{"report_id":"bc69d325-c521-4c0e-b9e7-f8eaf88c3e27","version":6,"status":"done","tags":[],"date":"2025-10-07T12:04:58Z","url":{"schema":"http","addr":"ch2ihbjgmcm.xyz/","fqdn":"ch2ihbjgmcm.xyz","domain":"ch2ihbjgmcm.xyz","tld":"xyz"},"ip":{"addr":"172.67.188.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ch2ihbjgmcm.xyz/","fqdn":"ch2ihbjgmcm.xyz","domain":"ch2ihbjgmcm.xyz","tld":"xyz"},"title":"Pigsty"},"submit":{"url":{"schema":"http","addr":"ch2ihbjgmcm.xyz/","fqdn":"ch2ihbjgmcm.xyz","domain":"ch2ihbjgmcm.xyz","tld":"xyz"},"ip":{"addr":"172.67.188.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-11T12:04:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ch2ihbjgmcm.xyz","ip":{"addr":"104.21.7.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-05-29","domain_rank":0,"first_seen":"2025-10-07T12:04:58.117225Z","last_seen":"2025-10-07T12:04:58.117225Z","alert_count":0,"request_count":1,"received_data":18800,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"pigsty.cc","ip":{"addr":"47.74.49.189","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Japan","country_code":"JP"},"domain_registered":"2020-11-06","domain_rank":0,"first_seen":"2025-03-18T10:23:40.891857Z","last_seen":"2025-03-18T10:23:40.891857Z","alert_count":0,"request_count":1,"received_data":279,"sent_data":407,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ch2ihbjgmcm.xyz/","fqdn":"ch2ihbjgmcm.xyz","domain":"ch2ihbjgmcm.xyz","tld":"xyz"},"ip":{"addr":"104.21.7.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-07T12:04:35.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ch2ihbjgmcm.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 15:16:27 GMT","end":"Tue, 23 Dec 2025 16:14:06 GMT"},"fingerprint":{"sha1":"EB:C2:0D:9C:3B:8B:C8:34:7C:F0:1A:D4:49:95:51:19:7A:E0:FF:82","sha256":"69:05:39:B6:83:36:A3:7C:15:BA:C0:79:4A:B2:48:04:A3:22:98:EC:08:F6:F1:F8:5C:99:85:D8:EB:34:91:1D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ch2ihbjgmcm.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Oct 2025 12:04:55 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 29 Sep 2025 17:53:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9%2FCOVskhVNU4FnnKj2gyyAkLzP42cd%2FuSd%2BwA6x%2BltQ8d0axjHFIU9qIHAvgqe4rtK6Y0cSMrWg8NLeYtGNA7CTNVMGCnNLbAd2YUvM%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98ad430c9cdab4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18207,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (12756)","md5":"7bb3655713a757de2c9590370c401202","sha1":"038a73f830c56e414ffe4884b2ede4004bc6a86f","sha256":"60238bb092c0ce05c382b3ae65afc1d2f027f007f6a9248518684a7f81fcb4d8","sha512":"04d3a95af67a58066e7efaa8710d1af78c3996455d4f2271330f0769ac05c8f19ee4995f4ea04adf385018e1cd223b341216c94774466ee17923b2538739621a","ssdeep":"192:wmZJJTy0XYPbPdlGxcenmy9luXmz25ucXC5kubUuYzAFo/LpO:wAJoBlGxcenmy9zz25yYsFoDg","tlshash":"5c82d692e2a43012a0778a3af8d16d2c71350553e7360bbaf93fa75dcf851b6121738e","first_seen":"2025-10-07T08:02:15.689426Z","last_seen":"2025-10-09T15:24:52.934851Z","times_seen":6,"resource_available":false,"data":null}},"time_used":19866,"timings":{"blocked":230,"dns":65,"connect":1,"send":0,"wait":19406,"receive":0,"ssl":161},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pigsty.cc/logo.gif?version=v3.6.1","fqdn":"pigsty.cc","domain":"pigsty.cc","tld":"cc"},"ip":{"addr":"47.74.49.189","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ch2ihbjgmcm.xyz/","date":"2025-10-07T12:04:55.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pigsty.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Sep 2025 12:51:48 GMT","end":"Sun, 28 Dec 2025 12:51:47 GMT"},"fingerprint":{"sha1":"8D:D7:2E:FB:3B:A7:41:DD:DB:30:D9:6F:B1:4D:34:C2:31:7B:7E:82","sha256":"1B:F5:B1:31:50:A5:87:33:8B:D5:53:26:97:EA:30:2F:A5:78:41:B8:20:16:0C:99:73:39:EA:2E:0D:5C:9D:0E"}}},"request":{"raw":"GET /logo.gif?version=v3.6.1 HTTP/1.1\r\nHost: pigsty.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Tue, 07 Oct 2025 12:04:56 GMT\r\nContent-Type: image/gif\r\nContent-Length: 43\r\nLast-Modified: Sun, 01 Jun 2025 17:21:25 GMT\r\nConnection: keep-alive\r\nETag: \"683c8c15-2b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 87a, 1 x 1","md5":"41c70fef20f50ea4ac446b79bdc7935e","sha1":"b77d4f7d0792de7f179ba858e9cbdde0029c31e0","sha256":"89741b55a7345255f79c80c6cbdf31da19f169b4c1ec623c611e2728737da957","sha512":"4eeec2ad93bc3b643ed72b5c95746b4a1e94734f7d93e7b3b0a6899f8afb2311ec82cb0ea431078085c2d7c5a9daea1f9af96d5f85f304b8b43e134125410048","ssdeep":"","tlshash":"82900447f1404101c131403007075351070c5030145403050071505dfc157553d03410","first_seen":"2025-10-07T12:05:04.256154Z","last_seen":"2025-10-07T12:05:04.256154Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1307,"timings":{"blocked":524,"dns":2,"connect":253,"send":0,"wait":256,"receive":1,"ssl":266},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}