{"report_id":"be111c88-8886-4403-8a9d-a02c1ca01eec","version":0,"status":"done","tags":[],"date":"2026-07-12T20:48:57Z","url":{"schema":"http","addr":"portal-web3.xyz/","fqdn":"portal-web3.xyz","domain":"portal-web3.xyz","tld":"xyz"},"ip":{"addr":"172.67.210.22","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"portal-web3.xyz/","fqdn":"portal-web3.xyz","domain":"portal-web3.xyz","tld":"xyz"},"title":"404 Not Found","dom":{"size":154,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"f620479a2b534cee6ad1584c0d5a2960","sha1":"7e11868a00d15737c3143421349ffe95b2154ebd","sha256":"027dd4d313565c31dc7ef6971181dfc0c2122a195fcda70fa959a5517e1a4a0b","sha512":"c055197b0ae7aa01e97c7a60b9f8a8b0697a7155d82b175a4a66db1e4c86e0747ea8ede8cd71004485555ccbf48c93ba5f7c0c7796bc70574b6ce0059ba48266","ssdeep":"","tlshash":"7cc08c4e6463b648ea03519026c33580c48e82aba4da82218842449370ca2bac4ca3a5","dom_hash":"domhash18da208b3b39949e9ba09528a720f5c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"portal-web3.xyz/","fqdn":"portal-web3.xyz","domain":"portal-web3.xyz","tld":"xyz"},"ip":{"addr":"172.67.210.22","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T20:48:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"portal-web3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"portal-web3.xyz","ip":{"addr":"172.67.210.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-07-10","domain_rank":0,"first_seen":"2026-07-10T14:57:29.553037Z","last_seen":"2026-07-10T14:57:29.553037Z","alert_count":3,"request_count":3,"received_data":2991,"sent_data":1474,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"portal-web3.xyz/","fqdn":"portal-web3.xyz","domain":"portal-web3.xyz","tld":"xyz"},"ip":{"addr":"172.67.210.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T20:48:31.428Z","timestamp":1783889311428,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"portal-web3.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 11 Jul 2026 14:20:52 GMT","end":"Fri, 09 Oct 2026 15:20:38 GMT"},"fingerprint":{"sha1":"3F:F0:BD:2A:06:C3:55:EB:26:21:E6:76:67:7A:5A:B9:67:9C:A7:D4","sha256":"79:19:25:9D:16:74:CD:41:65:12:94:7F:F1:43:A0:B0:52:73:0E:CD:AE:02:9D:72:C9:D0:45:66:FA:7E:61:6E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: portal-web3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sun, 12 Jul 2026 20:48:31 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TDx8MFQQSHqemHIFY1ix2J5YjoGzxzOWyzQkHwLD51PkNMoKLcJYVJ6B6r5oRo4JfmSP7TlBNRdY%2FL%2Bv7Qo6DDfptHXaBfnEiudRNaUB0tQJQQacZoeLiXndeDNxnWIcy%2BA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\nvary: accept-encoding\r\ncf-ray: a1a2e8c4fb550883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":807,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-07-13T14:04:35.818275Z","times_seen":26700,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":64,"connect":19,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"portal-web3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"portal-web3.xyz/","fqdn":"portal-web3.xyz","domain":"portal-web3.xyz","tld":"xyz"},"ip":{"addr":"172.67.210.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T20:48:31.883Z","timestamp":1783889311883,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"portal-web3.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 11 Jul 2026 14:20:52 GMT","end":"Fri, 09 Oct 2026 15:20:38 GMT"},"fingerprint":{"sha1":"3F:F0:BD:2A:06:C3:55:EB:26:21:E6:76:67:7A:5A:B9:67:9C:A7:D4","sha256":"79:19:25:9D:16:74:CD:41:65:12:94:7F:F1:43:A0:B0:52:73:0E:CD:AE:02:9D:72:C9:D0:45:66:FA:7E:61:6E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: portal-web3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sun, 12 Jul 2026 20:48:32 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aqIuAYwFJEFIyhPE32511XwytTUvG5t%2BSG%2Bdfpxw995yZV%2BU0KPr23A0Q%2FcC%2FgKdpy1rAKdVg5G3urNgw%2FKaI1nM2WsXfXsrod867LLyGQn4MW3Cr99I54IrLGj7Xuw77hw%3D\"}]}\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a1a2e8c74b8c0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":813,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-07-13T14:04:35.818275Z","times_seen":26700,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"portal-web3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"portal-web3.xyz/favicon.ico","fqdn":"portal-web3.xyz","domain":"portal-web3.xyz","tld":"xyz"},"ip":{"addr":"172.67.210.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-web3.xyz/","date":"2026-07-12T20:48:32.176Z","timestamp":1783889312176,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"portal-web3.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 11 Jul 2026 14:20:52 GMT","end":"Fri, 09 Oct 2026 15:20:38 GMT"},"fingerprint":{"sha1":"3F:F0:BD:2A:06:C3:55:EB:26:21:E6:76:67:7A:5A:B9:67:9C:A7:D4","sha256":"79:19:25:9D:16:74:CD:41:65:12:94:7F:F1:43:A0:B0:52:73:0E:CD:AE:02:9D:72:C9:D0:45:66:FA:7E:61:6E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: portal-web3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://portal-web3.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sun, 12 Jul 2026 20:48:32 GMT\r\ncontent-type: text/html\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=6,i=?0\r\nx-cast-cache: STALE\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F9TNdOs2bKtAc2DUio5Bt%2F0TqIw9e4l4xWGmm7%2FQtxSA8IsGS9g6SlW3vVzxSt01I4nN8kqZ0tcPg2jlWt2%2FSzKswdTVNM2v7OzfWAPPs9pNrgtLGa%2Bby6AzvxuDjIck9uY%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\nvary: accept-encoding\r\ncf-ray: a1a2e8c91be50883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":564,"size_decoded":889,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"54d14e2aba479693f9fd361a56d5f525","sha1":"2e52709ffe46120e45b90fb907bb2d09e083b448","sha256":"ed6f6f2144998175c846a99d2a0faab5bf7b6ace318f0fe2dc4bfeaf4700c1d8","sha512":"460c379c9b4c4b5b89f302cec4edaa5707578fc336ec70c8ad992d8341a9f3e27b1764b8b9f170715723afc7f3e7114faa4c09ed4e3db2a77c90ba5ccaa05498","ssdeep":"","tlshash":"10f0cd9f1f12387f2e238170f0c35068cf680a56fb9921e28748001f3aca04549f6fad","first_seen":"2024-01-26T07:56:20Z","last_seen":"2026-07-12T20:48:58.175993Z","times_seen":763,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"portal-web3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
