{"report_id":"d55cc0bc-98c1-472a-a897-e503b90ed014","version":6,"status":"done","tags":[],"date":"2026-04-05T02:04:52Z","url":{"schema":"http","addr":"app-reprotocol.xyz","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"104.21.56.15","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"app-reprotocol.xyz/","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"title":"Re | The Internet Capital Market for Insurance Risk","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"app-reprotocol.xyz","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"104.21.56.15","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-10T02:04:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"app-reprotocol.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"app-reprotocol.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-28","domain_rank":0,"first_seen":"2026-04-05T02:04:53.87307Z","last_seen":"2026-04-05T02:04:53.87307Z","alert_count":4,"request_count":4,"received_data":4379641,"sent_data":1881,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"app-reprotocol.xyz/chunk.40.nyx4jo4o.js","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2df3aba6fb62c7bba446eec97ec23011","sha1":"ccf7abeef4ee088fd8902d259ad7b41e2737e3e2","sha256":"29d3e1aa7b72b78c34b5d68491d8473ab8d04f7a29dab48c4bd30eda323ec4c1","sha512":"19c1303db4821de681ae3a41cbe55c9eb8ded8320db036e3c133db967779045430bd5de8f2c70b8b767ad686879ee5fd0e69baf7d23ca2a811229cf8749ae709","ssdeep":"1536:xnD2wxc5y0Kslbf/NeViW8TnwJZIMFb9XfBdBxoKfE3/4:xnD2wxc3VlbXNeipTwTIMDPBdfzE3/4","tlshash":"28c3a6ca990ad4d54e2111ced873f818e4686a63cdacf157f66cdcc6b42df66848323b","size":125373,"data":"","first_seen":"2026-03-29T23:15:16.082484Z","last_seen":"2026-04-05T02:04:57.462459Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-reprotocol.xyz/","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f17913317f23972de607d7d72fb12a64","sha1":"5cb23aaee1eb6fe5d5ee962c52193f8420dad8e0","sha256":"d126f33081c093a2f73bb866b3ef8d8b8b9b62423e82c68da0b16ffe4b5b0877","sha512":"3a2272327ca26a540e906cae5dcf2fef53b2a676fd2cdc410a0e7b84632a3bf4e688a31810ec3ded45150db942eb6f44288588ae3b20bd7f37538021a3812d89","ssdeep":"768:v+bRXcH8HuFxCyeRyg5J54Cv6w+YaSO7nBEMwZ1/Yc/lXnW90Fi5c61c4cd3u3+a:sHhy1rnPrVwZ1/ZFnVCRFvf","tlshash":"4dc392d9991bd4d58e2111ded873e919e4286e23ceacf1a3b62cddc1746df22848313b","size":120636,"data":"","first_seen":"2026-03-29T23:15:16.083529Z","last_seen":"2026-04-05T02:04:57.465465Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"app-reprotocol.xyz/","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T02:04:28.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-reprotocol.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 01:59:41 GMT","end":"Fri, 26 Jun 2026 01:59:40 GMT"},"fingerprint":{"sha1":"29:01:40:C4:91:93:29:89:E0:1A:9E:9D:3C:27:DA:EB:22:B5:9E:50","sha256":"61:60:CC:F1:C4:AE:94:6E:EC:C7:0B:6E:8A:5D:22:53:63:D3:2C:43:63:5D:61:37:45:BF:08:2F:D7:33:C4:9B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: app-reprotocol.