{"report_id":"7c247060-136a-4b68-8f64-45d23dcc49ab","version":6,"status":"done","tags":[],"date":"2025-12-21T01:58:08Z","url":{"schema":"http","addr":"mardasro.com/","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"ip":{"addr":"52.37.165.222","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"mardasro.com/","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"title":"404 - Page Not Found","dom":{"size":9021,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (6525)","md5":"f4fbcc178a7c12eff06dab12458ea073","sha1":"18708a55362203c3b8788552db266166e9147e65","sha256":"3684b9f2e38f39c65b0c786118f5f60dcaeb4d05cd9a792f3dab34027d81ad18","sha512":"655b86bdccf8c6a1032856a88bc2523097ffe1f825066254fd48b88ebc22d28a0cbbdaec7f1e9f84fe5cfa56f66a9d3e858bef808dbf4c7f0b33d9d29df895cc","ssdeep":"192:phe1XNsZ5v7JXeS7JXex/27xL9+WbQf+qObn:pkc1hL7r+WbQf0n","tlshash":"6612c66ab2a014666e13c4e7d9c0b528b62590c7df3edbb6f18e9104bfde1a610d770c","dom_hash":"domhashd7a0429778a4f17a56f57723778ebd0b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mardasro.com/","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"ip":{"addr":"52.37.165.222","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-25T01:58:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"mardasro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-14T22:17:06.291076Z","alert_count":0,"request_count":1,"received_data":2542,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mardasro.com","ip":{"addr":"52.37.165.222","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-10-22","domain_rank":0,"first_seen":"2025-12-21T01:58:08.767206Z","last_seen":"2025-12-21T01:58:08.767206Z","alert_count":4,"request_count":4,"received_data":11420,"sent_data":1790,"comment":"","tags":null,"fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-12-14T22:20:12.666465Z","alert_count":0,"request_count":1,"received_data":148262,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2025-12-15T00:37:47.140969Z","alert_count":0,"request_count":2,"received_data":815968,"sent_data":816,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-04T04:11:39.174587Z","times_seen":28722,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mardasro.com/","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"ip":{"addr":"52.37.165.222","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e8ccbd6e479910837b7b28663e19f3ae","sha1":"2e20943ec67d4bf7ff1551d8dff92317314ea77a","sha256":"ba1e3e734b1af5c63a74bcff2f4c417f583059ecfd3cdc705f07ccd2e9a41a46","sha512":"e2844a2950d8137c2b2c50d2c8b26e2e5b130b77cde94eba0713c36d0648b6fab9d9d3908b9d199e1c8d403faf7419d8631a4fee3619efcdbd903ba9af053166","ssdeep":"","tlshash":"6e01861665bf1a173517506645df5452661162df1c1c3c36374cb2442f0c11fa07c34e","size":795,"data":"","first_seen":"2025-10-26T04:48:33.184022Z","last_seen":"2026-01-11T02:51:46.514898Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mardasro.com/","date":"2025-12-21T01:57:47.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mardasro.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 21 Dec 2025 01:57:47 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::tgsbd-1766281515513-a1c19e41eb59\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 751\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y%2F27oGU33qti6z9bqhynBfEYsKderQAcKcx7Af312t9iJBQ5PnZyFQdllivBlUMiraMv%2ByoYJmOKmPD3jYxkOm4xVuK7Lk4Xtwv6DSq4FB%2FORw%3D%3D\"}]}\r\ncf-ray: 9b13c54c0a135a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":39,"dns":1,"connect":1,"send":0,"wait":4,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Pacifico\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mardasro.com/","date":"2025-12-21T01:57:47.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css2?family=Pacifico\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mardasro.