{"report_id":"04e8a518-92b7-48c8-8ef4-1503d84901f6","version":6,"status":"done","tags":[],"date":"2026-02-14T06:55:23Z","url":{"schema":"https","addr":"markest.xyz/","fqdn":"markest.xyz","domain":"markest.xyz","tld":"xyz"},"ip":{"addr":"104.21.51.16","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"title":"markets.xyz","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"markest.xyz/","fqdn":"markest.xyz","domain":"markest.xyz","tld":"xyz"},"ip":{"addr":"104.21.51.16","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T06:55:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"markest.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"markest.xyz","ip":{"addr":"172.67.217.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-12","domain_rank":0,"first_seen":"2026-02-13T02:37:00.322592Z","last_seen":"2026-02-13T02:37:00.322592Z","alert_count":1,"request_count":1,"received_data":361149,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"marekets.xyz","ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-16","domain_rank":0,"first_seen":"2026-02-13T02:31:58.963613Z","last_seen":"2026-02-13T02:31:58.963613Z","alert_count":57,"request_count":19,"received_data":4423651,"sent_data":8833,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:3.3.4","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"03486f98019e41d65d551d835817a9e3","sha1":"495741bb70e33bdfa69c1f91268a674e0ae92907","sha256":"d40d1b59045a55bf9142779b1ffcb0d3e36bacf60af0ada037bae6f747dfcde0","sha512":"15b50974ec069a224b9f85fd2f69b1efabc0642118db8941c285d82c037e1f3d197831f3711a1df0782233e75f37449204db17fcb31e42fea0103ab1116c069a","ssdeep":"","tlshash":"17e0c2286a5611b926732591c75f6240e86000639081d801fd1ce58a4f80a143465bc9","size":316,"data":"","first_seen":"2026-01-24T13:42:38.148025Z","last_seen":"2026-02-17T15:22:09.881828Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3433c9d3e9b7e8e5b34ed72e309db572","sha1":"d53d7df082088749c1df6b08330ee9b9e4076932","sha256":"1d96fa9904e3743570bccd5be90e83fd91975299f374093cc6f723673d582dd1","sha512":"ffd0e047331871f21738643968b7eb7fa045ee0e45346a9ea986c4b8a3e745dd310542c6b2734f6d244408bba6548ec66f5cd7662c69485b5e59e3b9432cdff2","ssdeep":"","tlshash":"06f04245bd825a24d35670ddc41f978cc53690dd91491c4cbb64ece1de94c2cdfc6534","size":585,"data":"","first_seen":"2025-08-01T04:16:24.219641Z","last_seen":"2026-06-13T15:26:27.750636Z","times_seen":3127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4cc906811390022dcb22382e4925243b","sha1":"72be2048f6dbc39a607532d47ee8700286d33c54","sha256":"49813f2ebabc4e8c4bf44bf040cabd94ab6ba4aecc76cf00c09a5fce0c35e812","sha512":"1370048804298822b275731726aeb76a0c292f116c8b5f361003323d86c82e717e90c0ae35d6b232a04b71c4dae61767930260d13beb2311b1e3862184dfd416","ssdeep":"","tlshash":"40d02ea82e9a133827332520835f928037e08043a0e1f8023a1ce1c70fe1a1000bf5db","size":289,"data":"","first_seen":"2026-01-24T13:42:38.150592Z","last_seen":"2026-02-17T15:22:09.882361Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/4cea31f1-c208-43ed-9ed7-32131788480a","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3db7121de2caa4fc77621070df31108","sha1":"35875701e9fdfd7282b8e8a84042a0fe83649bd1","sha256":"61af0caf40b8a5fc210938c94393682a068d7ead1fe78bad66057ed81434a13b","sha512":"8384e163c54455fd3906943492b3cbd6d9358716308afe91fd17c765fc3e9fed2016e91d765644dd3213a6be5d607aacc7441c67300e146ec539b2ce0140b59b","ssdeep":"49152:z7OwPEZJslM/wW2QUSvhjG+EyY4bfO3xrQanJfCpszVtu0M:q","tlshash":"eef533426c57b9f78f4443a470bb2e0b19940e13985db0dbe3a4f9c1386db9680efd69","size":3401734,"data":"","first_seen":"2026-02-14T06:49:56.957039Z","last_seen":"2026-02-14T08:02:17.10354Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"290f2693531b75e4376c03efb2e445ba","sha1":"b7d99187eb7703bdc3e0d91432b1e6108b57bca5","sha256":"b2464a6e184f8e48f9dd9b02483cf8f9a049eb5ddf47bc900d570fe387613ae6","sha512":"13b68e7b1f8f4e9278ab87f46f2f9d12a9c7a48351d18265afce4d59c501c11bc510195ba10aeaf6c5c17cfd996a9ce4c639c162752cf6ea4b026e5fd6875e4d","ssdeep":"","tlshash":"5fe0863935761574097b986fc74b934b7da2141b5001e8167d4c914b0fa4f1034e6599","size":350,"data":"","first_seen":"2025-03-07T16:16:50.325983Z","last_seen":"2026-06-02T08:58:23.969339Z","times_seen":218,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0b3b8a7163307fc5b5c0d09072d142c","sha1":"bf1a0e58115c3dbcd64b540eb61bd489e6456cf5","sha256":"6110847f7a0351e9605006408312cd49624cf6629853d8c5093ce2a2c5b0f3d5","sha512":"8fde0b0d7f7f91b148bd5b767d51224cc49d47f6120e6dc7c2ff0081be7be0b7995d2baef6a12c30c8f1680cc8968de603c12e97770ebe53970416bbb0fb4fc9","ssdeep":"384:mcZdJ0svtC6949QQbZiXruM0TdZwp5ZCKKhEHYhK+zce25qBMZY8uXp0key7tLVU:3ZdJ0sk1HMed25qBMZUMVfN","tlshash":"34a2958dbbabf82013226870117b754ab79e5cc028684c7ee7704fa8f95073585d99f9","size":22756,"data":"","first_seen":"2026-02-14T06:36:59.521409Z","last_seen":"2026-02-14T06:55:27.794318Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"302135be30ecf03546ef717ca7e139a4","sha1":"c8d8f18773b27cc4e53ab87d79d0e9da43eb4753","sha256":"6a2918a5b04ad4dd05b76c3d3f5eb4736816edd04060e202f371062a017d2a87","sha512":"856526bcafb6ff80c21c5297644630c8e5034c49c0ac394bca7b6a5d9a3b3052a25897e4d2c671b8392593f232245bcbe99001885100c30f0752080671f04020","ssdeep":"","tlshash":"c4d023d91c75853075e5014b50b5e3ec76a06091b771d20081cdcc2b7e32ed304b1958","size":217,"data":"","first_seen":"2026-02-14T06:55:27.80706Z","last_seen":"2026-02-14T06:55:27.80706Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0e1ee9f442371606d9a13b41a0dbeaff","sha1":"a05c25c8ad9127fe7d45319ce13e8b4a485d2e01","sha256":"713285cbc0cb910dfd2e7a86c604d191a27789ae50964ab1c674507ff4a20c45","sha512":"1dbac9fa1e0b338e780a3600f1a3da140a6c83a961a1d0c6c80fe3dc5a9041c346c471d264a07ccc87457cdccc2a28b768d02283512ba9cee0fc2e2b7124e42d","ssdeep":"","tlshash":"0221fedeb2826488526794d742cd8dceb8e617a919008c20452ef299225c3e8fb6ad54","size":1177,"data":"","first_seen":"2025-08-01T04:16:24.218288Z","last_seen":"2026-06-13T11:01:21.819574Z","times_seen":3008,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2380d391cf784bce2f77e0e16fa2268