:C7:5D:07:2F:F1:59:CD:23:2D:49:F9:C7:19:B9:05:9B:BF:6F"}}},"request":{"raw":"GET /gtag/js?id=G-K0GM16CJEG HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pipigou502.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 20 Jul 2025 23:02:12 GMT\r\nexpires: Sun, 20 Jul 2025 23:02:12 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0\r\nreport-to: {\"group\":\"ascgcycc:1077:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 127052\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":372505,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"80f4a8ebfd4a0fca60aa644c901a0f95","sha1":"9fabc5c89638ffde06f7347b55a32b690ff8b2a0","sha256":"75fe05447aa673f7f3c085654d15d1d0d060eb7b5af0efabe129994fd1e1b14b","sha512":"55bcef224ace683c759a8c4e3ced0a3fa3008da2413111c7971900f02955fbdffbd90dcd118b6c7aad4034843ff064fa3899a78d83554bc46a4854ac4d20fa48","ssdeep":"3072:PIZnUNqPx370/45XAWD60Bi1fwT0GBRznCrC14Md3ArKsml5FoAqhRctjNDsaeAw:9sr0/4+z4eKzFoAqbSj9+A3qN2/G","tlshash":"1a841acdb3c6b4625393b478503f018ba57b68a2b48cc899f185cce42e74a9a4177f7d","first_seen":"2025-07-20T23:02:39.577078Z","last_seen":"2025-07-20T23:02:39.577078Z","times_seen":1,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":105,"dns":3,"connect":14,"send":0,"wait":50,"receive":52,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pipigou502.top/?ref=pipigou519.top","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-20T23:02:11.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pipigou502.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 02 Jul 2025 00:46:22 GMT","end":"Tue, 30 Sep 2025 01:44:06 GMT"},"fingerprint":{"sha1":"C2:26:D2:27:CC:FC:71:F0:68:5E:AF:71:4F:DB:C1:9E:2C:6B:32:2A","sha256":"46:08:16:E0:8D:1D:0F:79:B6:B0:03:B3:81:8C:56:17:FD:A7:04:BC:CC:6F:5A:EA:0F:E0:B0:1E:71:42:E4:92"}}},"request":{"raw":"GET /?ref=pipigou519.top HTTP/1.1\r\nHost: pipigou502.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 20 Jul 2025 23:02:12 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 28 Dec 2024 05:07:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yIGuUTiH4l47esi8RXy5ZtFcdOjlkqtvyvdytO6EMMWoEAqhCh89bz2ereQk2VtCE7M6e5FpjiObXfJFXbCqBPrmDwxLYXEFtgIRKkRwKfu416ZAHca1KtUjBHVNnR9neA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvhtime: Sunday, 20-Jul-2025 23:02:12 GMT, /?ref=pipigou519.top\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Tue, 22 Jul 2025 07:02:12 GMT\r\ncache-control: max-age=115200, public,max-age=86400,immutable\r\nvhserver: HIT\r\ncontent-encoding: br\r\ncf-ray: 962615b55cc17127-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5002,"size_decoded":0,"mime_type":"text/html","magic":"PHP script, Unicode text, UTF-8 text","md5":"c9ca4314b4fc91e5e856417dc218b0c4","sha1":"d71e90fc3357d8f47fb92c244dcc021071540d88","sha256":"1bf05f4f0f604a558917100048b878c675882fb3842ed8a09d011924b67b2391","sha512":"0d90efc1c456de0f8ed3c5b8b2aea1bae6c5220c5eb337c9f72bc217b64d77b403cf5a83ddef61c7d813cd3cf2e6e72d99a615351aea0041ee66a55edf74fe47","ssdeep":"96:qOJa8GC0o8BdnqyJ+a4TKM6494lTVLnf2a+zbdoPlpv7GtRKK7gdEV5/MpwF23yU:PJa7XnV+tTnfOlhDLPveN6K2PD","tlshash":"2da130b5916385bb0493805627f22128d4d491e7e8aece057cec4acb4fdddead0c6169","first_seen":"2025-05-21T15:44:00.702049Z","last_seen":"2026-03-19T12:21:33.260566Z","times_seen":28,"resource_available":true,"data":null}},"time_used":785,"timings":{"blocked":244,"dns":217,"connect":1,"send":0,"wait":296,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pipigou502.top/favicon.ico","fqdn":"pipigou502.top","domain":"pipigou502.top","tld":"top"},"ip":{"addr":"172.67.202.118","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://pipigou502.top/?ref=pipigou519.top","date":"2025-07-20T23:02:13.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pipigou502.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 02 Jul 2025 00:46:22 GMT","end":"Tue, 30 Sep 2025 01:44:06 GMT"},"fingerprint":{"sha1":"C2:26:D2:27:CC:FC:71:F0:68:5E:AF:71:4F:DB:C1:9E:2C:6B:32:2A","sha256":"46:08:16:E0:8D:1D:0F:79:B6:B0:03:B3:81:8C:56:17:FD:A7:04:BC:CC:6F:5A:EA:0F:E0:B0:1E:71:42:E4:92"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pipigou502.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pipigou502.top/?ref=pipigou519.top\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 20 Jul 2025 23:02:13 GMT\r\ncontent-type: image/x-icon\r\ncf-ray: 962615bc2c2856a5-OSL\r\nserver: cloudflare\r\nlast-modified: Sat, 28 Dec 2024 05:07:57 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Tue, 22 Jul 2025 07:02:13 GMT\r\ncache-control: public, max-age=86400, immutable\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sdPtgeOwObPLmKMJaL%2FuVoNPXY5%2BMNZJJiY%2F1%2BbiaRwtfAAR6zyU0m6wr4Ius0PYaO1r%2B%2Bfy6LShgQQqgC8U7MerLO8c48ccK5K%2BdyNum0uBCr%2FLtg%3D%3D\"}]}\r\nage: 878689\r\ncf-cache-status: REVALIDATED\r\netag: W/\"676f87ad-4\"\r\nvhtime: Sunday, 13-Jul-2025 11:46:27 GMT, /favicon.ico\r\nalt-svc: h3=\":443\"; ma=86400\r\nvhserver: HIT\r\ncontent-encoding: br\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=3692\u0026min_rtt=615\u0026rtt_var=4041\u0026sent=121\u0026recv=151\u0026lost=0\u0026retrans=0\u0026sent_bytes=11051\u0026recv_bytes=8645\u0026delivery_rate=317879\u0026ss_exit_cwnd=14923\u0026ss_exit_reason=2\u0026cwnd=14000\u0026unsent_bytes=0\u0026cid=2409eff8142cd29a\u0026ts=1101\u0026inflight_dur=60\u0026x=40\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4,"size_decoded":0,"mime_type":"image/x-icon","magic":"ASCII text, with no line terminators","md5":"49c0b9d84c2a16fcaf9d25694fda75e1","sha1":"14e890c7e8cbf06a1c0fd5168a1bb2d87276a6a5","sha256":"21945e7f31fb51b4fccc6947a26b2573b9bc4763ae10b6bd1b59afda8959aab3","sha512":"1c27d101f7acfa7cd64f127ad8278bfecde6aa6b59ed13723726c8be64759846b2785e67a2b924b4d483f103e8c1759e60551087569e9de6b99c68dbe5cf7eb9","ssdeep":"","tlshash":"0830000000300000000000000300000000000000000000c00000000000000000000000","first_seen":"2023-05-09T12:48:04Z","last_seen":"2026-03-19T12:21:33.261088Z","times_seen":63,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pipigou519.top/","fqdn":"pipigou519.top","domain":"pipigou519.top","tld":"top"},"ip":{"addr":"104.21.32.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-20T23:02:10.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pipigou519.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 02 Jul 2025 00:53:41 GMT","end":"Tue, 30 Sep 2025 01:51:13 GMT"},"fingerprint":{"sha1":"0C:4F:B6:EC:E4:1C:C2:B2:8E:0E:07:97:1C:26:F8:A1:CA:E0:C2:A5","sha256":"A0:6F:D8:4D:90:D1:60:1B:2D:6B:73:21:E0:C9:5C:44:1B:96:65:2B:11:A6:A6:3A:E1:A0:4B:4D:53:D5:44:DC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pipigou519.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sun, 20 Jul 2025 23:02:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 6982\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nserver: cloudflare\r\ncf-ray: 962615afbe1e5687-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":6982,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (396)","md5":"552d60e9fadd2d6d4eff8fafc38f5bad","sha1":"edc48403971f87ca6cb05011ec712b365bca23d4","sha256":"423e2dfcfef0af7c4efe8566accc1570bbf2d95e82dc9bcd857f0521b4673b40","sha512":"3adea0afbfd7bd7e732e33792c4a55b0f0bdd590a69935a27cdebca02c003af0ecbb59146d96baa94fa4a86820539ca90c32d9cb7f786b7891ceec5ecfa6b441","ssdeep":"192:1j9jhjYj0K/BqtUeJJs8VO/Q85A71lw3eP:m/Bqp0IwA71l+eP","tlshash":"95e15771b1f512760093c1923695eb6abae0c653cbef4598b3dcc6632f9fe81d903294","first_seen":"2025-07-20T23:02:39.583629Z","last_seen":"2025-07-20T23:02:39.583629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":833,"timings":{"blocked":343,"dns":308,"connect":6,"send":0,"wait":145,"receive":1,"ssl":23},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-07-20T23:02:11Z","timestamp":1753052531,"ip_dst":{"addr":"104.21.32.133","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":42920,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-07-20T23:02:11.800187+0000\",\"flow_id\":1959189957303982,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":42920,\"dest_ip\":\"104.21.32.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"pipigou519.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://pipigou502.top/?ref=pipigou519.top\",\"length\":168},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":980,\"start\":\"2025-07-20T23:02:11.515758+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"pipigou519.top/","fqdn":"pipigou519.top","domain":"pipigou519.top","tld":"top"},"ip":{"addr":"104.21.32.133","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-20T23:02:11.524Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: pipigou519.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Sun, 20 Jul 2025 23:02:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nLocation: https://pipigou502.top/?ref=pipigou519.top\r\nCf-Cache-Status: DYNAMIC\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YQXuiv7C490q6DaaxHHekm8z8G%2BogGoum%2F%2FF8gqzYhK7MN99szyXgAc3wVLI8e9JZs%2FiUqtzjqWDfgqO6pPeWUw5LolVgPUoCSG%2BTA%3D%3D\"}]}\r\nCF-RAY: 962615b1fcd056a8-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":5002,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":284,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2025-07-20T23:02:11Z","timestamp":1753052531,"ip_dst":{"addr":"104.21.32.133","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":42920,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-07-20T23:02:11.800187+0000\",\"flow_id\":1959189957303982,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":42920,\"dest_ip\":\"104.21.32.133\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"pipigou519.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://pipigou502.top/?ref=pipigou519.top\",\"length\":168},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":671,\"bytes_toclient\":980,\"start\":\"2025-07-20T23:02:11.515758+0000\"}}"}],"analyzer":null,"urlquery":null}}]}