{"report_id":"5eb2707d-60b6-4cc2-85b4-ad5cef8dcc82","version":6,"status":"done","tags":[],"date":"2026-02-24T16:35:12Z","url":{"schema":"https","addr":"rugmarks.team/","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":0,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"https","addr":"rugmarks.team/","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"title":"Rugmark","dom":{"size":39041,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20402)","md5":"f5f1ce1860a1f633613ecd6c984c0677","sha1":"f88872f460f14137c878370dc544cecb72085d2a","sha256":"d7696e8c2dd31c7b888f65ce24da972dcab6458b4c1389d5c5a91e46fdc4628d","sha512":"58e920466c11fbc02b73fa413be6f8f74d41a74930994cb6c61dc30b9dd83633bd087dead02b6bc38d2092e8bf66ea80c9b87ff8f52bed633372e84e5534a3f3","ssdeep":"768:TXKKCChnJ4hnOmYvEBUqzAozrtE9NCur4l:TXKKCChJ4hlYsEovtE94y4l","tlshash":"88030a2a6da50469ae57c0f7f5d43b9db51dd3c3de2fc6aeb08e0140bfe55a608c6208","dom_hash":"domhash77c7c5b8314c622cfa8e8b180d0794bf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"rugmarks.team/","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":0,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T16:35:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"drainmarks.life","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"rugmarks.team","ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-24T16:35:13.096685Z","last_seen":"2026-02-24T16:35:13.096685Z","alert_count":0,"request_count":8,"received_data":1620374,"sent_data":3693,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"drainmarks.life","ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-15T11:24:59.739204Z","last_seen":"2026-02-24T16:19:24.9667Z","alert_count":1,"request_count":1,"received_data":12261,"sent_data":417,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"drainmarks.life/axiom/loader.js","fqdn":"drainmarks.life","domain":"drainmarks.life","tld":"life"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"1638b9db8fb096385313cbccb207debf","sha1":"44ef77b826568d01c5fc7b3f9c59a7ee198c295e","sha256":"22904dea6e6483d76a1785765d9477c0da4b00b9ab1e05bb01efc88ae1543cd8","sha512":"8a2a523438af4bcee980e090b2ee40e4ac2b0e237fd6f7555158b918f80a3df6f070e2041f0f45c7965105ec0ae1f8cb222a36aa11487b66b02cbcfdcaada479","ssdeep":"96:8xcSnDZl2m7qAEWiN1kdIVni0WRCXIX2BoVEiZ8AJq7R8JqdcHdL7C/UuYqNf7gP:8jf2mW1ROaI/VMvcU/bYo7a","tlshash":"5d322de3ea85e3fc0214dea74d3da04ad0206f08aac48bd069dcdf4b685c52f526d5bc","size":11934,"data":"","first_seen":"2026-02-13T05:26:11.954055Z","last_seen":"2026-02-24T16:35:28.644547Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/3.4.17.js","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-07T09:34:34.300929Z","times_seen":39654,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"2046219beb02fcd993866b1b5a55a6c2","sha1":"43db7eb4e5bc8390625f240807e6d2c159e80be8","sha256":"3e76550fb32587576c8c8628f330904ee5baf493751bdfbca3f31d5d967b937c","sha512":"600409bda2b1be3e73463bb323a6a1deb9a98f2bea30d0e3a324e6f69bf02688ccc47e6277852d2a71ab1d1150e660b41ebb8138e8dc6661d7a32a4dc7483c5e","ssdeep":"","tlshash":"0d9004dd0011d35033d100114713d755347543f7dc017500040745003044d0f4d1ddc5","size":40,"data":"","first_seen":"2023-03-10T11:27:13Z","last_seen":"2026-05-22T19:34:31.164365Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"948464eb6a46eeaa5bf90473ec727d9c","sha1":"fcb9273d0e4560ba9b03091b3432ddbf251ede24","sha256":"c5162b550000261a3ae01bd83c16d076b18eac1c4f77ea771b694e9a5eeb9352","sha512":"5a33f3bda9896d8adc1114f5523a1405099e54d23af856d4dab608d0a98dc25e844af99b6bc14cf5bf1411cff3c628a1768ed0038f9b9d776abda1188b6ad06a","ssdeep":"","tlshash":"e1a0220ec03ac30303203b3200a0c2c208fec830cf033fca002b0280008e0ac2303a08","size":67,"data":"","first