{"report_id":"f5d6a67b-ff6e-427f-b586-b94cfca00245","version":6,"status":"done","tags":[],"date":"2026-03-02T13:22:31Z","url":{"schema":"http","addr":"dexrp.website","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"title":"Join the DeXRP Presale – Be Part of the Future of Decentralized Trading","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dexrp.website","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-06T13:22:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"dexrp.website","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"dexrp.website","ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"domain_registered":"2026-02-21","domain_rank":0,"first_seen":"2026-03-02T13:22:34.99595Z","last_seen":"2026-03-02T13:22:34.99595Z","alert_count":3,"request_count":3,"received_data":4273695,"sent_data":1316,"comment":"","tags":null,"fingerprints":[{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"PHP:8.3.19","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"dexrp.website/aa013288-c926-4ee7-b78b-fb7b13f66f46","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"803f66df6f5c898d11a36e84d8859181","sha1":"defa08905f99b2393657f430633d9922c74528ba","sha256":"19822c746b83b78165a74d8d45ecedbc1aed0c9579e16cfc7d743734cefabe3a","sha512":"b6907be0c11cb66bf731833bef0fc1ca4d5228a8b582986bbe93659364bb5023082fe1ade03afcaa186ed6e0ddeabe1bf6da396247def3fa09dbb079925bb330","ssdeep":"49152:iGkwdNZngkmogyHwW2QUSvhjG+EyY4bfO3xrQanJfCpszVt3X:8","tlshash":"11e523d1bd5794b5cf48029490a7ae0b99990c2358ecf1def618f8c235eef9181eb81d","size":3305791,"data":"","first_seen":"2026-03-02T13:22:40.256609Z","last_seen":"2026-03-02T13:22:40.256609Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"59a13eef9e5e0ec7844e58e8b47d54a0","sha1":"0fb2b2059a878b87f8524284d448dd46a4351953","sha256":"c890c150b008d069bfddb86ee2c2e3fe979515939053b4c53fd6853b68e4fe35","sha512":"7fcdb614d30b1141e9a1e134a98e2888007f786f866c24e6383106d3e003f094e72901aa295e7d3450fccf5a249b25b436401a5b9439205da6b0eec8d72cfc80","ssdeep":"","tlshash":"33f0beaf336126ca23ae6ad20796c01d1e72e4ab3002163c575a36ca0cb6f52521b07e","size":494,"data":"","first_seen":"2025-08-01T04:17:54.874483Z","last_seen":"2026-04-21T23:03:05.298873Z","times_seen":2644,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"0e1ee9f442371606d9a13b41a0dbeaff","sha1":"a05c25c8ad9127fe7d45319ce13e8b4a485d2e01","sha256":"713285cbc0cb910dfd2e7a86c604d191a27789ae50964ab1c674507ff4a20c45","sha512":"1dbac9fa1e0b338e780a3600f1a3da140a6c83a961a1d0c6c80fe3dc5a9041c346c471d264a07ccc87457cdccc2a28b768d02283512ba9cee0fc2e2b7124e42d","ssdeep":"","tlshash":"0221fedeb2826488526794d742cd8dceb8e617a919008c20452ef299225c3e8fb6ad54","size":1177,"data":"","first_seen":"2025-08-01T04:16:24.218288Z","last_seen":"2026-04-21T23:03:05.297836Z","times_seen":2728,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"f278e1582a6b32d6a9a05328bba73b0f","sha1":"02780b645a044990e49787663d3dba06626b1e3d","sha256":"07317dc90130ec69ed8e07a8362168074f9067473354101f361449cff37110aa","sha512":"08463b63ba1654bf203117d8f0c0a2ce4b5d92914ffba7c8ac3d942ff1a812c86cc61d9e840e5f3422c2b22d1b71b1a06b9a6d40d4e4259b32fd8cd40cc8357f","ssdeep":"","tlshash":"55319948a43216904242e8f1c676abeeabe774080574446d349cbec7eff8447e521678","size":1529,"data":"","first_seen":"2025-08-01T04:16:24.221852Z","last_seen":"2026-04-21T23:03:05.296266Z","times_seen":2801,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"2380d391cf784bce2f77e0e16fa2268b","sha1":"2