b","sha1":"2b88cb08e3d7f56772d46fe1a10d84774e8728d5","sha256":"e65fcff70fe965f3d1878fe515a7ebcd265dfe61b15461521450c882e8d081d7","sha512":"0f3264af3a045928be20d2ee1ef3af905571d07e3fc25eaeda22199baca89b8c9bff94d90d81124ff45b16c5e40df291c2f49d9464ba901d2d961f6fd1196f1f","ssdeep":"","tlshash":"e6411b1e00aa0aa31ba3054333ce846d0956c2cedcc73534d3b27f8134c67832a93bea","size":2254,"data":"","first_seen":"2025-08-01T04:17:54.882582Z","last_seen":"2026-06-13T15:26:27.753685Z","times_seen":2953,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"297a907d4e5b4c2198915e66274d9c9a","sha1":"e0f98af49ab0f7a270e2d739436181f924449098","sha256":"0fdbc26d9d5bd7f6a4bc38acfb91fc663c57463d43a08447f1386b3354cd84de","sha512":"48487cbd59e60a259a5836fc0315243da500d617e94e06b3073f79bb834bd141c9e5cfb59c42a3c2086c920c21be5996e589d4658513cf31d95bfc5757a4a44e","ssdeep":"","tlshash":"1371bc3beb00173bdc8fb9fdced5b4c02e62497262496560691ce102b16cd7087bed88","size":3741,"data":"","first_seen":"2025-08-14T22:39:51.132287Z","last_seen":"2026-06-13T04:20:56.618354Z","times_seen":3154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c40f44703948560a34bb214c7b7b7fc","sha1":"0a86a6ce2bb195e3f46c464ab4e3c1cf982f4db5","sha256":"702f420147d9a3eaae3fc766d257129daa3ef065c07c8887b992b086b7e62b6e","sha512":"b74905b4069fb7815e67268e0f00c5b04f6126faadff6c2a7e1d7aedf49bcd77ba84f46df3540af1dfe49062a15aa6b798b42472987529490adf916666e422bc","ssdeep":"96:IwYze5T0C3Q9IYTneXhQFl5fm+ZfyRuwAAAYnelTqX0IyeQ5wFBVMAa/JHJfJaia:DYzkT0CcIYTnAs5fm+Z6RzATYnelTqDr","tlshash":"3fc1750939a311b378472179737f62a83f3651ab7109ec5839ef83692f66d204de0ad6","size":5781,"data":"","first_seen":"2026-02-13T02:32:03.17408Z","last_seen":"2026-02-14T08:02:17.102066Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d3b0e9184ab382aba0ebbeb9c5b4650e","sha1":"244c063cbc567e697f9345ad26fa4fc2f1342dd1","sha256":"651e7f6ed9d558082d8df9f6114f5714870d0dcd5b0215ae8f5ec1e1c5b7e6ad","sha512":"0aef7f4e3949b1ba75035d45c41330b0e81e6557d62e30edb4b92cc99b35f857fb6728362bfcea352562d9ce307048853192456da9202fd2238f546eac844a5b","ssdeep":"","tlshash":"7521fe0a30b225324027503963dba55f7a52d0df5126fc423e8e8378af96fa40841eb5","size":1323,"data":"","first_seen":"2026-02-13T02:32:03.175612Z","last_seen":"2026-02-14T08:02:17.106596Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"824cf9b5ad06ad8c880ef36e3c6f08d6","sha1":"df2066f8ee84d3d5e5063944edb9cce77a3f49e0","sha256":"c4b6d2e74765bf5eed5449051ea2d44e7fd1bd3ec1d99c32e5be54b889bbc066","sha512":"856f7ce280d095a1e0381427188edab18d2fbe6ce8febc7e43f622866c25c6726ff97954d6d83adec7fe0e76ba7778ff6cc3e82a97775a10249f3b3b9de03a8e","ssdeep":"","tlshash":"a2119b7da818bca9139510f5192232a9389dcec82c6381acc4b14fdcfe66c2b1983635","size":1000,"data":"","first_seen":"2026-02-14T06:55:27.813723Z","last_seen":"2026-02-14T06:55:27.813723Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"59a13eef9e5e0ec7844e58e8b47d54a0","sha1":"0fb2b2059a878b87f8524284d448dd46a4351953","sha256":"c890c150b008d069bfddb86ee2c2e3fe979515939053b4c53fd6853b68e4fe35","sha512":"7fcdb614d30b1141e9a1e134a98e2888007f786f866c24e6383106d3e003f094e72901aa295e7d3450fccf5a249b25b436401a5b9439205da6b0eec8d72cfc80","ssdeep":"","tlshash":"33f0beaf336126ca23ae6ad20796c01d1e72e4ab3002163c575a36ca0cb6f52521b07e","size":494,"data":"","first_seen":"2025-08-01T04:17:54.874483Z","last_seen":"2026-06-13T15:26:27.768049Z","times_seen":2919,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"61b24d9d71d1afaad27a036b5da392e9","sha1":"a7c5c1c14a96b9ebab3694ffce78ae61de8cb0d4","sha256":"70227525093c77d4777751a146020a3fff21dba9ff8161fa5d78165a45b56ddf","sha512":"602bc408bcc648fd0f5a7816ff9f9259004dfa40430c84da86fb4143b3a0be6c657985b4225a38afc9b81ac1ba9a778aa0d6bbd1522a57112eb81fbb81ab6004","ssdeep":"49152:w7OwPEZJslMhwW2QUSvhjG+EyY4bfO3xrQanJfCpszVt0W5:c","tlshash":"a7f533016c57b9f78f9843a470ab2e0b15980e53985da0dbe3a4f5c03c6df9281ef96d","size":3399426,"data":"","first_seen":"2026-02-14T06:49:56.963743Z","last_seen":"2026-02-14T08:02:17.105762Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/vue-3.3.4.min.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb7c7db47cea2c34652629b78dbedfa3","sha1":"c7ac35e6b96cdbf7990fb0e46bb8d51bc01da89e","sha256":"578b0ad025d8d56f1cc6e9294866d472c24d582c8fb824cdd1eae82ecca3cb9a","sha512":"a0fb4578d4e5fd8aea091dd5b2016971b562daaf13de7c2d506bd61c651f562393c79ab6c0f72e5aab73433174b91ed9f41130a520b73714f94721f8a9afcba4","ssdeep":"768:D5iD9cTnPEYGgIuEQIBym/ceCHnun27RWcOScwcGZclkgdCoq70T7DwmUwW9duih:dPFGgIuEQIMmEe527iIm0nB","tlshash":"ac63a2d5a90b90d58d1621dee037ed19e0281a23cdacf2a3ba7ceec1741df62c45717a","size":70511,"data":"","first_seen":"2026-02-13T02:32:03.168084Z","last_seen":"2026-02-14T08:02:17.081243Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f278e1582a6b32d6a9a05328bba73b0f","sha1":"02780b645a044990e49787663d3dba06626b1e3d","sha256":"07317dc90130ec69ed8e07a8362168074f9067473354101f361449cff37110aa","sha512":"08463b63ba1654bf203117d8f0c0a2ce4b5d92914ffba7c8ac3d942ff1a812c86cc61d9e840e5f3422c2b22d1b71b1a06b9a6d40d4e4259b32fd8cd40cc8357f","ssdeep":"","tlshash":"55319948a43216904242e8f1c676abeeabe774080574446d349cbec7eff8447e521678","size":1529,"data":"","first_seen":"2025-08-01T04:16:24.221852Z","last_seen":"2026-06-13T11:01:21.820801Z","times_seen":3089,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1e21743cd2ee2004cd56bfc5c29e3609","sha1":"bf516634ffbcfd3186b71dafc0ecdcc47894c439","sha256":"0e428980439e794b176e0ee3cd84e4878510b1d52c1efc1c00f4af9729a17029","sha512":"4264e5ce5b4f3acb24046582388132a5915398c9266c18c6349d75fb94bd74bac990dc6ebd12e1e118a3a24752a3e4badae2faabd69b9827d1f223a0750da4c2","ssdeep":"48:atoyTqSsM+c69M+c69M+c69M+c60778KK7NaaM//M+A:atlDNDNDNDl778KKw//M+A","tlshash":"25913f32165427da63ce8fd45a85751d01d2c89a383e60bdff3279eded3a683c031612","size":4506,"data":"","first_seen":"2025-08-01T04:16:24.215618Z","last_seen":"2026-06-13T15:26:27.766389Z","times_seen":3059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7259ba964f1b44808f4eced8f80ab41","sha1":"4ab2b5384d3d0ebb6958636f1fbeeb9cf0bb19c5","sha256":"03