{"report_id":"e0a9e15a-f303-4708-96bf-6f5e8e1b0601","version":6,"status":"done","tags":[],"date":"2026-05-19T15:53:00Z","url":{"schema":"http","addr":"jigrog.click","fqdn":"jigrog.click","domain":"jigrog.click","tld":"click"},"ip":{"addr":"172.67.183.249","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"jigrog.click/","fqdn":"jigrog.click","domain":"jigrog.click","tld":"click"},"title":"jigrog.click/","dom":{"size":107,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"11428a56abb61778baeadb1601368fa7","sha1":"883168fbfada47cf889409c7dd647a70f209fd53","sha256":"f9c3250b10ac5e18f34dbcf94fdbacef4467b6f27891f409a6d878e97f59cc1c","sha512":"6eabb8439ddedc0385ab2379a3f3ecb62c9af35560709b318c77ff454f11cdae5d3fb03d4d07971b595bafe4ab8f9b62c5380cf3695299c772e6da6a0692d3c6","ssdeep":"","tlshash":"b4b092abe65e090cbf9336e24e862ba05c2a436c380609505b85aa22b90407689661c8","dom_hash":"domhash6d8503313533425f3061f10536ac36b0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"jigrog.click","fqdn":"jigrog.click","domain":"jigrog.click","tld":"click"},"ip":{"addr":"172.67.183.249","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-23T15:53:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T15:52:38Z","timestamp":1779205958,"ip_dst":{"addr":"172.67.183.249","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50886,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T15:52:38.118501+0000\",\"flow_id\":1813036814165041,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":50886,\"dest_ip\":\"172.67.183.249\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"jigrog.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":106},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":669,\"bytes_toclient\":996,\"start\":\"2026-05-19T15:52:37.975921+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T15:52:38Z","timestamp":1779205958,"ip_dst":{"addr":"172.67.183.249","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50886,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T15:52:38.350725+0000\",\"flow_id\":1813036814165041,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":50886,\"dest_ip\":\"172.67.183.249\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"jigrog.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://jigrog.click/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":153},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1216,\"bytes_toclient\":1991,\"start\":\"2026-05-19T15:52:37.975921+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"jigrog.click","ip":{"addr":"172.67.183.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-18","domain_rank":0,"first_seen":"2026-05-19T15:53:00.10664Z","last_seen":"2026-05-19T15:53:00.106641Z","alert_count":3,"request_count":3,"received_data":2274,"sent_data":1227,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"jigrog.click/","fqdn":"jigrog.click","domain":"jigrog.click","tld":"click"},"ip":{"addr":"172.67.183.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-19T15:52:37.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jigrog.click","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 03:54:30 GMT","end":"Sun, 16 Aug 2026 03:54:29 GMT"},"fingerprint":{"sha1":"13:A3:C2:92:F2:70:41:D6:86:97:28:18:64:26:55:42:00:BC:AB:69","sha256":"03:FB:67:12:39:0D:EE:16:2B:30:95:CE:C0:90:68:00:B0:C1:27:16:0A:EE:B7:77:C4:03:20:B9:F3:C8:17:B5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: jigrog.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 19 May 2026 15:52:37 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lN%2BFltbNZ2T9VURVHbz3XY1dgdyZA2yxyuKLZe%2BqLhFzHG3ihPsJ2yhEb5%2BOFCLikFxW5Zg%2BQiCHFz5P0xfl5D2lz7V08sT3r6iLwLMZtWASbPTRc%2FLcIah8%2BKD4j9I%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9fe44513ea43569f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"e96ddceb1c305b9ad21eaae42522c26f","sha1":"ad08ae39a71ed5ba992b8b5dabc450d046354696","sha256":"9221cfedfc5e03790f46c7890bca21fcc47c5788d89dab0aa0799c492b6ae78a","sha512":"1cc850f76467645447e9935f4de13ede698727b4fb598c7bd36de2779596d8b5a85cb94b0cf1fb2259ad1d988f1f199e3f4c310dfdc22fcdd378b8e773f0dbd5","ssdeep":"","tlshash":"bdb012cf360e0d0cbb9307d24dc71bb01c2e836c2c46001027859a333400075cda71cd","first_seen":"2023-04-09T07:10:46Z","last_seen":"2026-06-15T01:07:46.0665Z","times_seen":8583,"resource_available":true,"data":null}},"time_used":1017,"timings":{"blocked":436,"dns":85,"connect":285,"send":0,"wait":144,"receive":0,"ssl":63},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T15:52:38Z","timestamp":1779205958,"ip_dst":{"addr":"172.67.183.249","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.3","port":50886,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T15:52:38.118501+0000\",\"flow_id\":1813036814165041,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":50886,\"dest_ip\":\"172.67.183.249\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"jigrog.