mass.report
Scan Intelligence Report0/100
low Risk
projectxcompetitions.com
https://projectxcompetitions.com/
IP
172.67.150.6 · Cloudflare, Inc.
Location
Toronto, Canada
Domain Age
289 days
HTTP
403 · 24.5s
SSL
Valid· E7, Let's Encrypt, US
Status
COMPLETED
Domain Intelligence: projectxcompetitions.com
Scanned 2 times since Mar 21, 2026, 10:15 AM UTC
ℹ Low (10)
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
Unknown
Vendors
29/31
Status
partial
✓ eset✓ chainpatrol✓ microsoft✓ brightcloud✓ avast✓ kaspersky✓ openphish✓ sophos✓ yandex✓ polyswarm✓ norton✗ threatyeti✓ apple✓ bitdefender✓ spamhaus✓ urlquery✓ netcraft✓ cisa✓ apwg✓ emsisoft✓ urlscan✓ phishreport✓ isitphish✓ drweb✓ phishtank✓ virustotal✓ urlabuse✗ avg✓ mcafee✓ google✓ fortiguard
KB/IOK Matches (0)—
No KB/IOK detections were recorded for this scan.
Scanner blocked by cloudflare
This scan likely captured a block/challenge page, so the AI analysis may not reflect the real site victims see.
Unknown
Unknowntechnology | ecommerce | finance | other · 4/5/2026
Summary
The domain projectxcompetitions.com is accessed, but the page title shown is 'Just a moment...' and the HTML indicates a Cloudflare challenge/verification block rather than an impersonated brand login. Network data shows Cloudflare and Turnstile-related endpoints, suggesting the scanner was blocked by WAF. No concrete brand impersonation signals are observable from the static content due to the BLOCK PAGE, but the domain appears newly active with a Let's Encrypt certificate and Cloudflare hosting, which is common for phishing domains attempting to evade analysis. Given the block, brand determination from page content is inconclusive; rely on domain intelligence and non-page signals for escalation.
Evidence Summary
▸Observed 3 capture stage(s); canonical stage is late_render_3s.
▸POST targets observed during capture: https://projectxcompetitions.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1164203466:1774085671:qviwDBHNg9v2xwB-LMDZ8I_SEdCU6042oZGAwQ755KU/9dfc3293ceaccb91/_xWXACwda2giS8UQK3lAOaQAICeW7hY.Mt9pReGnKRY-1774088149-1.2.1.1-iiS3gqCK59iP1zeXjvyjTsOfvXVCyEltoZce9oldLvAcLOE1bsyHvX1tX2mxULct, https://projectxcompetitions.com/cdn-cgi/rum?, https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/901378400:1774085671:-Wzjzq938yLKfcP0D1h9Zy95WoP0nUCzRUgdbjKGE8U/9dfc329a1b4d3ceb/cWRgRemBY.ukYVuVFQCgRSJDy9RAJ7owno1JhbkWDUw-1774088150-1.2.1.1-nn3_TOWyuUcqOSalCT9r17ImOFafsi9oOsfI2iS_7ceTbRBKPGmTSkz.VkRn5JLB.
▸Distinctive asset clues: v1, v8c78df7c7c0f484497ecbca7046644da1771523124516, 1, Y-0qUTi-Ve7Nc9x.
Capture
Stages: 3
Canonical: Late Render (+3s)
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 15
Hosts: 3
Domains: 3
Observed Signals (1)
Domain intelligence indicates potential phishing domain (new/Suspicious WHOIS and TLS presence with CLOUDFLARE in use)
Observed Indicators (1)
▸Domain: projectxcompetitions.com (IOC: suspicious domain impersonation potential; new age ~289 days per WHOIS)
Risk AssessmentUsed in abuse reports
The domain projectxcompetitions.com is likely a malicious/impersonation target, using a Cloudflare/WAF challenge to evade automated scanners. The page content appears to be a WAF block rather than a legitimate brand login, but the presence of SPA-like resources and a valid TLS certificate on a new domain increases suspicion of credential-collection attempts once the block is bypassed. The URL path and the use of orchestration and Turnstile verification indicate an attempt to differentiate human traffic from bots while potentially hosting phishing content elsewhere. Given the combination of a suspicious, relatively new domain, obfuscated form behavior, and blocking by a WAF, this domain should be treated as high risk and escalated for takedown review.
Recommended Action
Monitor
Cross-Reference9
URL Intelligence
Domain Intelligence
IP Intelligence
Public threat feed available — JSON API