a88ffcae34049852913f75dcfadcc2bf073a2581afa32ec1f241a422f98e9a","sha512":"948cc4b7300dc0201a9877710f27a853aead81559d1623c5db2facccaf161ac36b22bfce5d2bdf619a407595006f8d2d6aeac466fc33103941131ebce91a5001","ssdeep":"","tlshash":"3bd023a91c75843075e4014760b6e3ac76606052b731e20081cdcc2b7e23ed344b155c","size":217,"data":"","first_seen":"2026-02-14T06:55:27.822075Z","last_seen":"2026-02-14T06:55:27.822075Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8de04e3dc63af7585af0e827672eb149","sha1":"02ee5e4b4e73e430d629744c4b7a3e38c36ed06d","sha256":"123e2a4c9c65ad62ea2b0992b1f80073e18a341a810f9ba40d1c4cdc31f1e759","sha512":"a42fcbfd4fc45305b75c0093524abafcf73f7d10f3bbe8cf573f3ea87803f672ae7fd293a116e7c24aeb0ef9fb24b9ea32e48200a56243187d5b550407631184","ssdeep":"","tlshash":"a911cce0aa6c599781c2095034894b02b13cb020203d9fd0bf75f0ce7c7c7ec96d262a","size":1000,"data":"","first_seen":"2025-12-20T20:03:49.143914Z","last_seen":"2026-06-07T00:08:21.702938Z","times_seen":1701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e4dcd3c6fc44f3ce5ffcf80965763d1","sha1":"ef1df07d08f630c05a15b348d072f7a8a7e42d64","sha256":"1129208402b1fef468c00602ddd609cf758c821b38a8bb7cd4c9f7411c83238b","sha512":"37c0685431afd8b5e461b535ad3ed4b44747ce4a4554817f81fd02b94c7c4b4fa2ada66d35820c6921ba4123f2f7212adebbc98c39b126f56b13f32efee4eff9","ssdeep":"","tlshash":"421100b93e2a1534c9d5808b317ee7a83e3260617a029044c26ccc289d28e8314efcbe","size":902,"data":"","first_seen":"2026-02-14T06:55:27.826542Z","last_seen":"2026-02-14T06:55:27.826542Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"marekets.xyz/5c285b27cdda1fe8-s.p.a62025f2.woff2","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /5c285b27cdda1fe8-s.p.a62025f2.woff2 HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/ee8993b79509c8f9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 36980\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: \"6987107c-9074\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 102205\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EOfr6Su1q9BCfBQOHIosXqGL%2FF0AB5IpUBHeD7%2F7r4kzLBCRn%2B9KtDlTPLdcTmBlhvBnkwqhAowP3k%2FNrG8L4pUse%2FAr0FUVyxZzxQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa8481ad723eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36980, version 1.0","md5":"d4c68940b772538be3593f0c646de4a0","sha1":"780cf59b7711cee0db291f06922ca66b12b65dcf","sha256":"468d56b6b25b05b70190b6c233d773f6f1770e8579827ce022a57f03fa8002fb","sha512":"9ef888244841c65da84ab26fee2d312bf0410e340df78b10f087c00e6f190cf8abd61cb09e5790dfd7270edaac1bbb7f871031b195a7b2363f389b6be0038e89","ssdeep":"768:HLi1ptmFif/WvZWPAD1lDB55/hMWS/CtVkvIP0t8eY:HLktmFif/WYPe1lod6fkvfueY","tlshash":"d1f2f1730f45f63229562eb8fd398b4e772845856ec18ec68d90a8f8f403f646469a09","first_seen":"2025-09-15T08:14:29.049499Z","last_seen":"2026-06-13T23:14:24.17004Z","times_seen":4928,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/h/g/jsd/oneshot/60138c04e6b2/0.27642984319690417:1771049181:rt_uIn568u88veT_TYslt1w0SpiSZSJH4RurrcHYaWw/9cdaa84568d823eb","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:00.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/oneshot/60138c04e6b2/0.27642984319690417:1771049181:rt_uIn568u88veT_TYslt1w0SpiSZSJH4RurrcHYaWw/9cdaa84568d823eb HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12140\r\nOrigin: https://marekets.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12140,"data":"l9kd1qs-S8MPtFmwbUs8qS-imOkm4mbd7pFdSimBdNUSoUIbg+m$dlUqpImGmjjmi+IYm+wSAom8UScUnbeksNNbvkmv227BFm4tjr8mpAmk-FN+P3b7mR03arvpZOFmyKCdUkB-wq5yH9gmmxHtkiKI7mYteYUE9dttRsmhDc+GrhO6iqYUAqXdmZKtZpftC8mSH5a2+pXq7X+fDHomS4WmsgmhkQWdM2v-wlkGn$t5FMBG5ESa9sgmSZ+mmgw9CeyYPeemsOLyEWlsk7mmH5pAMSkmSRolmRk2Dqmi9Y7DkCN8oqgms2+imgbBv2K$P-grcWmsBNSqWLR8mmUWKerqK2csycSZcmMI2dsuriBmmq5hsG4hI5BmbWPa0Yy$kCOoc5oH7-f0qWOXK04vqKUq2jMqv$-2drDSmkkWSDz1KmkQHFPhh1hobsjhH$kh0G+LN+MlXmobaBTmrbBymm8wyC+SKk7KAIZOmbjEqGhOPjX1Rmt3r2$xPgb2HElTGD+11+rkmUH7SdWkE+vB66qsI16wZeItq0viK5x-UqKyLCQAmiZ+tr+OEIEGwQOCap5Dbu+CAziAtDZRASRG3ZOmMC$IFQ4KrRHMQtMM80ztTt1TIDJjKwEoUWSgbF5ab7p83UfHd-EybEszrbQyhT1TJvOroIbOiEM9p0tOj+trEJo9Pfwxhbvyt4n9dlmj+zPXOJOLD5UiKodiAP2X1ZDIx+QLXvpvKg7+Rt4aF1S-A1xIssHulgqh$MiaykDRwpzLPssI7FDdmGp8xkZ18skls7b8a72SgqSKiRfROimWcos9adCDddpx2h$sQ1UudAiAGkNskZcq15UMW2Uzs5lTWZ9kwNiAl5XqA7kW0TskWM8NwNs72OKvX2OaMTbwBma27WMSimSZq8kw0HroI0-imNiqbSewkP+ksv1S+sqMb-QAG7UsuMYKdykSuCHvIZ1oUHDcuimyccy8m1rkbDdYiFH0E1bWylWFPaZdhosv8kNm$2k1W$5btQqs3EBek7U3hrdm4eblK49sjT1biFls97qWMbghHaj6SInes3svA7bg4ss3hZcfbNWuW5CrqxqHdObwDdmcTinJ8wD0TUprOd0FJA3MItTMBOjSJUlmSGlssQmayD1SqhSrdbsIskJMcWTNZwzMqNkR0HcvhMOGyPwNMJrjemTIF+MwDU7dPGYgM7RvmhmcvW8O9las57FUsFLTnGAsFoIl+woI5mMUmW2vKcq6vyW7b1Y2Ze9GFuGhBMN7k-oq7TxEQhLgSAkv581iYzcd8jx8di513$NP9vZ0wUMJM5Ncd7FBZBW8DqkPKj0RvITTQxKO2TxqcnXfKW09nS6aBQrUmBn$OfD0ww0ZimTZHf$oMZjFmFRYwH07quHd9CubmHZm+agUUHcmwU5112JksYz9hS9rLBM87k6-SJdIKimU5wiSuf-$Rnst0za1MclNosmzwW0RGYYzWwKDkLit4RJAt3hZAtIDYUKYKOM7W$D9GBu5p3kM5c-WzrJfxEd$fqqANfD2tOzHcDXc6XnOzAmfXNu-mTA5mS7sluvMdh5im-P1Km7fwfLJxAopWsklec9lQSM87d7$dUksoMFr9GwvC7mhTzM1btEUrQLmjdEZZt77obPmsDNsBmPW8rOsFLBDSi3w1FPdLmAiA7KBElGj5UeAS713bAuIipHn$0FocqurMSsTiF$yomOJyhhohlkBmTSwkskUPFxEvssvHLosRjcfM-7DIYGZvTup$7PWTv-Kca7dcZH93TB5oxQrkytNT-KmC4FB2UbwbFbdbs-8JNm8k9yBlwl74hTkIphNcGF4Du53pHk2rOgFemPIHhmm5nh+syCI1R2wPOfFQhGZeLS6hYFSIWb78P8mBY$6WNqbINmB3hFOMDjFmhPhZ6+nq77QhYyws-SsKvfZ5yUIbih7pr2oIqm2MRxUSKWlAMSm8PpioGPa29sGbUWKx-gL4aqAWSDfFSMp7vIKj+RygMNb4xI3+8+oxEiXymB76+IFObBNOrxKcfqL5DH5dmODksFY5SCZAyEbbH+yd0CQ87n1ZFW6jbwoWUUpJ3nqBmKikMQW-SIoSlsqYcES2sAd21$vHt87RAS+AvWA5evSkAudqgDkc6HISGcNQHuy-qmDR8yg5p2msQAZZL-OD08wHWdcaMFCPSEPI2CItNLIbFh4IfATNGoeFbXu3W8QGGxRAYW2F7yUHytj$Z1xK0R1FkdJw-ygG9a5Lj13ED3w8NRXHJEemiSvoYE+FDDSlnHf7SWFl-DmPWjS4gTOs902s1RH9U6wjs8jd-KpWdUTdEZ0ZTlC2wMoe7x237qZK61lwixxAKcpSDbNLQz2osjW5nSiiP9bTK4ALQvI5WkcmQ8o++2yEP5gdi5pvADd3coxPmAaAZDGDzAKCGc8YyLScMlocQM7mtw2dg0mSkf+1sOJ-Zva5R$KdA5bbUv+vHmSbQ61MQxiQYhjimKtUqypWcG2Q7L64Rolmc6w44BpU7beDcjvrcZtEmxy+I37mP2dIeD49snf+8m8U$+g377gtmhRUQAiPiFQ2vZrb7SnaZuqUmeduahAiCcfSmqmEn-Bjij5h5$2RgTH4Llk4mPDFmBycEPO$ksHiwc9+rmbDhEAzDHCWs7d2s0Nl5MSqgwJwW7bpgcPOXUqA9-GH9aAXiBq$im3jU2L8jDhs9spWAge1+umYMnmB3-RCpISIF-kQJmWDohk+NR+y4nwIJgTZDfRmqiaI-w8vCr-MwPBycZ2wdibjeKT9m7z-dWECGo75uj5as2GpLfsU8DocCsp0iZAJxA7BgTFFkiwcWHhPilwL+K5e8d7$W5WdcFnj+$7rW8dCDg1tsKZXpjHueJqLDB5kH1s$8pB9IJsF+TsIym5GwdkxQBPblOTcpAQOY9bTU8a5-v6K+cDQ8kWdoA1xmdINYFw3aWjoM5hhXeBvY0rs9xq+pNWIQLGzxAXe8Lpykc9Pk6AEc0m5xcKucU2xwsme5h7+dgs6RaG-0-3AoQxMn2SZDte-GJNhhDa5nr4N+lDbzCM5FyO3SMNuo+z89yGNKP+z7S0$cuopgnUTaKgmqAMlLWU+0sinHjkjfAg5PkNLytEIh0661maMlixZLHT-lJ5eg8kmhnW5$86u$AO+$LeI5GhfYXAKdPH5KWDvylUqn2y2sKDZMhyONjlQBOuZvsTha-z7TS6HCJ8WNOMF+uLRBlI$88jpF$lZU++pfeSgjyXAiRsNlJ3Kdj-diZwKbv9jQcetg8b8BjiMMAMw+5jln8CqAfeZlL$SAjNoRB6aRwnI1x8b7mNOp38w4sD4Lgwph1XYFq7esRpJ2ZAXwYuFhqRc-SGHLHicvHGyWozGc-BQNt-sHutx0+rKdb8k4UhLUFF8NKxP886PmDmBB0PqhpopZkdFAZaAgXOQLyGY5qZXlg-ky4LRPAWdEYJyK852Wm17Og5P3RwoLyHd171RLmvPWDf26UWQSAYXriN2kgbyA95A84u5S8Ydbm7k9AF5qRqi+QfFWQT-1w6w4ioibs+yMQak9iwsuIk4NQwOp2j2P57wwO+-CqaFRPhQ7YwiaFJw0X$5eOsqUS5sFX-k1d1mCGUxxgL2DkODPD1Sjmx2Uq1oeI6oywBmWPIFtd7kIgn8bgGDS2SdzmJ8F5CsURPAoiQsmcOP7s6gEs+mYsYAyqk4IXocLFRZ5wo5$QXcrO+RAgDQp8ZkCg8q9I8GPyd5bPOgXUpxa7+KOg8kdZam25uA3XW8EXQGURnxoIhySGPDJRBqL8qkOo-Ykgjy5XvoCcb4UgZsd2bc+syYBmSc-kSAsyYUOBSgUg$Br4ST+Dv7RFW8amsmKTiZyBiAsi6UCcncJxfckmLS8Kqq5i7D3k3Bko3cnIA96wEiP5nSaDJwD47TtYGo0PePnmLXagIxCXgZ62yOeq725wOXpAPX845kem8QW8AQKgPyYK$2ETURfFZdMG4sQQ$mxQrge7ZRMoxTLFsQIhAiFxp-fSWdMXQIY-DoFQ5k$Pw4uAywTdPyd2ys9XQ5FgJhtZrSIkrQuA8RsFDmfTJXsddhO4P4Ccd5w5w4kgPXL8hwvmSdo8r4kgGDC7$5p8hTGDMZPkhTsyHgDYdHZ4cyiY5dKsn79sOPtGj5FHKHBmbm+YrTzG5khB7dIKd2JStQFdJSCSa81QIHu5sBxdmkkPdQbAwKx-amvmJwLyMSd2z2G9oIBsnUhx9A5iAXam4Xe7k47D5hNhPyIKdFdsPkFgnSo9G5sm7GTdFOwdLSpwq4F+-4JP+ZTgWm6AdkN-p8bgsyJSvwWmoALTkOeHWh547+9TzZD+SH5iNFam$mg+34n2KcdHRRW-himk55c46wh4FkIgL8F8m+Umg-DdEYJ+xRMc7Z8X+h9IIpeIOgZDam2ge2fFxSPkR4I+RZ8FWGuX5Ia+SxDhqhsFCwo555MpI2fiGcDASBAZ$QXGagD+Jg3idqeZNwk4D2UdJ+7HFbisPkKTUsSk6QsdQhbSmksmnX8xbFZsusgidbRB4gksFb3k6mi9171Bdb0XeXlb55fBL+7h3-j+9GiYE+OGqp+KT8sd+R7DcOjdv7+KQArSHclBjPEO5ORp5bEg8boTGZRAEY0D1GXTfFYjEmtmcdsHDZ0h-YkG9O089hUcGPeO9Xr59IzBDjYwW-9cf5IcXPW-8pc2kmIK3mN86jFs4D1meXYjFG+yPT$mYpAh+yTXLoi85ZbX$-SYMjZszBD+AqYkR-dAhTbQz5R+IZjsDZS+uAwiqklINm0I4gj5qGNFvwZwHdWgeAs2LDvXmFOct+PGrITj0Od2-QrxJGSYjR6WLAWqnIzXzjXZXFEigm-g8Sij-kmX8hZqHdcTNc5kpYo58xbcAyuAfjRxEHUxXUTkzdamMiDdDsxxOPk4F3CxIKZwx-GiP5FTPysFjmxbkGypFxgP9F7Y0D$P8+koxQFhhoomGW84QRhh$YtwsF5yZ5smaBAxk4QF$FemCbZ51WX2K5eQYFtb9hLFlXxHOWDZ8jZTdbsyJ+FiiWChfbLF27IFZhMjW-kXvPAWMlyOddfQJlRPgZhxh2zBnl2OxOkWJpH37kRPKTK9sXcdPl7DIwrAYWGy0Q8Hk5NB+yYKTF2Deb7SK-+yhlUj1hnIeWsi28eZzxK59lm5GFnI7dY5e41xeoBmhXi8njCox35BeECcG+sEpSzwKZfg9pFHW3W-7D42RPJbhb7DIWATboOgc4Sdsd2pWlwT9Xds5AEmUdIwYwJ3sFj7Q3N3+KTA0R+Kbhj-7YcH7buAsFiB0bEB28Lm8TDZhpGZuAKwwiKiBmwcp+gXU+9TWd5Tvo0Dv-JwO3nS07nPbpq3pAvDG2eh9BzBk4fya-zAgBsFRxFijRbc2l8oGlP4ghSbQQ0QIFPW$m1iTwooI+5PgbhHLR9qwYzbqWEci8DWKxC-PDfXXdPDvE6y+Wv7c8FBpSyOZHbgWgxYdoi+wgSW3F0OiocI74zEYFrKaKahShK2DkYslmIxl-1OsdEYPBDAmX2BccLHdsn8hEawBB6Hbx2hhbFH6QYkvHx48x0u3o5A0QugX2g3U+d2$$D8ywN-mlH3EMa7YKq$+bOg5hDdjSF5NjIKR-AZzwg5u-jRtwYZQ56X7Y+TjRMBL-NgtBGhp8rEOcHdQ250sPlmyc1W0Q-p$mPlz284dDQPxh45YGdbxg8hKh7YaFaFtwyARPbg0$g8QSI8xddvqo$oFb5kjhOkuAGDC3Sd721OLyhTwiTk8y8UQ0TukmK$07ag-07dx-L8fZEcYFhw8iB4Ccv0vwDkFDlEkhCq7YJ+JTzFwp9MolAEpSsys$ElK+ulBlvl1lyZ+$BFcdTdSAjjaGU+K0PS3sbWU3a41XrxMRigJxCxg+dj3+wj5Gx-9Yk4qGZGBqHQGDwlMRhTX+lp849eBdhdcjgHaGG5vmYh0bsy3ks3db+5ZYWmpO9wJc5u28RPbc8SzZbcX$-0c+sFziso2RC+GBL8bgC$jRDcr7sc$dH-e+usjmvsdkQxXSZd9PmYFWA5fAL07+CHT$jAo9n71elAadwGdbdc6kpum5nmBcdEzZ1$PyfXEbhb1uH24iGPtQ5wx0dKyTUjwQn8AT2QsMO03eDdEeIe9pQlwdI$WdzjYbClBlkEfQYbrjjRn$t$p8D1k4fBX20bqG8UF1$QHdSMbm2uS-BH$HHHeblWa1u$5it10b0DWM+EmW2Ry-5-1v2R9qMgN5cdk40DH$liKX4L+ZoLUEBixjW$mGMjjDaFk4xD-ZSZKdKe2Wv7i5ZRE+uv4gn8NQTDIsXHLlsg9ByOLwJwLsK0bFN7vHAoTHx$Py+vLFkWjoJjf$7++BT$80b$6lHH$pLFhi84DHaivRLBkeexyx4el+gewd3kSosZv+7+8jwMsl$6nsMg$T6ENDBQKYp8JucDWOKdH0WdaEqsplKd9FQouAyHlm1gzjxo5k6xWGN51mioN7lMC7ewaW4imkHE4uqki0o6JwCZ9$uhH$u12Ebv1medt+l6uZdwIFnISkUlfxfdZEU6X26cOvejuXXd$e4MoMJPXMEYwA62aQq+OojdqwWdmlbgJMX2X$vMoJcDmeZAalZOfQ9E-rp$b-UpeE7Dnlwdq+WGoIm2qxqqzIgTK4mudEtj$meZH6ycIKSozIohBD$Z3uyLueFbH+kczj+X0xg6qJSA6xpdbgD2Bm9q1-SwT0zsM2HHMHmhBi62K0RZgC9-fpq+6UGirF5QWHSkhTe1u0eSsJ3J4rAYhW+yOenT1PlEn0evQWcjkDUDRvR0YZ+s8r+0pAy$EH8EGGAZSAflY6zbWbJ4jSFkKXSdgunvYF02CDD8GF3pl484sjqAU1PeK3rKQvWFjd1aEhpSoH0OBp1XZbK4K9fLYbcGTGULouvrxbYHlpN2G3OZPZExo6Ke3k8+2doXHC9WZ5OgOed2mL6o$J8xT8Twn851Wbi$NwqyT$d$FDIW4AyjdbdWyCF1t4dRfxsvDstwX-YFfZBIUj807j+RJ+Hdm0WPZGzIiO+LkBG9uWPD+sF10bWE9FF0K5t0hAUdFglJD6XBGFEJuu-2vPGDfLd40ZDbbvlcdLAqLw+JgN$yk+AcWyT$6A7dlMRl5DW1QkLrNrC-hNpCpN$nUSBi3LJwvS$$xdUjqkvIAI7tjg4$7nYFM3xdXcCArHKbl0gXK9H$ynBG+pzAy25vXx4cPkSAcga7YiQOILmKiOdySkduYgrb6UDmeC3WX1p3RFk4z+8PyHqdDH6GYoEYYKzdxd$8zIguerT6ACn44Cw53WSqsCcZ4R1tWmCcFRn5S0y0o520FkBJyWJwNQwpbJdqRRWpe+zBJ+eLbg1fWusAPkH5rvOvQRIvk6KZ6v7YmZFZ2R4bFNj5lsP4zBhl1fNf$tkmRldwDLaCrXNCaybbUR8a+cYKCc7zUxfHxs2TsFNyfNv1yuMlhlD+ziSt52-njyECiexdvBKcHWPyyErIlsPH9FZfNwsxjBMrgeMfO7ZqhM2yv2wmd3BdC7ddfFvgKB4SqjULqXqSmtbrd7BPMmNFhvHJMTJo87yJHs7tvIPFiTvms651b3O7vAsLDaSyiE7nS9TUgADZGdyByAyUl1d1W$jIyj$HWuhXkgaU2YmKMwj2KowgWrBqDFuTTYHnaUsjM3RfBvmowmAko4+6-liYomaU28MzBdsLqWdyHrkh4sqmNK4EbibsCIrQ$KULWGkPKNqcyS-dwZayMi55M6j0PodIg7KqPMqh$k$INm2FwjDDS$dbPS9MSQF2C$FFi5NH8kmRc55Mm5l-I278vvcSbmIFDi0qMRmTSBgkogkxdAS0BMhwPFIas3bc0Id6U5gge2SS2iJEIccFY7ohSUi75sOhb5KW5NRcPK2YMFO02ubxM3SwF0FEm+iIwroTPs5i572vSNkES$dxdxKimbibjSBPLFjRNtOCsjSEO5Tg7DWjAinIHdKdgxLNQMsjM5id7$sKTvQiqm$G7xhOjKB4ilSvcnI89gacy7pSOcLygk$IGMmQBz2HFAIoysUq0pr7Gw195JsXstS$d07UFbMZHeIcGIG5kDGuiS7JsSU4Z27FU5S7yMZF-kpLAum82l5DgeIb7ah0B7$SMSIor7FdFB7fFXdOnsuMlqhrw0OBrOvrMY8y0SPOQrI22Gybis8kLohFP7N1727BFw2S-g22Sm+bKKHImKCUhOq$0jHmdilWI+O7fw8ThBPom6hGrbbP+edhAhroSN7rY-Ag1Z77$ebm7JMQ8oggZhvm4dTEhwDkL2iQy4B50DYomJA8QFSwcS-dWKYeoyisr9u0c7d-loym5rFTNBjdY7UAjliEseBwU62kYhMbc0CBny16C-jyrrIDmZwlC1kkQr4BHSUmb8yi2ArHq6koG68$732ipqgUH$mPFt3ss9H$wNOy-lwSL7wqHdudEFdFmcSDmXkjFEK6qAEZrSoc6FpkvaewMb$wTW0vbPimZ0du-8Kw97WOB6b6HBBpdyj8gB3DqPxTamGP$G8cSXqGOP+Mq84knivdHdv5r-y4Nhm6c6SdZNDk51u0jpSTGwlG2XacS0MuA9vNmMAN-0PFxcgRNZlmO2b7UiOKKpFbFbUSNFpi0If3DSmmjmyom5lN2oYiYyvdO9q6yUg4cdIzS3mZMklP97nirqHIi7Do2SMDcpW89QTMjiAisszdTmgmfd2Ui6iKujGBIGvA7l8s+