_seen":"2025-09-22T16:06:11.342381Z","last_seen":"2026-03-28T00:21:55.262269Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"6bd43cf0ae158526c6ab93dc3be79f28","sha1":"15c289e342bd3fdf5b1e95f7abf25a2bc78bf357","sha256":"7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38","sha512":"5190eb107c27f5d655eab378cd468228aa031d088f59082f257f41d464a29fbdb23594043afe89a3f9b63ce86d91efad6c2901c816d85196389293a6a5a28521","ssdeep":"","tlshash":"df90040100513554711530d00134c3dd157df075dc4dd335754f57004040405c53c401","size":40,"data":"","first_seen":"2023-03-07T01:02:07Z","last_seen":"2026-06-07T09:56:21.118262Z","times_seen":23032,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"b6628a05e8fc5f72116915c888e72fa5","sha1":"897b4e7a32f7919028b4dd8a4f413b1333ff426f","sha256":"3bd61d3582992a54bf24b85e6341050c269163b1dd47bc8b714269b48001df50","sha512":"152d4ef7c2856108635d462596441b6ce2de148004f37db4e372afa68db298c1b1dd5e1c3c582850b0757ac63db5e58ba5452b1f816a29183f2738c9dffca0ed","ssdeep":"","tlshash":"10600003000f000c000c003003003c0330cc030300000003303c0000c0000000300000","size":13,"data":"","first_seen":"2026-02-24T16:35:28.647528Z","last_seen":"2026-02-24T16:35:28.647528Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"32f7eee2581c72a5561c21df3013a89a","sha1":"b38bed0f0e9601a07358ec72777da31f91720f2a","sha256":"bb69fc1cad24c2d6a80bd8d6a50ae43eba927a2922dceca5365fd07db8220d19","sha512":"c9d50bde320eee008849d9224a4336eb02c8956bf5efe8c7ed9f6bfc525fce2fe7c56b0e7d86e67f7d22705653042b9a21a60eb7a012aa8c6069b5db8b7758bd","ssdeep":"","tlshash":"2d30000000000330000000000000030000000000000000300000000000000000000000","size":4,"data":"","first_seen":"2025-08-25T15:23:52.713783Z","last_seen":"2026-03-28T00:21:55.267207Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c92a10324374fac681719d63979d00fe","sha1":"aee655773d856fb038536adcfd6472fc7543463e","sha256":"158a323a7ba44870f23d96f1516dd70aa48e9a72db4ebb026b0a89e212a208ab","sha512":"d27859c90f5748d3ec0ef6d4ef49c1755d6ce1ac8035cd4f7dba41b8dd7d440ad8fca164ccc948b5630ef90346ff9279e35d31887e724ab6e0284300a80eb61f","ssdeep":"","tlshash":"8430000000000000000c0000000000000000000003000000c000003000000000000c00","size":4,"data":"","first_seen":"2024-08-20T00:14:53.541497Z","last_seen":"2026-06-07T08:16:34.757425Z","times_seen":27513,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"rugmarks.team/css2.css","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:52.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:52 GMT\r\nContent-Type: text/css\r\nContent-Length: 6765\r\nLast-Modified: Wed, 15 Oct 2025 14:39:03 GMT\r\nConnection: keep-alive\r\nETag: \"68efb207-1a6d\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6765,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c464d45b6fcb345da347dd6ba77a1cf7","sha1":"e0166be563c4a721851ccaefba3240e08eddd0df","sha256":"89fec6d7a6a31a6c4cbed4a416facb06becfb71b338f0df166fcab6eed4a7748","sha512":"5c371e4b1c3174fbb4af14de200ad6b955a0c4a089181e69e964fd93158e8e08e0b02103f58f0712ed8f89aa08f33fc20e170f6a8e0f2ecb545fab0f8177e804","ssdeep":"192:9ENb+D34nQDwwEE+bD3RKQGw1ExPyD3kjQHwj:aaQ7TTimkj","tlshash":"c4d1dc91002b5400d7a71cd227cf3f366fdc6058a449da782ffd098aaceada953a1b5d","first_seen":"2026-02-13T05:26:11.957944Z","last_seen":"2026-02-24T16:35:28.638167Z","times_seen":3,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/logo.png","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:52.