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 21 Dec 2025 01:57:47 GMT\r\ndate: Sun, 21 Dec 2025 01:57:47 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1856,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"814af72d3cf56cda5efa3eaf9791ff24","sha1":"fec7f0a2f8b10261542eff61174f753d30609e98","sha256":"0ce6ebe3c2f92a9b09ac1838615eee49ba397dc6875ce39b28c069065a0f1977","sha512":"89687f226f71228e1479f3f6ddcd2c82f7752bfafd2bb3a56d919d7ce418e8bb5892d57c355447d3100a3085e8a087048e088c5ff06d1a255af7a80f231481fc","ssdeep":"","tlshash":"6f31bbd1012bd800db971cc163cfbf36ae5ea1962410d67a6bfe1cd49cdad62a254b0d","first_seen":"2025-09-17T01:56:31.274954Z","last_seen":"2026-04-04T04:02:44.176538Z","times_seen":1833,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":253,"dns":1,"connect":31,"send":0,"wait":44,"receive":0,"ssl":216},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mardasro.com/","date":"2025-12-21T01:57:47.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mardasro.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 21 Dec 2025 01:57:47 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::jwcjr-1765212281299-f54ecb125284\r\nlast-modified: Mon, 08 Dec 2025 16:44:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 1069985\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nPT%2FnAycadGkW8pfosPmXnTD%2F16GJxg%2BU5jcignMHPGdD2H2oq6W53n%2FfLCsWR9fKSC3y7wtHrD56RFLtRrqPTLg8wt5qtvONhafAbdbn1mkbQ%3D%3D\"}]}\r\ncf-ray: 9b13c54c2a3e5a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-04T04:11:39.174587Z","times_seen":28722,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mardasro.com/favicon.ico","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"ip":{"addr":"52.37.165.222","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mardasro.com/","date":"2025-12-21T01:57:48.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mardasro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Oct 2025 08:53:12 GMT","end":"Tue, 20 Jan 2026 08:53:11 GMT"},"fingerprint":{"sha1":"6D:DF:48:06:00:B3:3B:6D:04:80:0F:94:4C:EE:73:8F:2E:1B:4A:5C","sha256":"98:FC:08:58:4B:08:A1:48:BD:E7:EB:85:30:D9:66:DA:61:DF:8B:D3:DF:0C:A1:C2:B5:97:D4:67:87:7C:7E:D2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: mardasro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mardasro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-length: 993\r\ndate: Sun, 21 Dec 2025 01:57:48 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":2634,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"e105708778835519492eda94103829bf","sha1":"05daf07561007079632c43c968edbe9623fc3679","sha256":"a48a36058cb59973aff40e5ee9fbebe07226dc26d94a69f73cde329d9948f1a3","sha512":"4e761ab2613a96cdedf576d9c8325c4280c7fcc3cc008ae2f7be35e63c51afe3a06d2b61459796da1fdf4b3627ec58d46b62586d7feeae3059565ead0d9070b2","ssdeep":"","tlshash":"705156ba20fd59b7210385a1a1c5713d5e41c18fdf19bd1ab29d62251f0de9a449738c","first_seen":"2025-12-21T01:58:11.866502Z","last_seen":"2026-01-11T02:51:46.511769Z","times_seen":3,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"mardasro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mardasro.com/","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"ip":{"addr":"52.37.165.222","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-21T01:57:46.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mardasro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Oct 2025 08:53:12 GMT","end":"Tue, 20 Jan 2026 08:53:11 GMT"},"fingerprint":{"sha1":"6D:DF:48:06:00:B3:3B:6D:04:80:0F:94:4C:EE:73:8F:2E:1B:4A:5C","sha256":"98:FC:08:58:4B:08:A1:48:BD:E7:EB:85:30:D9:66:DA:61:DF:8B:D3:DF:0C:A1:C2:B5:97:D4:67:87:7C:7E:D2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mardasro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-length: 993\r\ndate: Sun, 21 Dec 2025 01:57:46 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":2634,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"e105708778835519492eda94103829bf","sha1":"05daf07561007079632c43c968edbe9623fc3679","sha256":"a48a36058cb59973aff40e5ee9fbebe07226dc26d94a69f73cde329d9948f1a3","sha512":"4e761ab2613a96cdedf576d9c8325c4280c7fcc3cc008ae2f7be35e63c51afe3a06d2b61459796da1fdf4b3627ec58d46b62586d7feeae3059565ead0d9070b2","ssdeep":"","tlshash":"705156ba20fd59b7210385a1a1c5713d5e41c18fdf19bd1ab29d62251f0de9a449738c","first_seen":"2025-12-21T01:58:11.866502Z","last_seen":"2026-01-11T02:51:46.511769Z","times_seen":3,"resource_available":false,"data":null}},"time_used":885,"timings":{"blocked":348,"dns":1,"connect":171,"send":0,"wait":171,"receive":1,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"mardasro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/remixicon/4.5.0/remixicon.