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 05 Apr 2026 02:04:28 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sat, 28 Mar 2026 02:32:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GnmC%2BYViI9b%2Fd23e9IpL%2BUxqsdOwmKCXwgOEoWYV29UUUgHuxkwUs7YOB4wGrXUUOcCMeO7aqWhZkJsX5MZ7NjWmaHghaNSAEV5kcKiyb5crnfpiu0drUqFoPNaulXtWlLCC38o%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9e74fb74cdea2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":833427,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (65519), with CRLF line terminators","md5":"b2e2b2b5d8e9c54d8aa3e3a94aa3967b","sha1":"970406f1870dff7f2523c968740bc344061eb48b","sha256":"ffad5da02889be2b69946d625889e737e948f69919db19d75cdc66ed9a76fb43","sha512":"6f735bf6aa6f55932327cb2ed48e488bc511ea3f234c32342dae6b8e48339fff440fc86fbf148afe0ea69542e6cb27d342f1f5a0f563c69eb913a86f1cf30505","ssdeep":"12288:As9K6uPWXcJ5raR+MhftWwOMmvT6PtZ9Si3SNSLEXwMvlk34N3/5aBBJPc:As9KN4R+etBGvTOqNSLE/vTS6","tlshash":"8a05e16177106b7f5d0719bbb1ecbeac8216b389c63297cdfaa5215247dffa8058120c","first_seen":"2026-03-29T23:15:16.081573Z","last_seen":"2026-04-05T02:04:57.461546Z","times_seen":2,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":70,"dns":54,"connect":1,"send":0,"wait":223,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"app-reprotocol.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-reprotocol.xyz/chunk.40.nyx4jo4o.js","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app-reprotocol.xyz/","date":"2026-04-05T02:04:28.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-reprotocol.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 01:59:41 GMT","end":"Fri, 26 Jun 2026 01:59:40 GMT"},"fingerprint":{"sha1":"29:01:40:C4:91:93:29:89:E0:1A:9E:9D:3C:27:DA:EB:22:B5:9E:50","sha256":"61:60:CC:F1:C4:AE:94:6E:EC:C7:0B:6E:8A:5D:22:53:63:D3:2C:43:63:5D:61:37:45:BF:08:2F:D7:33:C4:9B"}}},"request":{"raw":"GET /chunk.40.nyx4jo4o.js HTTP/1.1\r\nHost: app-reprotocol.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-reprotocol.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 05 Apr 2026 02:04:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sat, 28 Mar 2026 02:32:13 GMT\r\netag: W/\"69c73dad-1e9bd\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EHvyDL%2Bv2EItyyebHvVbgsZfyaA%2B0zwFN165829iof95LEubPoflEVs9Pv4MYULGJ86WQpInrmGtSeDNIzft6HeoXkbp37%2Fsv0Lv8IWfd%2FMzg%2FsdN5IbyrveGS09QA1tdn5VyHA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e74fb773dbc5699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":125373,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2df3aba6fb62c7bba446eec97ec23011","sha1":"ccf7abeef4ee088fd8902d259ad7b41e2737e3e2","sha256":"29d3e1aa7b72b78c34b5d68491d8473ab8d04f7a29dab48c4bd30eda323ec4c1","sha512":"19c1303db4821de681ae3a41cbe55c9eb8ded8320db036e3c133db967779045430bd5de8f2c70b8b767ad686879ee5fd0e69baf7d23ca2a811229cf8749ae709","ssdeep":"1536:xnD2wxc5y0Kslbf/NeViW8TnwJZIMFb9XfBdBxoKfE3/4:xnD2wxc3VlbXNeipTwTIMDPBdfzE3/4","tlshash":"28c3a6ca990ad4d54e2111ced873f818e4686a63cdacf157f66cdcc6b42df66848323b","first_seen":"2026-03-29T23:15:16.082484Z","last_seen":"2026-04-05T02:04:57.462459Z","times_seen":6,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"app-reprotocol.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-reprotocol.xyz/null?e=jscdn/getFile","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app-reprotocol.xyz/","date":"2026-04-05T02:04:29.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-reprotocol.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 01:59:41 GMT","end":"Fri, 26 Jun 2026 01:59:40 GMT"},"fingerprint":{"sha1":"29:01:40:C4:91:93:29:89:E0:1A:9E:9D:3C:27:DA:EB:22:B5:9E:50","sha256":"61:60:CC:F1:C4:AE:94:6E:EC:C7:0B:6E:8A:5D:22:53:63:D3:2C:43:63:5D:61:37:45:BF:08:2F:D7:33:C4:9B"}}},"request":{"raw":"POST /null?e=jscdn/getFile HTTP/1.1\r\nHost: app-reprotocol.