{"report_id":"4d4764c8-261c-4b20-911c-616951157328","version":0,"status":"done","tags":[],"date":"2026-06-17T20:20:04Z","url":{"schema":"http","addr":"weexpuls.com","fqdn":"weexpuls.com","domain":"weexpuls.com","tld":"com"},"ip":{"addr":"172.67.217.215","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"weexpuls.com/","fqdn":"weexpuls.com","domain":"weexpuls.com","tld":"com"},"title":"weexpuls.com/","dom":{"size":44,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"4e1d8dee927f843366745e5c89849c8d","sha1":"1b635330a811a721b547d787789307e57094f384","sha256":"5a026b30e13db1d9210d86c1e79d0a3edaa7f4f2970361f3b7f75e3c2a6abe4c","sha512":"e2a7b815c0ff9664bb6ccf0ed138fc28a3c452c59331f472a2a3ffb444e1a938cffd224b7158706c649295906ef9f245c7e33ac033c28ef62160bff3b6be8d6b","ssdeep":"","tlshash":"099004fdd07110157c3475c10cc313410c54435c70054d0017c07c74c514135cc47dc4","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"weexpuls.com","fqdn":"weexpuls.com","domain":"weexpuls.com","tld":"com"},"ip":{"addr":"172.67.217.215","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T20:20:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexpuls.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"weexpuls.com","ip":{"addr":"172.67.217.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-29","domain_rank":0,"first_seen":"2026-06-15T11:15:44.307025Z","last_seen":"2026-06-15T11:15:44.307025Z","alert_count":2,"request_count":2,"received_data":2262,"sent_data":1690,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"weexpuls.com/","fqdn":"weexpuls.com","domain":"weexpuls.com","tld":"com"},"ip":{"addr":"172.67.217.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T20:19:41.523Z","timestamp":1781727581523,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexpuls.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 03:07:01 GMT","end":"Wed, 26 Aug 2026 03:07:00 GMT"},"fingerprint":{"sha1":"43:46:94:D1:AC:2C:16:26:70:A2:11:DA:B5:02:D0:61:77:3E:8D:4D","sha256":"E1:B2:3C:C9:03:B8:22:E7:82:D9:50:0B:48:85:C3:32:65:68:AD:2E:CE:6F:AE:14:9F:8D:CB:DB:FF:52:31:51"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: weexpuls.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Wed, 17 Jun 2026 20:19:42 GMT\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlcwaTZkeTN4TDkxQitFSnJyT1lQbFE9PSIsInZhbHVlIjoia3Q4Syt5NkdcL3NoQUJkUklwbzIrN2VIb2hjYktYOG1CVWtZZ2lvNFNHVGZ0M1V0Ykp5NG5HVFZzS2xESkdIa3B4SHNybmpoVmlSUElOZnN5RXlKclRFZkJkNVJkQVVsVWNkZEFEdkR4R3QrWlplcFdhR2RWMGFBSGhqXC9oVnlyQSIsIm1hYyI6ImNhMzU2NzY5Mzk2MzRlNTM2YzEyNDA2NTI4NmU1YjU3MjRhYTg3MjZmYWJiNzRmNjg5MGRhNmNlMzcyNjNkYWIifQ%3D%3D; expires=Wed, 17-Jun-2026 22:19:42 GMT; Max-Age=7200; path=/\nlaravel_session=eyJpdiI6InBsUFBEM1RBTkh2WHZmUUdjSDhYSmc9PSIsInZhbHVlIjoiK01JYm5jS1JhazgzckJicjE3SW9reVZ1WklpQlAwK0VDSXdUakViMW1GODVyOGhNcnJrMm9ya0QzbUFsMW9BekxTTGpVK0xlXC8xdW9cL2pIOSszbFZqXC9wMnEzY1VSRTRVNUF3MDhRNVBTbkY5cHptZHhWWTFwOFFYNjFLQ2VQODIiLCJtYWMiOiJiNGI1YjYzZTUzYzc2N2JmNjg4OGQ0NzhjM2NjYjU2ZDQ1ZDI1MGIwYmFlOTFlZWFlOTNhYjNhOTc3Y2NkOTkwIn0%3D; expires=Wed, 17-Jun-2026 22:19:42 