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mardasro.com/","date":"2025-12-21T01:57:47.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/remixicon/4.5.0/remixicon.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mardasro.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 21 Dec 2025 01:57:47 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 14630\r\ncf-ray: 9b13c54c1f6f56bb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"671f99bb-3926\"\r\nlast-modified: Mon, 28 Oct 2024 14:03:39 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 98148\r\nexpires: Fri, 11 Dec 2026 01:57:47 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=WcGmKUmmeFmIyabV2MTNq1v8uVpVu8Gso2XACRPfFJIHGwxkUrpw9ByVm1CoHOaqmliFZWBFzVbqUQJC4VIC%2FWxDpyW91Ix4bxq2DYCjEBqUMBYTUK429%2BuwKobvSG2ZzE%2F%2Fh9Lw\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":147258,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ff97311587c902f7ac572db12913ca10","sha1":"5056f6d601e3c58f19d5ce24cc7c3614fbaa20f0","sha256":"e9a8e593fedefb85b1ad193068d984565a6c6e9ff3e4d1dc5708230e14aab338","sha512":"ea9f864eaedf8d31c3fec7453d61da16800b29e58e53d7fd30f0683e7bc9116064192e0f29555b0a9329b3a2179d389782115bc6580313c4111dcdcc53dd6526","ssdeep":"1536:Zocv38vn4UYzgKvP1IqRCwNd1l3JclUaqM2GSsRotTCREaNU:Zx8v4UYcKZ7clA","tlshash":"92e3cabeea4f05901702e8d26367274163b9b6bddd817c7ad413688df3c666883c62dc","first_seen":"2024-12-10T20:09:17.83272Z","last_seen":"2026-04-03T19:02:19.175553Z","times_seen":1251,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":37,"dns":1,"connect":6,"send":0,"wait":15,"receive":2,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"mardasro.com/","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"ip":{"addr":"52.37.165.222","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-21T01:57:46.802Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: mardasro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nContent-Type: text/html; charset=utf-8\r\nLocation: https://mardasro.com/\r\nDate: Sun, 21 Dec 2025 01:57:47 GMT\r\nContent-Length: 56\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":2634,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":506,"timings":{"blocked":163,"dns":0,"connect":172,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"mardasro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mardasro.com/","fqdn":"mardasro.com","domain":"mardasro.com","tld":"com"},"ip":{"addr":"52.37.165.222","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-21T01:57:47.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mardasro.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Oct 2025 08:53:12 GMT","end":"Tue, 20 Jan 2026 08:53:11 GMT"},"fingerprint":{"sha1":"6D:DF:48:06:00:B3:3B:6D:04:80:0F:94:4C:EE:73:8F:2E:1B:4A:5C","sha256":"98:FC:08:58:4B:08:A1:48:BD:E7:EB:85:30:D9:66:DA:61:DF:8B:D3:DF:0C:A1:C2:B5:97:D4:67:87:7C:7E:D2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mardasro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-length: 993\r\ndate: Sun, 21 Dec 2025 01:57:47 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":2634,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"e105708778835519492eda94103829bf","sha1":"05daf07561007079632c43c968edbe9623fc3679","sha256":"a48a36058cb59973aff40e5ee9fbebe07226dc26d94a69f73cde329d9948f1a3","sha512":"4e761ab2613a96cdedf576d9c8325c4280c7fcc3cc008ae2f7be35e63c51afe3a06d2b61459796da1fdf4b3627ec58d46b62586d7feeae3059565ead0d9070b2","ssdeep":"","tlshash":"705156ba20fd59b7210385a1a1c5713d5e41c18fdf19bd1ab29d62251f0de9a449738c","first_seen":"2025-12-21T01:58:11.866502Z","last_seen":"2026-01-11T02:51:46.511769Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":171,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"mardasro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}