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":106},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":669,\"bytes_toclient\":996,\"start\":\"2026-05-19T15:52:37.975921+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jigrog.click/","fqdn":"jigrog.click","domain":"jigrog.click","tld":"click"},"ip":{"addr":"172.67.183.249","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-19T15:52:37.977Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: jigrog.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Tue, 19 May 2026 15:52:38 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ur6LN%2BkaeNaIFd3XC1GEvPD12Y5HHd1bYkcNHnDFIGaV5meSJjpz9T8jkU3epVYCZoFwd9698K31YyHX3ydi7juS%2B2Vfdtu6x8cn2KBeZ7LmyM%2Famvcx%2Fu73qAL5mSY%3D\"}]}\r\nContent-Encoding: gzip\r\nServer: cloudflare\r\nCF-RAY: 9fe44515ab79b4fd-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"e96ddceb1c305b9ad21eaae42522c26f","sha1":"ad08ae39a71ed5ba992b8b5dabc450d046354696","sha256":"9221cfedfc5e03790f46c7890bca21fcc47c5788d89dab0aa0799c492b6ae78a","sha512":"1cc850f76467645447e9935f4de13ede698727b4fb598c7bd36de2779596d8b5a85cb94b0cf1fb2259ad1d988f1f199e3f4c310dfdc22fcdd378b8e773f0dbd5","ssdeep":"","tlshash":"bdb012cf360e0d0cbb9307d24dc71bb01c2e836c2c46001027859a333400075cda71cd","first_seen":"2023-04-09T07:10:46Z","last_seen":"2026-06-15T01:07:46.0665Z","times_seen":8583,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":31,"dns":0,"connect":32,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T15:52:38Z","timestamp":1779205958,"ip_dst":{"addr":"172.67.183.249","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.3","port":50886,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T15:52:38.118501+0000\",\"flow_id\":1813036814165041,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":50886,\"dest_ip\":\"172.67.183.249\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"jigrog.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":403,\"length\":106},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":669,\"bytes_toclient\":996,\"start\":\"2026-05-19T15:52:37.975921+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"jigrog.click/favicon.ico","fqdn":"jigrog.click","domain":"jigrog.click","tld":"click"},"ip":{"addr":"172.67.183.249","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://jigrog.click/","date":"2026-05-19T15:52:38.198Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: jigrog.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://jigrog.click/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 19 May 2026 15:52:38 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nCache-Control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vT1ypq4NO1GN9B8U0cdH4AUQdyNC%2FKjs%2F1SaomxD0KmKG%2BYJEEVnU%2FaWW32q%2Fx52Y9VFv9bJGz36EnwubSmO472I6sMctpyPMaX4C%2Fmb9XD1VLyPoIchJPIVyB%2BRgdM%3D\"}]}\r\nContent-Encoding: gzip\r\nCF-RAY: 9fe44516cd12b4fd-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":179,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"64db5ad5f2ef41babdba80a6dd0518f6","sha1":"aa18a9b1580b8522be1ea5525650e49458d6f7e0","sha256":"5547992afdadb59737c5c0feb1a35dff294cd27145bf290c031737ecf8a2577d","sha512":"59fd8ca9dbfdba5b75dca5c60c9f5a08aceb3e034c5439f9f797f79e32d9bdacd2de0030fc8c87ad3cf87abf4c6814467b9cc4e14d6b92a34f9130281ce54141","ssdeep":"","tlshash":"a6c0808f8043534b812444743ec113d0715e531574b595607f43d12764d865cc5d765d","first_seen":"2023-04-05T17:50:31Z","last_seen":"2026-06-14T18:19:19.213382Z","times_seen":8810,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T15:52:38Z","timestamp":1779205958,"ip_dst":{"addr":"172.67.183.249","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.3","port":50886,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T15:52:38.350725+0000\",\"flow_id\":1813036814165041,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":50886,\"dest_ip\":\"172.67.183.249\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"jigrog.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://jigrog.click/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":153},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1216,\"bytes_toclient\":1991,\"start\":\"2026-05-19T15:52:37.975921+0000\"}}"}],"analyzer":null,"urlquery":null}}]}