{"report_id":"5f835698-3527-421a-937c-dc1749a99d77","version":6,"status":"done","tags":[],"date":"2026-01-24T13:40:10Z","url":{"schema":"https","addr":"megaeth.finance","fqdn":"megaeth.finance","domain":"megaeth.finance","tld":"finance"},"ip":{"addr":"172.67.198.202","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"megaeth.finance/","fqdn":"megaeth.finance","domain":"megaeth.finance","tld":"finance"},"title":"MegaETH | NFT","dom":{"size":8932,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2801)","md5":"f3c76a3d7192a23c8a5ca7246ae84f60","sha1":"401311e974544195bc45ddae7f4eb10ae45e0754","sha256":"539d2a643818fd6773206353866e711908fb9e88177c6d40244cbb3a64aed8f6","sha512":"4825103fa47eff166d9618e7f3c85a406ea3a2a96398f7e7d8e67902ad88f650756b3fa47d171b81a76a2a1b325b219de9522aaceeb5bf36f53bf61696f1942a","ssdeep":"192:X28YDuH2d+/q7dzqZzzGViVARQI7xmzGgey8Vbekoy/Lf5:X288uH2d+/qJ+QBoy/Lf5","tlshash":"80026795be9120a0b11b527d32eadf9eb1649103d719adb8f6cc2044cf8da794ee13cd","dom_hash":"domhashf59a9e123fe7565c5f276d9530e59c02","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"megaeth.finance","fqdn":"megaeth.finance","domain":"megaeth.finance","tld":"finance"},"ip":{"addr":"172.67.198.202","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T13:40:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"megaeth.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"megaeth.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"nft.megaeth.com","ip":{"addr":"104.18.9.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-03-24","domain_rank":0,"first_seen":"2026-01-24T13:40:10.323456Z","last_seen":"2026-01-24T13:40:10.323456Z","alert_count":0,"request_count":1,"received_data":46285,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"megaeth.finance","ip":{"addr":"104.21.13.76","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-09-21","domain_rank":0,"first_seen":"2025-09-12T17:23:05.549671Z","last_seen":"2025-09-12T17:23:05.549672Z","alert_count":2,"request_count":1,"received_data":20497,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"nft.megaeth.com/icons/icon-192.png","fqdn":"nft.megaeth.com","domain":"megaeth.com","tld":"com"},"ip":{"addr":"104.18.9.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://megaeth.finance/","date":"2026-01-24T13:40:03.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nft.megaeth.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 21:46:46 GMT","end":"Sat, 21 Mar 2026 22:46:42 GMT"},"fingerprint":{"sha1":"48:0C:2A:61:BD:B9:7C:3B:3E:EB:16:0E:33:BF:FF:E4:62:A2:4F:52","sha256":"D2:0C:C4:82:1E:4B:E6:1F:38:00:41:1D:06:FC:F5:1C:CB:6A:2E:A6:7C:FE:82:64:A7:67:1E:F3:07:1D:DC:EF"}}},"request":{"raw":"GET /icons/icon-192.png HTTP/1.1\r\nHost: nft.megaeth.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://megaeth.finance/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:40:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 45300\r\ncf-ray: 9c2ff0bfbd6c0b3d-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"icon-192.png\"\r\netag: \"a8e48e4226cf7f55ac12cb063ebae9ec\"\r\nlast-modified: Mon, 19 Jan 2026 07:18:26 GMT\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /icons/icon-192.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::x7p74-1769262003225-a04ca6712568\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=Wl7KgpIoANzBXqpQf4jKBZIja8HoWPP1UOWi_TTspaA-1769262003-1.0.1.1-QSc9xiqgm4tBPFrgaMfxrbgKPD.hf7KGAQRZTgz61Vu7LYsEmoCD9uHA6mygPTH2.BWEkjsLX3ahRY6.mCOy5.glK5KivOhSRdAGvy1ImuQ; path=/; expires=Sat, 24-Jan-26 14:10:03 GMT; domain=.megaeth.com; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45300,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"a8e48e4226cf7f55ac12cb063ebae9ec","sha1":"8a0a4d8c484763788f696564e9d7bac4b69d82b7","sha256":"9195efdb16b036b3a454a580da46c9e2a2517a8bfb2e910663ab6f5e933db188","sha512":"843034a1741ce6c736da6bea354f114df6d136007bc82b9bf2cb4e15f93a9a16dc35fc21b6f62ce5a183ef11b26910165fbeb8daea91b00ded86ded6bdab8903","ssdeep":"768:At6JCnZBd1YHu3A55RM7IFzs3NE5nubOXvCFA6kqpXY78WppsWYcxYp:5JC3d1W6A5579s3NET/CFA6kqpXK8Csx","tlshash":"d813f1dedc8c007284a348b5d234c97e67bbf2a9587fd9ab0b179f8e608580b5514ec3","first_seen":"2026-01-24T13:40:11.500647Z","last_seen":"2026-01-24T13:40:11.553768Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":6,"connect":1,"send":0,"wait":119,"receive":3,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megaeth.finance/","fqdn":"megaeth.finance","domain":"megaeth.finance","tld":"finance"},"ip":{"addr":"104.21.13.76","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T13:39:48.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megaeth.finance","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 3","organization":"SSL Corporation"},"validity":{"start":"Sun, 04 Jan 2026 18:09:12 GMT","end":"Sat, 04 Apr 2026 18:17:57 GMT"},"fingerprint":{"sha1":"AB:8B:8E:D4:5C:19:3D:7C:38:6C:25:75:E6:DF:F5:7D:E7:4E:1B:02","sha256":"B6:D5:4F:86:99:07:8D:B0:F8:CD:8E:21:76:FD:16:BD:4F:07:74:65:47:2A:1E:04:6E:A2:60:29:EE:FA:5A:23"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: megaeth.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:39:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-security-policy: frame-ancestors *\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\nlast-modified: Mon, 08 Sep 2025 09:36:03 GMT\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __visitor_fp=6b139074-a3e5-4a20-9d5a-111aa3418f97; Max-Age=31536000; Path=/; Expires=Sun, 24 Jan 2027 13:39:50 GMT; HttpOnly; Secure; SameSite=Lax\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hsJ%2FhhTO3Vq%2FKzoZnpocSTlE3AIU%2BLMXFXmthnlrOHh4epFsfqGyx49dItJKXvULVP2HbbljgTqvy3%2BNm7Ym4dmVz6mfEHJwp9P6FChnMQ%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c2ff06758fc723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19497,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (3791)","md5":"49377edb4492c7770d801a5075a6241f","sha1":"9a4d1c96e57b314e674e5ff585b97555adeb264b","sha256":"88fb9953199d2ce4d1e5ebce5e4d9cc4ccab58a54c0c2eec39ca446b6a95b0f7","sha512":"48e30b0851da7b27a4cdf7ac0c469e03c5edbdbb7e9500206f2433de3fdc41da33e079ead2d7e0734340d85c99e4ee0fb3a194ecab80be3f6f805bb0482fac5b","ssdeep":"384:7288MH2d+Nqb+QPoy/Lfl+UoMILcdMQlZ+lI+IwxcMkAozoCmuM:a88qWPoy/L0UnILcOQlZSI5N9vzoCI","tlshash":"3792e664aea01176b15f50bc3ee2de8e7611d613c70aad68f6cc5040dfced748ee6688","first_seen":"2026-01-24T13:40:11.498142Z","last_seen":"2026-01-24T13:40:11.554691Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10940,"timings":{"blocked":34,"dns":16,"connect":1,"send":0,"wait":10866,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"megaeth.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"megaeth.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}