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:52 GMT\r\nContent-Type: image/png\r\nContent-Length: 517566\r\nLast-Modified: Wed, 15 Oct 2025 14:39:04 GMT\r\nConnection: keep-alive\r\nETag: \"68efb208-7e5be\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":517566,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1072, 8-bit/color RGBA, non-interlaced","md5":"25e2746a2bb102193e0237577a476e6f","sha1":"80c10f3b363de9da653f53ef975242a83d0dfcc4","sha256":"f1c69d69b0ca92ae6d5728c67535687ad0b37fb689bb1046f90588e4105a882a","sha512":"1005c4b3e683b3fd1c75f605639a49389a41c5c42fe997f3b92da0236836504f532b600ef0eba2e778eda0b07cf251806cd2f232094be906f227f869f1e0f874","ssdeep":"12288:TK+znU7elGQLgALv4SsNAUgRc33uqKAaIH+NBfdWOofq:ntlx7wstRs7aIAjWE","tlshash":"76b41232d4ab34ab946152a1639365e150720cdb31be3f8b8754e0743b3b4ffb235995","first_seen":"2025-10-02T14:04:08.937821Z","last_seen":"2026-04-30T18:06:56.863412Z","times_seen":14,"resource_available":false,"data":null}},"time_used":711,"timings":{"blocked":654,"dns":0,"connect":0,"send":0,"wait":13,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/3.4.17.js","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:52.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET /3.4.17.js HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 407279\r\nLast-Modified: Wed, 15 Oct 2025 14:39:03 GMT\r\nConnection: keep-alive\r\nETag: \"68efb207-636ef\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-07T09:34:34.300929Z","times_seen":39654,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":33,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:53.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2 HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:53 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 48432\r\nLast-Modified: Wed, 15 Oct 2025 14:39:05 GMT\r\nConnection: keep-alive\r\nETag: \"68efb209-bd30\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":48432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-06-07T08:09:16.321809Z","times_seen":63907,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:53.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2 HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:53 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 48432\r\nLast-Modified: Wed, 15 Oct 2025 14:39:05 GMT\r\nConnection: keep-alive\r\nETag: \"68efb209-bd30\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-06-07T08:09:16.321809Z","times_seen":63907,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:53.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2 HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:53 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 48432\r\nLast-Modified: Wed, 15 Oct 2025 14:39:05 GMT\r\nConnection: keep-alive\r\nETag: \"68efb209-bd30\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":48432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-06-07T08:09:16.321809Z","times_seen":63907,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/logo.png","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:53.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 517566\r\nLast-Modified: Wed, 15 Oct 2025 14:39:04 GMT\r\nConnection: keep-alive\r\nETag: \"68efb208-7e5be\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":517566,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1072, 8-bit/color RGBA, non-interlaced","md5":"25e2746a2bb102193e0237577a476e6f","sha1":"80c10f3b363de9da653f53ef975242a83d0dfcc4","sha256":"f1c69d69b0ca92ae6d5728c67535687ad0b37fb689bb1046f90588e4105a882a","sha512":"1005c4b3e683b3fd1c75f605639a49389a41c5c42fe997f3b92da0236836504f532b600ef0eba2e778eda0b07cf251806cd2f232094be906f227f869f1e0f874","ssdeep":"12288:TK+znU7elGQLgALv4SsNAUgRc33uqKAaIH+NBfdWOofq:ntlx7wstRs7aIAjWE","tlshash":"76b41232d4ab34ab946152a1639365e150720cdb31be3f8b8754e0743b3b4ffb235995","first_seen":"2025-10-02T14:04:08.937821Z","last_seen":"2026-04-30T18:06:56.863412Z","times_seen":14,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rugmarks.team/","fqdn":"rugmarks.team","domain":"rugmarks.team","tld":"team"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T16:34:50.