b88cb08e3d7f56772d46fe1a10d84774e8728d5","sha256":"e65fcff70fe965f3d1878fe515a7ebcd265dfe61b15461521450c882e8d081d7","sha512":"0f3264af3a045928be20d2ee1ef3af905571d07e3fc25eaeda22199baca89b8c9bff94d90d81124ff45b16c5e40df291c2f49d9464ba901d2d961f6fd1196f1f","ssdeep":"","tlshash":"e6411b1e00aa0aa31ba3054333ce846d0956c2cedcc73534d3b27f8134c67832a93bea","size":2254,"data":"","first_seen":"2025-08-01T04:17:54.882582Z","last_seen":"2026-04-21T23:03:05.292883Z","times_seen":2674,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"3433c9d3e9b7e8e5b34ed72e309db572","sha1":"d53d7df082088749c1df6b08330ee9b9e4076932","sha256":"1d96fa9904e3743570bccd5be90e83fd91975299f374093cc6f723673d582dd1","sha512":"ffd0e047331871f21738643968b7eb7fa045ee0e45346a9ea986c4b8a3e745dd310542c6b2734f6d244408bba6548ec66f5cd7662c69485b5e59e3b9432cdff2","ssdeep":"","tlshash":"06f04245bd825a24d35670ddc41f978cc53690dd91491c4cbb64ece1de94c2cdfc6534","size":585,"data":"","first_seen":"2025-08-01T04:16:24.219641Z","last_seen":"2026-04-21T23:03:05.284632Z","times_seen":2838,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"1e21743cd2ee2004cd56bfc5c29e3609","sha1":"bf516634ffbcfd3186b71dafc0ecdcc47894c439","sha256":"0e428980439e794b176e0ee3cd84e4878510b1d52c1efc1c00f4af9729a17029","sha512":"4264e5ce5b4f3acb24046582388132a5915398c9266c18c6349d75fb94bd74bac990dc6ebd12e1e118a3a24752a3e4badae2faabd69b9827d1f223a0750da4c2","ssdeep":"48:atoyTqSsM+c69M+c69M+c69M+c60778KK7NaaM//M+A:atlDNDNDNDl778KKw//M+A","tlshash":"25913f32165427da63ce8fd45a85751d01d2c89a383e60bdff3279eded3a683c031612","size":4506,"data":"","first_seen":"2025-08-01T04:16:24.215618Z","last_seen":"2026-04-21T23:03:05.299522Z","times_seen":2774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"eval","is_inline":false,"md5":"4cb2cc55005e6a1c71351bacb6e041a7","sha1":"8c601204facd0b05c82317bd0330e92bb9651dbc","sha256":"71f22c229c125f4338e08859c12ecd5cbe876040411157a9a08aa1684ffd5792","sha512":"b0e89341be74fb6c1bff4fc09f5b4c536c5fbebc67d0c1fee876c4d6a363fd9a823deb5792ce1bc4b3ceffa89fa91b166e8711d568079af916088b19722225c8","ssdeep":"768:n4YcGs1cYMecLdowLptIIW90Fi5c6Uctcwkc/FocEeOoNv:4YjxeCpt/W9","tlshash":"f81360d0651be4e49e5511ded037ec01e06859a7ceacf193ba2ddec2b42df26808763b","size":43230,"data":"","first_seen":"2026-03-02T13:22:37.595795Z","last_seen":"2026-03-02T13:41:22.207909Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":true,"md5":"261fa5f948bd99fdf005f80595805744","sha1":"51d57156b1974322b3ba8542f48893082199d5e1","sha256":"1dcf3b0e1f92d593867169c5ee26771d2f3b77f552eee6c73beba961b91d61b7","sha512":"532ff30dfdd593068e7afc5f98cb1bc72408e594f297911c0a7c590c97a2ed6be6b91981322dfe3b3e90f21241404ae8692139732372f119279dbdf29f3ae429","ssdeep":"","tlshash":"a6015927222233707ce9d5dca8b6dd8e39bb501ae40a0090a09f944d1834bc644f7bec","size":847,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-04-21T10:02:42.08796Z","times_seen":3375,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"04f5babfb242a9d95e50b19ee1b734dc","sha1":"44a5dd8155d19983ba2f038e4a6142081967d566","sha256":"60b82f0ef656ffaa6fb17b51ab3b2c50ad193a1cefac13ef432f3d2b461e8ea3","sha512":"9c71cdf4c964fc09e420aa29f10db69b56acbebb642a7fadee0275881c16176b9fc96d14d53646b40f41dd792cfd7aceab685cdd8ae4c2af924320f4c0ba8b17","ssdeep":"49152:NzGkwdNZngkmogyjwW2QUSvhjG+EyY4bfO3xrQanJfCpszVtrO:k","tlshash":"f0e52381be575475cf48129590a7ae0b95990c2368ece1def618f8c234fef9181fb82d","size":3303423,"data":"","first_seen":"2026-03-02T13:22:40.272122Z","