9OPZ8SglIcdT8BFdWdWrNpjUICFIUeDryhoQ7sYv-moImk2hhmsrb-Dcq8Hlh839uwGghtx4k8dBSPbZA0bljsDnh6yqpmLNln2UbgmXIYmczkYLvreR3sj4oeGPITlyZZ9cPwN8wizAXSDs+5E8S4tq3YMR+M8m8beN+7u79b2sDs77mBakv8y7y$du2kyZ7mWmxhHdmmbhus4FJmcwh14tyiHXm3KAEskd$DwbbiUdNcSEO8DOwJIs-GFvIrPF4hfso98Crp8GyRMLIYkbm6Kh0htEpTM5YkEqOU1Z9G7WdtUNow669E$d+FGHKSsISRMlkQXbFNqWYrwcHXbLUwvPSeZPmXHE7R4HGrSC$0ccqxaMPiioKB$foCFRd2ga$7GWZFe8-k221cSWT5TwUWDgXnzrAmWHpk7j22N-wgBBBvwrAAE7NJIcRUsm6A22lL7vknHgD+CIw0gI4WiQCFw7NSsGK30pOAt57Nps37WyaHBi55gS7csE0hw0IkT7cna7wqAmzINHkv82iJ0WmP9jR5pSv95eZFT8H7rv1vmTdlklh5JC8iScU-Nmpd1K20I0Z50fsosSd24ld9vTFFzmWxSkSWrscBdSKZUG5r$b4mRAjKidmYsgsjkw5aOKRGKMvMlWBkWUDoN+SgSMv4dShk4ab4pq25tP0b-4Ul8EI9$ZUjmNAUHr80qS3AomgZ2+mC04FMkBIW4yEiQSvvFAkmv45oN-M8m9DLPoAsrGWhBZQmudcF8UrYstPvGuIU9hAq0jrULUx-09BJkYvdKoIJ7DG$5btcHZKUR-tJbrktHpeWm0mkG$CkXdMHa+LUO2lQhMAleQpzlioFGqy0NbopRFGGlJkJIimuGd+$ox41Od3ZgkxQSoUpkqvoFYQHnShizqaIGBzItNW4gU70jpeemsPGw2JkAw2mDszjgZkf1TFDM4pcYTR2JN3KnZvo84MgaCN3KeUm8K+S4rf15S0e9duI$KMXQNAoefpUds7k6GUSm1PK$iyDMzG3Rrqmb4t+QGn1mQMeUbNpxXaChUqK5mPuIgFhrb$CZmfZoS4GaCkvAap4paIgll6j$ASM+pISpd8a4zAO1dUlSuUslMeC81l-DYOCCEC2c-w0PSdW9i$0lApuBmyMW45mtwhHW4pb7Cu2wKT151BbbPkmcwEaTGTBbWGGPxJlcAqsrKAcic-sOKewdpbxSOWNXW7Q9StpHqROxe78aEe$kFY8ubdLWrDTKpM8asU9DPMzZqb6q04Snm-5amLI--WTa9ovCO2oUFyHs+9DSam2cpKyIe1nhK5H3pIaqRTGCqfjXB7jFyphyZ1eA0mh+5KwUlUDd5$s-j5P0U-9r60XZ9Ta7lnhdHJqW1umDYjdM$dIZ2bsb0yp-K-dEc0eI4$RxsP9LzppeDGcZxst5KOabWQUrP7XgHcRaITebxStmcevDWEeJkFPzmoRqxa4BzcLe2M8PtAWL14jPZuoyPD$qM1ZSZY3gWUr2WpZZmhF2wbpsYcpe29TZME1arKQN2W5U2QXaCGs77mSjBGQglUnSSz1-DiEic-SESda1yPuI2dM7rcCEeJkP2Lsxbi671u7WjOdi$FlkaWmuGpwXZb87MeITH-CGMcFphKWdHSWafNbQR1eIf2voLPOgNbdvJ4Fk8QOGj5zTMcHwJktFa2m114AiBobNwnbFpyrwtBLbKk5G5YtgCqBtdn7-9Q2HJdn207XrMZsShj5zMokt7s7szeBs0SQb1wcZh1kTDqD$dNPd3U8mcWqe0W7-LT-E2lQX1UjqM-3gyrv7jloHX4k3Fe8g6RKaBpm98N9bwZmK2TaqHrdiH4Mb28xkx4Q+1NjCRmF3uIydGJ13WgZCWxYt4+GM05OsmpQ-plQYDAs6eDpgDRGFCGvQbLjyy-4dh9i1a$7sWa71lQAHLWXBD3C2DW-JSvebDypTxYoWQKJaxD0+$-4EaDH6IfOs3mR7+aQPrWB1I3dRoh+GKrvc1c3RFmpa2KCIEwj3OYYA1xPPm1ZG78kPpvZLj5IHrpgDtlv4HhcNp+7GREdkqdYWRDepbSoEWfhaQQLNjgDpXyr7i9tLJpDdWXUgLjaR3b3jDPs$gLjWd2h3$xPs$GLmnF2mjIiCYtmom3w1sTYijsUXoQ5U1I34S4W+xLw5AKuWBxoE-FKIWZDZbwYrcCQDKW$DZlY07u$3bIh3D4bZxEcxGL3Q-2AoNSC-twtn2MM1WUqt$$TtZMq2c3-DDB6EvK4Z22leicBWnwUn22v3tQhBAn1jQx1Ebk9oWaKHqw6D4k9AF0aToErzLMGjqEGghP5nTHh23xAh59oDaKxtbFiLMW9EFQ9xtb8SzMW9Ld44xwjqiEey+jmOGxdj7itWFIt83Qs8jZ90ufp7SngHgBkQXM55ElQj2l3Gy41g57$W3D4j8YZeyjPQ5aL5Ep8v+6E1ja+6QUgAD+58taaHxuWhZ9+FHPE5W6ZU7ZplvWP24$2v3BZt+QjqU3ZDQEsQ0+yOoJ7J22mDZLLBODU0l6$jMQPp-AoyOtS42WdMY$DtIsYBhcl9X6vHIpb9HXbWGaekwskQdc1mayv66eI7OJmlwvwGIgyi65A7kmxUSKmYi2aBLz2$9n6b8iwDJmCKzmFzLgZ37YLcHX-fmEb7X4yM1WGJbRUjH0azx+BrFGQU8SBby69hf61jyZLvsgspIwdymmmrH5$Xw2UslIomJsD7rFs9h6NfxQdBFf9hsiHSOFNsl7RIl8koC8MJUrdEGzBmhMvmZ583mmmAQSMcZwXkssmYb4sXFhmYpyO2bT-klBRkUw3--qSgMBS3kb5RTrorb43q+$om+mMP7FsPRmmb77rtmms2NCB1D9MEb4DxUQw8wrF0RJJsUm7j81PRSqJ5$DouaBLEl35Mcm6Gt7ieDFsDRmmnieElOkkf$ZwfnQeK3dwmLF1KlavLL+3zH5UWmWrgdSFSkmImOmlC$kqAmiBjdDGRmirLWnRRfZBmFgh70vMBJQm+7nFSutYmi+$DxUfFmmbHDF2FYa5w78mmDuw3gpdraLRMUs1k0gzpB$7EMTDRmMmhtgwmddJsSSI9fxfF8ObZc1FD2QzsJ38y0RJk69d2rR0vs2dUwlgoqhcrvj3b3UsKOKWNvqMCykpSpMTrWMLcHcA3DGLw2O7lc1RfGDkSmHx7TnS22HoGcFN0ErnaWudpdyOb-mf4myG7jKkyhCH$sTRckpUlCUdr1SFsImZmymkdrIqUFi+GiGDkp7HbHdw5$GPxgg8Hi0JwyHpFIxBhqS4dCdN5mw8wMFGEJ-mBICdGNjEsOraWp5UdJdbEM0MjW4OWiQw1vmmsqyf$dWrnr6ZYJxyO70DDhKR8$J76r-kmzO$s5$EK+iikiYvammmtDKxmm"}},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-out-s: ZYw7CVCsmnn3vs4tduAdyQ==$ufc3AVdRQto8x9fu1FGdNw==\r\nset-cookie: cf_clearance=v2dt.XyLJnR5WWb_nFd6uT6bAhi12bewyZ0GF_P29dk-1771052100-1.2.1.1-w9yyOGBbK5DbfLf_yGPzgG4GPce5ltHCsN0_RAQJ6ho7wm06w.Zbkvp0fam3UX5znVurPuaWZ3RlsalRPiD7J4f7hNMsy2o1F8AcerbQuMm4VmBrjMszyde0AclIC7zuM9aLcPeP66Ei6GMaOWX0Bg8KXNmYdVnzAk8i5yypttUGa0x1Xo4Py7gLjybtqp3p1nR5CtCbwoixSXb6nL3iu7bPigtbBvCRhF.yh4rj5Pk; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=marekets.xyz; Expires=Sun, 14 Feb 2027 06:55:00 GMT\r\ntiming-allow-origin: https://marekets.xyz\r\ndate: Sat, 14 Feb 2026 06:55:00 GMT\r\ncontent-length: 0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9cdaa84c5b9023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T22:33:33.544268Z","times_seen":16396986,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/vue-3.3.4.min.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /vue-3.3.4.min.js HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-1136f\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 102206\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gJQF6doxYvEytENa%2BK8Gd26Ki2QU7vDPw%2Bh59AG0OKkjpu82%2F2Wbhw%2BJT1E0Cu7LwB1rKW2pLeuRwO0B6uRh3w%2BKo5fgHfvmv2D4uw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa8468ab123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70511,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bb7c7db47cea2c34652629b78dbedfa3","sha1":"c7ac35e6b96cdbf7990fb0e46bb8d51bc01da89e","sha256":"578b0ad025d8d56f1cc6e9294866d472c24d582c8fb824cdd1eae82ecca3cb9a","sha512":"a0fb4578d4e5fd8aea091dd5b2016971b562daaf13de7c2d506bd61c651f562393c79ab6c0f72e5aab73433174b91ed9f41130a520b73714f94721f8a9afcba4","ssdeep":"768:D5iD9cTnPEYGgIuEQIBym/ceCHnun27RWcOScwcGZclkgdCoq70T7DwmUwW9duih:dPFGgIuEQIMmEe527iIm0nB","tlshash":"ac63a2d5a90b90d58d1621dee037ed19e0281a23cdacf2a3ba7ceec1741df62c45717a","first_seen":"2026-02-13T02:32:03.168084Z","last_seen":"2026-02-14T08:02:17.081243Z","times_seen":18,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/index_1.html","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nage: 329\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jaumlixbkjxabc7qhaa2XflMF5Qz8JSXDKcITi38tI9mYdlDWiDW9MFJeoOQwV1YLypbSdw%2Banbxc98lCeEuCZ4U6hEN5BjYhC3Epg%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa8478acb23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119309,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65202)","md5":"5ca977b9db94a3864cae0a54d0948db7","sha1":"b7c585fce8ca6bdd972c4a825aa3e39fe771c39a","sha256":"cdee319cb85e14106afc9e8a9b2d8b7590495208bb0fa3f44ee697ee76283549","sha512":"fa90f9f372001debbecdb302f3854b8a49e62e6d1605cab69ef68f2ee6c1f5df231d379b511ac75d6fd9b88b8d0342a965903723751daa99f841100f107cfdb3","ssdeep":"1536:VDaJSVf/FeEXe8e5BAeOVh8r7LibtMA4kKix+vmIVvzoCdx/0:Z/ffh8r7LibGNfeIb0","tlshash":"a9c3f936911da72e63130dacea26227e334793dce64600de69aee7f153ebcd0d45ac50","first_seen":"2026-02-14T06:55:27.786578Z","last_seen":"2026-02-14T06:55:27.786578Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/markets-logomark-light.