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rugmarks.team","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Feb 2026 21:54:47 GMT","end":"Thu, 14 May 2026 21:54:46 GMT"},"fingerprint":{"sha1":"64:0F:21:21:C1:9A:FA:4A:3F:A1:B3:81:F1:2A:F8:AE:14:6E:A6:AA","sha256":"3D:80:97:AE:39:7E:91:B1:CD:C7:A1:BF:81:F8:B2:BE:32:03:39:74:17:61:EC:82:E5:01:DF:EE:88:C7:4E:8F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rugmarks.team\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:52 GMT\r\nContent-Type: text/html\r\nLast-Modified: Wed, 15 Oct 2025 14:45:10 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68efb376-5c19\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23577,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10346)","md5":"b5df7d980116bbccd052dc54c4382452","sha1":"0ddd2f690838d9c4bc44929d2256d5b17094248a","sha256":"eceddd4ea07cbd51d1140bccd4e72ed38b57fa6a166d22aeb49d182b5232606b","sha512":"0516174a0e7ce3b45b238f0b4d1e54fd087a96081c48b0d841fcb44ea1dfba8e9541546044e7b0f17560fb7edb81e08073ea4b42c81ebf74671b23167a6ee916","ssdeep":"384:XKKCHihL7cGqcgArJGbKr9CrtEJTNCurTCae:XKKCChnJFrJGbKrMrtE9NCurel","tlshash":"70b2c72925b1146eac57c0f6f6907b1db519d2c3da2fc66eb29e01406fe6de64cc7308","first_seen":"2026-02-24T16:35:28.642354Z","last_seen":"2026-02-24T16:35:28.642354Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2611,"timings":{"blocked":1181,"dns":1148,"connect":13,"send":0,"wait":245,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"drainmarks.life/axiom/loader.js","fqdn":"drainmarks.life","domain":"drainmarks.life","tld":"life"},"ip":{"addr":"94.183.234.240","port":443,"asn":31549,"as":"Aria Shatel PJSC","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rugmarks.team/","date":"2026-02-24T16:34:52.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"drainmarks.life","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 15:24:16 GMT","end":"Thu, 07 May 2026 15:24:15 GMT"},"fingerprint":{"sha1":"DC:FD:12:EA:8A:6F:B9:31:C6:2F:CA:E4:17:FA:CD:D9:D9:12:1B:5B","sha256":"21:66:F6:09:7B:E4:01:A1:9D:03:BD:96:5E:1E:55:7A:B6:A8:76:62:F7:96:50:02:11:4C:D9:9C:71:3E:78:80"}}},"request":{"raw":"GET /axiom/loader.js HTTP/1.1\r\nHost: drainmarks.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rugmarks.team/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 24 Feb 2026 16:34:52 GMT\r\nContent-Type: text/javascript; charset=utf-8\r\nContent-Length: 11934\r\nConnection: keep-alive\r\naccept-ranges: bytes\r\nlast-modified: Wed, 19 Nov 2025 07:54:43 GMT\r\netag: \"2644d8e2d191ea38349bf5b9f75ecbb1\"\r\nX-Frame-Options: ALLOWALL, ALLOWALL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11934,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (11934), with no line terminators","md5":"1638b9db8fb096385313cbccb207debf","sha1":"44ef77b826568d01c5fc7b3f9c59a7ee198c295e","sha256":"22904dea6e6483d76a1785765d9477c0da4b00b9ab1e05bb01efc88ae1543cd8","sha512":"8a2a523438af4bcee980e090b2ee40e4ac2b0e237fd6f7555158b918f80a3df6f070e2041f0f45c7965105ec0ae1f8cb222a36aa11487b66b02cbcfdcaada479","ssdeep":"96:8xcSnDZl2m7qAEWiN1kdIVni0WRCXIX2BoVEiZ8AJq7R8JqdcHdL7C/UuYqNf7gP:8jf2mW1ROaI/VMvcU/bYo7a","tlshash":"5d322de3ea85e3fc0214dea74d3da04ad0206f08aac48bd069dcdf4b685c52f526d5bc","first_seen":"2026-02-13T05:26:11.954055Z","last_seen":"2026-02-24T16:35:28.644547Z","times_seen":17,"resource_available":true,"data":null}},"time_used":1304,"timings":{"blocked":639,"dns":607,"connect":13,"send":0,"wait":20,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"drainmarks.life","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}