last_seen":"2026-03-02T13:22:40.272122Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/lenu4ine0.php","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9b9ff4fbdf1642479b4e53956674668","sha1":"0fee7dbcbf4352e1c2ddbaa4277f28fb967d6d9f","sha256":"185b11ad070a557159b1632b5935c088cd5265c7218c0c75e7d54343cf2ce5cb","sha512":"0a5e6deb11a98bed1c34bb699690484718c13a900dfdea6f422ba215195169bfd4dc3931a4dc7b4bbf16ed9447ba467bdd2c670a11cf4c902ea42c2c2408b80d","ssdeep":"1536:VPYnRXhTGXat3bJczbyRbFvnatK5bxveBH10EGZuiEqwnL78UQ/NlVccQwnZA:VPYnxhTcefhY2uiEqwkbNdpA","tlshash":"ec445095db93808d8e59519ec4b2fa46d4590917ce5cb863ee1ecdc23129fb3808727f","size":266117,"data":"","first_seen":"2026-03-02T13:22:40.273222Z","last_seen":"2026-03-02T13:22:40.273222Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"introduction_type":"Function","is_inline":false,"md5":"8de04e3dc63af7585af0e827672eb149","sha1":"02ee5e4b4e73e430d629744c4b7a3e38c36ed06d","sha256":"123e2a4c9c65ad62ea2b0992b1f80073e18a341a810f9ba40d1c4cdc31f1e759","sha512":"a42fcbfd4fc45305b75c0093524abafcf73f7d10f3bbe8cf573f3ea87803f672ae7fd293a116e7c24aeb0ef9fb24b9ea32e48200a56243187d5b550407631184","ssdeep":"","tlshash":"a911cce0aa6c599781c2095034894b02b13cb020203d9fd0bf75f0ce7c7c7ec96d262a","size":1000,"data":"","first_seen":"2025-12-20T20:03:49.143914Z","last_seen":"2026-04-21T23:03:05.289617Z","times_seen":1496,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"dexrp.website/","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-02T13:22:06.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dexrp.website","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 14:22:12 GMT","end":"Fri, 22 May 2026 14:22:11 GMT"},"fingerprint":{"sha1":"34:2E:32:54:05:C0:CC:36:B0:B0:E4:C9:11:0D:E4:FC:48:73:6F:6E","sha256":"B4:C1:BC:95:69:6A:8E:09:A6:8D:D8:FC:65:3F:02:A4:A9:BF:B5:16:FC:C5:25:3C:25:24:DB:E5:70:E6:48:41"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dexrp.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 21 Feb 2026 15:53:55 GMT\r\netag: \"aaaeb-6999d513-9e838749da907cab;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 262793\r\ndate: Mon, 02 Mar 2026 13:22:06 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":699115,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15653)","md5":"a97ef204f88dc9006844b27d8bfc9e14","sha1":"636f5fe061b718a30cec83c2c96718e910121bbc","sha256":"665c69aefe024215ba9bde0a47b6cfdbf372d8cb57e7fedde3265faf88a2fe5e","sha512":"8616cb3edcbddb6f96d799d3c42a1e2227d0c5396ffb748c8c0f1f6728ffed81968f0989b315686d4566167cdeefce8ce539d2f8bc4f9469c309194998afcb69","ssdeep":"12288:6jfycxBe03vBYkRgPfMIO9W56ybXPYBOO41Ye:SpxgPjsLk","tlshash":"b2e42ae6419a0927659d32ac4057f6cedb275083f965c5fc6dce8b9881802bcff2193b","first_seen":"2026-03-02T13:22:40.250027Z","last_seen":"2026-03-02T13:22:40.250027Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1091,"timings":{"blocked":289,"dns":78,"connect":99,"send":0,"wait":103,"receive":409,"ssl":108},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"dexrp.website","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/lenu4ine0.php","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dexrp.website/","date":"2026-03-02T13:22:06.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dexrp.website","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 14:22:12 GMT","end":"Fri, 22 May 2026 14:22:11 GMT"},"fingerprint":{"sha1":"34:2E:32:54:05:C0:CC:36:B0:B0:E4:C9:11:0D:E4:FC:48:73:6F:6E","sha256":"B4:C1:BC:95:69:6A:8E:09:A6:8D:D8:FC:65:3F:02:A4:A9:BF:B5:16:FC:C5:25:3C:25:24:DB:E5:70:E6:48:41"}}},"request":{"raw":"GET /lenu4ine0.php HTTP/1.1\r\nHost: dexrp.