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /markets-logomark-light.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102205\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-1a2\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BypgWfwzhh%2BEfqETWgp37zfIEyLV1DkohKB3oRFzgHE5i5uW9QWFOBHtXUuL9zATvq1IUJcVln%2FHOgdHQnYdwmVCh%2Fe%2Fizl%2BKmLTYA%3D%3D\"}]}\r\ncf-ray: 9cdaa848eaf623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":418,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f34071f0160ba21a945fdb026290cc8f","sha1":"017ead9bf3eb2175af58150f8854eb803bab3633","sha256":"9c2d46df887758a1014274b551de3bae8cada3ab700f87aab1fca932a9033546","sha512":"46b909f1a63efa01afb49cfc2dba644ea13dd72f5a8819218e9867476c638499ff2825de5eda5ae004c2cc4890cd13b513897c9995021ed0f4ddf036a2ae2a65","ssdeep":"","tlshash":"cde081ed1ca4009daaa4cb2e3c642f8cb49e62ec5a708de230ce01053203ba3f890085","first_seen":"2026-01-28T19:26:06.708847Z","last_seen":"2026-06-13T02:39:18.238306Z","times_seen":45,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/60138c04e6b2/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9cdaa848eaf423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22756,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T22:33:33.544268Z","times_seen":16396986,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/514668ce6c591535.css","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /514668ce6c591535.css HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-2b2da\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 102206\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BN9jCumb2HXnPPgAxdVmnKeSf9S9tRDCHWzM6qbLVPeyOmNtrRG%2FBQJ%2B19T11zLJhh8In6p7cii%2BpwvZNABwiL7UG0Slu7HzWC4mVA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa8468aaf23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176858,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"eac132d6be9f4feabd3c222537aa5387","sha1":"6de77f28896b112747f6fd6278f52015b13c62cb","sha256":"b3ea1c8f2cc3147bfe545f049dddda881857073a386fa0811e8ed86ededddb26","sha512":"6e2932babde2c8891ecbf649013979a0cd1e5405d9f9a22b6ce3f685332b75d247226a0352175f6a5788d5365ff4bdb5d68a2a4b85b8f5d974240e8fba4aeed0","ssdeep":"768:Zxu4hiVAkwXo8Cv+QDsGHTEAjyrInGO/UsnTNXoYKG+gyuqBGQesYoyYolLlRoib:bo6G/KGQ64VLrXrv+kBw4w","tlshash":"d604fec4bd6cff3ea97f643d35c5849c8e877996cc40869fac2530de09d979420a3a4a","first_seen":"2026-02-13T02:32:03.154698Z","last_seen":"2026-02-14T08:02:17.087405Z","times_seen":18,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/ETH.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /ETH.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102205\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-88b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G60yNRUuQYBoaLF%2F55Wo0lSK5qNxKhSCS0crN7pyx0eSM0Bj5v104mNVDKybJDU1pG2l3axceJO8%2FXuIbvTk7xh5fdFAN8FP3B5rqA%3D%3D\"}]}\r\ncf-ray: 9cdaa848baec23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2187,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0514837200ab036e3fd4fa421b3d0193","sha1":"98226e822173019b717482bf3f56e75d590a7aaf","sha256":"9a90c888cddd158f2431304ac557e194bd45c41475a53b426fa7095300c177ef","sha512":"aef84265f899d757542a47527fb632c5d74e33875703095576d4ee11cd2f473a6fd0aceca1adf423ab480c83bae5f70cdfb11e5722e63d455a8bb74cf7aa2562","ssdeep":"","tlshash":"7841fdce1360f3886f98d74bff54ed25410a60fe14b58d8582ce8b1de71eed67a15810","first_seen":"2026-02-13T02:32:03.165271Z","last_seen":"2026-02-14T08:02:17.078224Z","times_seen":18,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T06:54:59.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mDY8Sce9SRPPpIHyuOre8VjRtHjczKz1YUMPrYJlFM2FHwuSTo4E0Cx6dXNfhDOmZeNfRqjRWQqipEnamERdRqGWoX1jYtkAFqYbMw%3D%3D\"}]}\r\nage: 330\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9cdaa84568d823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js:3.3.4","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":360671,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (27043)","md5":"b9e16834d21cfc29d0fda20fac83dcd2","sha1":"a7a73a4c997cbf87527022a62dec705d293dc385","sha256":"e84c671a700b10088b3473257ac5b440705642a901237d5dd36776e762b9a1e4","sha512":"40ed5b5eafcc346d72df8b3c7abcb1cb8befd333909e7f8f70619ca60ac0d20f8ec2b2ebdee39c6d2219e0d670635e67fc83ba22dfc7bac27b89cc4d875fd2aa","ssdeep":"6144:Je0rg4MWTCeZdk5hottpOzKh08G5CyhsiLoll5SGBvVO/D/7a/BI3pt5j0:JdM4M4CeIz1ptx0","tlshash":"d9740a3a261077397527c52c52b8738dc125d904fa9399acb5e74f118be3ad23f7a28c","first_seen":"2026-02-14T06:55:27.790591Z","last_seen":"2026-02-14T06:55:27.790591Z","times_seen":1,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":71,"dns":55,"connect":1,"send":0,"wait":21,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/US500.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /US500.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 329\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-bcb\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X5MBGT%2Fvrpr3GbTQxgwyPbDrZM4iAAP5WIWCEAOqSYmsE4KtTKF28vdX%2FD%2Bn70b9jO5eG5wcREr6v0NtLpvz%2FYjMBmDADhPB8BQuIw%3D%3D\"}]}\r\ncf-ray: 9cdaa848aae923eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3019,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"759245bd02002cfe565e216c31408003","sha1":"3a75dbd01a2384eb84fc90884461d16311530d8f","sha256":"35746a36f3d6551b77b85bfe0188e157f354186dec4f63c3657fb19f252c0de8","sha512":"7c09638e568f7bfaff4b6b78558b26709d10a5278819b4d13436b27177b240dc633fb2435d5e0bd7d79f34d3037775daa306bced97267c316efc70715cf4379b","ssdeep":"","tlshash":"475123f55734aa49a7e7deaedf230ca61f0df8fe7d9141c0805d8aa95e46ac1e103c10","first_seen":"2026-02-13T02:32:03.170729Z","last_seen":"2026-02-14T08:02:17.084377Z","times_seen":18,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/secureproxy?e=jscdn/getFile","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:00.