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=orwRWYUB%2F1XGYRcIXLbLKQ2QqwFSrXE9uW%2BwdKv3mAefzEw7IRfkdG6PZJc7Wz6VpPkkQiqzN8%2BVvvf%2FiLekxfmq%2FTw%2FjMFtQRkM5Ozimhx3f2%2BVR1hPQ3AY1d%2FoBuA%3D\"}]}\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d4c028f90bb4ff-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":1553,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5d41402abc4b2a76b9719d911017c592","sha1":"aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d","sha256":"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824","sha512":"9b71d224bd62f3785d96d46ad3ea3d73319bfbc2890caadae2dff72519673ca72323c3d99ba5c11d7c7acc6e14b8c5da0c4663475c2e5c3adef46f73bcdec043","ssdeep":"","tlshash":"f1300030000000000000000000000000000000000000000000000000000003000c0000","first_seen":"2023-04-18T18:31:38Z","last_seen":"2026-06-21T09:43:01.979345Z","times_seen":1154,"resource_available":true,"data":null}},"time_used":990,"timings":{"blocked":-1,"dns":46,"connect":21,"send":0,"wait":923,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexpuls.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weexpuls.com/favicon.ico","fqdn":"weexpuls.com","domain":"weexpuls.com","tld":"com"},"ip":{"addr":"172.67.217.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://weexpuls.com/","date":"2026-06-17T20:19:42.768Z","timestamp":1781727582768,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"weexpuls.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 03:07:01 GMT","end":"Wed, 26 Aug 2026 03:07:00 GMT"},"fingerprint":{"sha1":"43:46:94:D1:AC:2C:16:26:70:A2:11:DA:B5:02:D0:61:77:3E:8D:4D","sha256":"E1:B2:3C:C9:03:B8:22:E7:82:D9:50:0B:48:85:C3:32:65:68:AD:2E:CE:6F:AE:14:9F:8D:CB:DB:FF:52:31:51"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: weexpuls.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://weexpuls.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IlcwaTZkeTN4TDkxQitFSnJyT1lQbFE9PSIsInZhbHVlIjoia3Q4Syt5NkdcL3NoQUJkUklwbzIrN2VIb2hjYktYOG1CVWtZZ2lvNFNHVGZ0M1V0Ykp5NG5HVFZzS2xESkdIa3B4SHNybmpoVmlSUElOZnN5RXlKclRFZkJkNVJkQVVsVWNkZEFEdkR4R3QrWlplcFdhR2RWMGFBSGhqXC9oVnlyQSIsIm1hYyI6ImNhMzU2NzY5Mzk2MzRlNTM2YzEyNDA2NTI4NmU1YjU3MjRhYTg3MjZmYWJiNzRmNjg5MGRhNmNlMzcyNjNkYWIifQ%3D%3D; laravel_session=eyJpdiI6InBsUFBEM1RBTkh2WHZmUUdjSDhYSmc9PSIsInZhbHVlIjoiK01JYm5jS1JhazgzckJicjE3SW9reVZ1WklpQlAwK0VDSXdUakViMW1GODVyOGhNcnJrMm9ya0QzbUFsMW9BekxTTGpVK0xlXC8xdW9cL2pIOSszbFZqXC9wMnEzY1VSRTRVNUF3MDhRNVBTbkY5cHptZHhWWTFwOFFYNjFLQ2VQODIiLCJtYWMiOiJiNGI1YjYzZTUzYzc2N2JmNjg4OGQ0NzhjM2NjYjU2ZDQ1ZDI1MGIwYmFlOTFlZWFlOTNhYjNhOTc3Y2NkOTkwIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 20:19:43 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Sat, 04 Jul 2020 09:08:10 GMT\r\netag: \"5f0046fa-0\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IM%2BGh0Qk9hyDURBrmQ9h8ad5LNt4EHNOj1V3Cjm%2FsIUuyqcsbuvHT82oyLa%2F0LnAx1JizQSJOkCl%2BMmESMzAnBowrISd%2FiSc0maTjixZC5vexeWoZwr%2Fj%2Fu5kgaywUE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d4c03059e9b4ff-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":718,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-21T10:29:49.859728Z","times_seen":16606232,"resource_available":true,"data":null}},"time_used":874,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":874,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"weexpuls.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}