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dexrp.website/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/8.3.19\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncontent-type: application/javascript\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 02 Mar 2026 13:22:22 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.19","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":267177,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (49544), with no line terminators","md5":"e3a7bf9c1b3964471b041411c82ac423","sha1":"2ae88d85f0d93f519ceb6b311ece253c313c569f","sha256":"3ca3d150cb960a7935990ad2073d7bba286bf22245fd53909a078801620af485","sha512":"cb25ba16649ed2f9eb267cfc67287c7ec210603e34ec4f9a2a2b79248533b8be4cb359af77fae26fffdc8d77d53e04c5d02933faad16a119906ddfd4e6a3a910","ssdeep":"1536:VPYnRXhTGXat3bJczbyRbFvnatK5bxveBH10EGZciEqwnL78UQ/NlVccQwnZA:VPYnxhTcefhY2ciEqwkbNdpA","tlshash":"fb445095db93808c8e59519ec4b2fa46d4594917ce6cb863ee1ecdc23129fb3808727f","first_seen":"2026-03-02T13:22:40.252818Z","last_seen":"2026-03-02T13:22:40.252818Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15930,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15543,"receive":387,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"dexrp.website","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dexrp.website/lenu4ine0.php?m=2954096","fqdn":"dexrp.website","domain":"dexrp.website","tld":"website"},"ip":{"addr":"46.202.182.149","port":443,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://dexrp.website/","date":"2026-03-02T13:22:23.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dexrp.website","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 14:22:12 GMT","end":"Fri, 22 May 2026 14:22:11 GMT"},"fingerprint":{"sha1":"34:2E:32:54:05:C0:CC:36:B0:B0:E4:C9:11:0D:E4:FC:48:73:6F:6E","sha256":"B4:C1:BC:95:69:6A:8E:09:A6:8D:D8:FC:65:3F:02:A4:A9:BF:B5:16:FC:C5:25:3C:25:24:DB:E5:70:E6:48:41"}}},"request":{"raw":"GET /lenu4ine0.php?m=2954096 HTTP/1.1\r\nHost: dexrp.website\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://dexrp.website/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/8.3.19\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncontent-type: application/javascript\r\ncache-control: public, max-age=300\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 02 Mar 2026 13:22:23 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.19","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3305791,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"235bbe4a9178958b0fcc67ba35a73126","sha1":"4a912146a127e72383530d1b993c87147d5d1bd3","sha256":"e84920d117e911bd1f76c5aeaa99c9c5d18715b08871e5731c82af6566fd89f8","sha512":"8871c972b2a0718d753408bd17a21c50e228a659206e9d4b102e7e0a27874d5a03b7497b230fdcf61d2b9a0df9a427ada77ba38b7cfb8e967d0185efa473b83d","ssdeep":"24576:Mb/YWmLkwsOukzMSPbg+lsVo5/Cr0OSzcfUjeKmAVBta/dkZZ7ij:iGkwdNZngkmogyk","tlshash":"1b2523d2ef9b5439cf5c0995a09b5e0fad444c2350c4a2fef659e84622d8fa042fbc6d","first_seen":"2026-03-02T13:22:40.254191Z","last_seen":"2026-03-02T13:22:40.254191Z","times_seen":1,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":757,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-02","alert":"Sinkholed","trigger":"dexrp.website","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}