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://marekets.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://marekets.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"t19l6m7w3u0aulogvdg2\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CLZEM922tO7dzpWEb9aLQWDaqnW2kfOVoJLsxhh6TDPGamR1AWF5TKCSz9OvREQDsA%2BDepmRNyqIyH7jRAfa8pgCF6xkbW%2FEipGgsHW6uGd0DA%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa84b1b7323eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3401734,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"33c8f8896459612635f22b7549da759d","sha1":"b4812324c847d2d4bab1eb7bba658f45f75f39b6","sha256":"39185d200e39fd5306f05baa6b9892b8b1a406f92588f74f426332f1531cede9","sha512":"3736b1916cc4b796211eef9936a385fa3f7b326048e15346da3af231ec3a870cdd2268379e9a523bccdf09b0367277b71bd60e2cb4159214b976f73a86b7fe8f","ssdeep":"24576:RNV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbdSUxf:z7OwPEZJslp","tlshash":"602523111eb7fe5e0f4ceea5347f7e0369414f82858d58dbaa72f6c000a467b424af5a","first_seen":"2026-02-14T06:49:56.901736Z","last_seen":"2026-02-14T08:02:17.089309Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":382,"receive":901,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"markest.xyz/","fqdn":"markest.xyz","domain":"markest.xyz","tld":"xyz"},"ip":{"addr":"172.67.217.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T06:54:59.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"markest.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 03 Feb 2026 13:59:15 GMT","end":"Mon, 04 May 2026 14:58:57 GMT"},"fingerprint":{"sha1":"6E:6E:24:DC:28:D6:C5:42:7C:82:A2:83:AA:E6:24:57:AF:D8:8C:0F","sha256":"7B:11:B6:7C:AD:31:88:3D:53:52:48:26:14:E5:67:37:1F:CD:1C:33:35:10:71:CB:F8:E1:4A:85:FE:A8:C1:26"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: markest.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-length: 0\r\nlocation: https://marekets.xyz/\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G8xajcnHdQmSS3zPzXeigcwKOyEyaXNaTr0bbcpZuvr3SpJI0fiNOhIQoK3NX%2BDerClkOo39GtNktCVC%2BBOwdxX1g9A5ASTX1GAs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9cdaa844e8b53181-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":360671,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T22:33:33.544268Z","times_seen":16396986,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":73,"dns":58,"connect":1,"send":0,"wait":5,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"markest.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/markets-logomark-wordmark-dark.eeaa20bb.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /markets-logomark-wordmark-dark.eeaa20bb.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 329\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-e71\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zdry25iqn4OzR3Fg4UoK9V2TtOhuBB8uDRWSv0nUfnrr2rDl3%2BP7T7F6vDoJmrfrqASGoWZDVgjzSjQY7VF4CTk9lVKNE6OKrH2qGQ%3D%3D\"}]}\r\ncf-ray: 9cdaa848aae823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3697,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4f3953b6c5915e0c97797f4ebc0065b5","sha1":"7139f8cb7b8bbd81d2f2a030ef3a299bf973a849","sha256":"43e584be6fd64fdb964eda0a463adf3749e1b5fe8c4e1cf89d33ec1fe01da15c","sha512":"ffac0d4f2e3b02e2803967c5c37e5ab2308dba64da33ee34eb9396467a4a0dd1197768ff7dc2d73d8c447f6db6dfc4c4a4696a278f6c20d70b3835f653514f62","ssdeep":"","tlshash":"407180e91b7842f8a4cb8f51ef3048893a6fa07d3e234784c13ec664a5c3f9ca449c24","first_seen":"2026-02-13T02:32:03.159409Z","last_seen":"2026-02-14T08:02:17.080243Z","times_seen":18,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/60138c04e6b2/main.js?","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:00.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/60138c04e6b2/main.js? HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sat, 14 Feb 2026 06:55:00 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9cdaa84b1b7223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22756,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (22756), with no line terminators","md5":"e0b3b8a7163307fc5b5c0d09072d142c","sha1":"bf1a0e58115c3dbcd64b540eb61bd489e6456cf5","sha256":"6110847f7a0351e9605006408312cd49624cf6629853d8c5093ce2a2c5b0f3d5","sha512":"8fde0b0d7f7f91b148bd5b767d51224cc49d47f6120e6dc7c2ff0081be7be0b7995d2baef6a12c30c8f1680cc8968de603c12e97770ebe53970416bbb0fb4fc9","ssdeep":"384:mcZdJ0svtC6949QQbZiXruM0TdZwp5ZCKKhEHYhK+zce25qBMZY8uXp0key7tLVU:3ZdJ0sk1HMed25qBMZUMVfN","tlshash":"34a2958dbbabf82013226870117b754ab79e5cc028684c7ee7704fa8f95073585d99f9","first_seen":"2026-02-14T06:36:59.521409Z","last_seen":"2026-02-14T06:55:27.794318Z","times_seen":2,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/5c285b27cdda1fe8-s.p.a62025f2.woff2","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /5c285b27cdda1fe8-s.p.a62025f2.woff2 HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/ee8993b79509c8f9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 36980\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: \"6987107c-9074\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 102205\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BQ2iBii7NSnbcb0dOGSAJKRMLTRm1INkriTyz06XkY781ZMEvI1OChBkQzKI3sxPmq3kOv4uur5ixScGDMfebKiDs6WbVOq4Omxlzw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa8482ad923eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36980, version 1.0","md5":"d4c68940b772538be3593f0c646de4a0","sha1":"780cf59b7711cee0db291f06922ca66b12b65dcf","sha256":"468d56b6b25b05b70190b6c233d773f6f1770e8579827ce022a57f03fa8002fb","sha512":"9ef888244841c65da84ab26fee2d312bf0410e340df78b10f087c00e6f190cf8abd61cb09e5790dfd7270edaac1bbb7f871031b195a7b2363f389b6be0038e89","ssdeep":"768:HLi1ptmFif/WvZWPAD1lDB55/hMWS/CtVkvIP0t8eY:HLktmFif/WYPe1lod6fkvfueY","tlshash":"d1f2f1730f45f63229562eb8fd398b4e772845856ec18ec68d90a8f8f403f646469a09","first_seen":"2025-09-15T08:14:29.049499Z","last_seen":"2026-06-13T23:14:24.17004Z","times_seen":4928,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/ee8993b79509c8f9.css","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /ee8993b79509c8f9.css HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-1032\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 329\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tStg%2BWzhoVbjdGeeTai%2FNenFE%2BiJlFaEaTWKuh9%2F2jb%2FRWfbz4ywU0GMu4JFTaOCPHmDiCuDZO4vsBalFRAnLe13%2FH3it48z5pc69g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa8467aae23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4146,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2713)","md5":"d816886d11295660141051700756eafe","sha1":"9e5a2a028d8a38bf700238d49fc9a6cb52a47b1e","sha256":"73aa05a1547db83e7284184e2ce9fe9ca3eeab5d0d76848d20ce550daa7b0c90","sha512":"051acac7cfda36d723fc6da8dbce152a25062bf5fcc6ca770a54bf86788134d42a718195d8910c844956cb98bc73a4eb56181018d1b8c01fdaa07e1786e27347","ssdeep":"96:AMqsOO15qsHO1WqsQO1zqsxO1/JSHsWqFOMqmOtZ:AJsOO14sHO1/sQO1+sxO1/AHs/FOJmO/","tlshash":"05818c34442a7809d7eb8c5231ce7e03b82d51756ba6116398693ef89eab97f13e0724","first_seen":"2026-02-13T02:32:03.152457Z","last_seen":"2026-02-14T08:02:17.085409Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/a1d298d105e3a295.css","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /a1d298d105e3a295.css HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-19f5d\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 102206\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nbF8SGMW68qk%2FRYX6N%2BAQaHLtkQabrDVOB8Hi%2FgoSzOgHwIrRdh7YA7ZtPC40GT6anmw6eN8xcACYzYpWYnyV5P7vM0EAA5D6RhVig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa8468ab023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106333,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"37f29a2f4c139f92b0437ddf52e2bb8d","sha1":"2f53091c28dd8b78103891f7b1017b14ab62c959","sha256":"9e470357541c0a09867e41e2600392b351cc86df264bb39d4e0dd3309c897f31","sha512":"555e86a602e8c1d95f7db82fa32941c4f063ffbe93a845bb9c14770fb5f81fd3e3e61123b761ebd6edb1186d726ca8f265dccc1bf6c3d108be6e99f2e66b87d1","ssdeep":"3072:EQhK3J0gYOAM3uw/onLh6mttMq+WDhm4G:EQhK3J0gYOACuwwnLh6mttMq+WDhm4G","tlshash":"58a3a2a4a23ae53fac33b4f9539cf81c9119b085de250aecfe12a11257c7bf21977614","first_seen":"2026-02-13T02:32:03.149151Z","last_seen":"2026-02-14T08:02:17.08834Z","times_seen":18,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/BTC.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /BTC.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102205\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-60c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yJ0g%2FmFCn%2FfILWP8%2FVSip2dJRgaLTgRPiw8%2FQ06J6bLHzFKE0XxBwIGjBRAy%2Fjri%2BtQuqwVPL2faJibVP5VXutxG%2FY6zE9u7zk%2BaxA%3D%3D\"}]}\r\ncf-ray: 9cdaa848baeb23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1548,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fbd0dcd24fd10dc292588fe8a03e9076","sha1":"b6b0422c99f8b7823bd69e95fa8673f36dddc402","sha256":"06a1f0fd5f0376d80e2b81d8368abec89fa2476b5b4ec6fdd1f1e60933d80583","sha512":"cc4f35fb478d0bcbfe7b75e206b52b95932edd7787b357640779e3a246104bebc92291bccbf1ca78b918c8641fcf77d41a146ce0eef53c743ea45a35ef265ad1","ssdeep":"","tlshash":"f13153bd99664761888e43bce9bc09ed2e47745f6f0b02fcd16203b078157b9cb0496d","first_seen":"2026-02-13T02:32:03.169022Z","last_seen":"2026-02-14T08:02:17.077047Z","times_seen":18,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/HYPE.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /HYPE.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102205\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-19a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UvCERnrEKyLErlssTIXlMb%2FiC9nAY%2B6VOxUvaHHSY5dxGTzeALgbxBVPa%2FfyfiKi5eOwKEouNafZlJhUS5sV7xnWKLeJun530o%2FBUw%3D%3D\"}]}\r\ncf-ray: 9cdaa848baed23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":410,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0adaaf2bfc9bf7e3a95a6f5f048553c9","sha1":"935ee69d7887f150700b7a65c3f9aad0d585fb51","sha256":"3cb02b5a6c10b308353039cba5d5d09e50c3abaa38a049c47f5ac148c17794cb","sha512":"83e64a411c16ecba7fea21070ebf06e69e8b6523fb3ed8d2e46ea783259632e33308e0901f4d68be3024ac131b6fbdcd7e80efe8cf1b9b8df1045eca3e861078","ssdeep":"","tlshash":"55e0abd4e56de970ec9c8fa017292464386a808b38c884fc6a920f139a81edc9600c0a","first_seen":"2026-02-13T02:32:03.155648Z","last_seen":"2026-02-14T08:02:17.09018Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/5c285b27cdda1fe8-s.p.a62025f2.woff2","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:54:59.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /5c285b27cdda1fe8-s.p.a62025f2.woff2 HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/ee8993b79509c8f9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:54:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 36980\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: \"6987107c-9074\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 102205\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bjnN70%2FD1YFj%2FjRe0PWgtW3b44lOYC8pzLqxJgjbaSCFHwoFLSY69mXd%2BCwn0XQWNKvPoxXbGIUFmMvnnrmkh2rKh5qfpCOYqMsoAg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa8480ad623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36980, version 1.0","md5":"d4c68940b772538be3593f0c646de4a0","sha1":"780cf59b7711cee0db291f06922ca66b12b65dcf","sha256":"468d56b6b25b05b70190b6c233d773f6f1770e8579827ce022a57f03fa8002fb","sha512":"9ef888244841c65da84ab26fee2d312bf0410e340df78b10f087c00e6f190cf8abd61cb09e5790dfd7270edaac1bbb7f871031b195a7b2363f389b6be0038e89","ssdeep":"768:HLi1ptmFif/WvZWPAD1lDB55/hMWS/CtVkvIP0t8eY:HLktmFif/WYPe1lod6fkvfueY","tlshash":"d1f2f1730f45f63229562eb8fd398b4e772845856ec18ec68d90a8f8f403f646469a09","first_seen":"2025-09-15T08:14:29.049499Z","last_seen":"2026-06-13T23:14:24.17004Z","times_seen":4928,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}