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://app-reprotocol.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"fo0n0d8j555lfwhh3k65\"}"}},"response":{"raw":"HTTP/3 405 Method Not Allowed\r\ndate: Sun, 05 Apr 2026 02:04:29 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y7uKhZ6Z01IWUWj12oHsZ9YoBRJ3LvcnN9huKx7RWqi7KNe6SQNH0qvjA8zxhFg4CqzkCHONX96S3p%2F0V%2B24XtVSxMFT4ZZPLIhrzEhb%2B6Rbz0OghnP2DCYP5aK%2FpPrO0pFpXYs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e74fb7aff035699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"405","status_text":"Method Not Allowed","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":166,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"cc1936e6c20f6a866226130b869d9953","sha1":"65d15aaa085d0c6292e27fecd97ce7c90deb4ee6","sha256":"11f4864b57acc22316998d012efc32274ea8c3f3230acab7bc8ee576c594b203","sha512":"29d5ff85814c6470cd6665b01d1f2b4b9f2303605c922f6f685375875ad1aeb23d80d386497164fc8cdc713968557cbe55b55b8c571ae27dff53c55790f382d6","ssdeep":"","tlshash":"7dc08c6e271b3c48c6a321751ac3f4b0c29da2a284f847006844005331c32169acbb51","first_seen":"2023-04-11T14:00:01Z","last_seen":"2026-04-05T02:04:57.463787Z","times_seen":902,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"app-reprotocol.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-reprotocol.xyz/secureproxy?e=jscdn/getFile","fqdn":"app-reprotocol.xyz","domain":"app-reprotocol.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app-reprotocol.xyz/","date":"2026-04-05T02:04:29.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-reprotocol.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 01:59:41 GMT","end":"Fri, 26 Jun 2026 01:59:40 GMT"},"fingerprint":{"sha1":"29:01:40:C4:91:93:29:89:E0:1A:9E:9D:3C:27:DA:EB:22:B5:9E:50","sha256":"61:60:CC:F1:C4:AE:94:6E:EC:C7:0B:6E:8A:5D:22:53:63:D3:2C:43:63:5D:61:37:45:BF:08:2F:D7:33:C4:9B"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: app-reprotocol.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://app-reprotocol.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"fo0n0d8j555lfwhh3k65\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 05 Apr 2026 02:04:29 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EceyhmuayT0f2Ov1PP20oDCXD42QoN9WsRNNE%2FQ9zechORdA8DRFbetp1UDITwyW%2B2SKrliFqCCIUnd1zx0p4t2eXxwnbVbSqWrGDVREQh6hZa1WAJDEbJVACl9sDbeSpmWy8Oc%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9e74fb7c1f725699-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3416799,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b5119dbb6c700098c5202ef3c5b3fa7a","sha1":"b0df774db31968c40f17c36f26b9a7bc66848fed","sha256":"d29233f6c8c9c6935c20b4e8716137f8f27a5dd913decd9ebfd7582fd6123b8a","sha512":"bfcf1e4004ae50f55e1305d6c96f82613a39236e537c84c046449aecda2cff5ef1718c2dfa18688431f6402fd3e1a5c09a3bcbd058449f036a81da4fcd83b241","ssdeep":"24576:GV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbdzWsa8XKx:G7OwPEZJsBW","tlshash":"322533106eabfe8b4f4caf75717f6d0326819bc3814db4cfa571d5c4009826a429ae5e","first_seen":"2026-04-05T02:04:57.464416Z","last_seen":"2026-04-05T02:04:57.464416Z","times_seen":1,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":332,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"app-reprotocol.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}