{"report_id":"f2979a53-75f6-41da-b60c-e19011bd3d31","version":6,"status":"done","tags":[],"date":"2026-02-14T06:56:11Z","url":{"schema":"https","addr":"marketts.xyz/","fqdn":"marketts.xyz","domain":"marketts.xyz","tld":"xyz"},"ip":{"addr":"172.67.194.63","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"title":"markets.xyz","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"marketts.xyz/","fqdn":"marketts.xyz","domain":"marketts.xyz","tld":"xyz"},"ip":{"addr":"172.67.194.63","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T06:56:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marketts.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"marketts.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-14","domain_rank":0,"first_seen":"2026-02-13T02:41:34.679845Z","last_seen":"2026-02-13T02:41:34.679845Z","alert_count":1,"request_count":1,"received_data":361163,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"marekets.xyz","ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-16","domain_rank":0,"first_seen":"2026-02-13T02:31:58.963613Z","last_seen":"2026-02-13T02:31:58.963613Z","alert_count":57,"request_count":19,"received_data":4419373,"sent_data":8833,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vue.js:3.3.4","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"03486f98019e41d65d551d835817a9e3","sha1":"495741bb70e33bdfa69c1f91268a674e0ae92907","sha256":"d40d1b59045a55bf9142779b1ffcb0d3e36bacf60af0ada037bae6f747dfcde0","sha512":"15b50974ec069a224b9f85fd2f69b1efabc0642118db8941c285d82c037e1f3d197831f3711a1df0782233e75f37449204db17fcb31e42fea0103ab1116c069a","ssdeep":"","tlshash":"17e0c2286a5611b926732591c75f6240e86000639081d801fd1ce58a4f80a143465bc9","size":316,"data":"","first_seen":"2026-01-24T13:42:38.148025Z","last_seen":"2026-02-17T15:22:09.881828Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4cc906811390022dcb22382e4925243b","sha1":"72be2048f6dbc39a607532d47ee8700286d33c54","sha256":"49813f2ebabc4e8c4bf44bf040cabd94ab6ba4aecc76cf00c09a5fce0c35e812","sha512":"1370048804298822b275731726aeb76a0c292f116c8b5f361003323d86c82e717e90c0ae35d6b232a04b71c4dae61767930260d13beb2311b1e3862184dfd416","ssdeep":"","tlshash":"40d02ea82e9a133827332520835f928037e08043a0e1f8023a1ce1c70fe1a1000bf5db","size":289,"data":"","first_seen":"2026-01-24T13:42:38.150592Z","last_seen":"2026-02-17T15:22:09.882361Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0e1ee9f442371606d9a13b41a0dbeaff","sha1":"a05c25c8ad9127fe7d45319ce13e8b4a485d2e01","sha256":"713285cbc0cb910dfd2e7a86c604d191a27789ae50964ab1c674507ff4a20c45","sha512":"1dbac9fa1e0b338e780a3600f1a3da140a6c83a961a1d0c6c80fe3dc5a9041c346c471d264a07ccc87457cdccc2a28b768d02283512ba9cee0fc2e2b7124e42d","ssdeep":"","tlshash":"0221fedeb2826488526794d742cd8dceb8e617a919008c20452ef299225c3e8fb6ad54","size":1177,"data":"","first_seen":"2025-08-01T04:16:24.218288Z","last_seen":"2026-06-07T19:52:02.536142Z","times_seen":2988,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c727e4d527a2507f7c8553180cf123ef","sha1":"c7f23f13b98752fbe35c7b0624dcc29b51c687f5","sha256":"d0dc48272be05e01bab4a286ddb3a797125049f86c8c4711b20ffd6ba0aac634","sha512":"74edac81c1bd289a8aad68450d283a8ceca35c434bf43efeb3ae5e0bb85288818859f77742cb54366cbba310864578b5bb3e71300de692eb205e3bf01ff78f2a","ssdeep":"","tlshash":"18119ea9fd04a9a9135108f6581231e8386ceec81c62d29861f17e9dfe66c7b0987634","size":1000,"data":"","first_seen":"2026-02-14T06:56:16.370679Z","last_seen":"2026-02-14T06:56:16.370679Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"61b24d9d71d1afaad27a036b5da392e9","sha1":"a7c5c1c14a96b9ebab3694ffce78ae61de8cb0d4","sha256":"70227525093c77d4777751a146020a3fff21dba9ff8161fa5d78165a45b56ddf","sha512":"602bc408bcc648fd0f5a7816ff9f9259004dfa40430c84da86fb4143b3a0be6c657985b4225a38afc9b81ac1ba9a778aa0d6bbd1522a57112eb81fbb81ab6004","ssdeep":"49152:w7OwPEZJslMhwW2QUSvhjG+EyY4bfO3xrQanJfCpszVt0W5:c","tlshash":"a7f533016c57b9f78f9843a470ab2e0b15980e53985da0dbe3a4f5c03c6df9281ef96d","size":3399426,"data":"","first_seen":"2026-02-14T06:49:56.963743Z","last_seen":"2026-02-14T08:02:17.105762Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8de04e3dc63af7585af0e827672eb149","sha1":"02ee5e4b4e73e430d629744c4b7a3e38c36ed06d","sha256":"123e2a4c9c65ad62ea2b0992b1f80073e18a341a810f9ba40d1c4cdc31f1e759","sha512":"a42fcbfd4fc45305b75c0093524abafcf73f7d10f3bbe8cf573f3ea87803f672ae7fd293a116e7c24aeb0ef9fb24b9ea32e48200a56243187d5b550407631184","ssdeep":"","tlshash":"a911cce0aa6c599781c2095034894b02b13cb020203d9fd0bf75f0ce7c7c7ec96d262a","size":1000,"data":"","first_seen":"2025-12-20T20:03:49.143914Z","last_seen":"2026-06-07T00:08:21.702938Z","times_seen":1701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"290f2693531b75e4376c03efb2e445ba","sha1":"b7d99187eb7703bdc3e0d91432b1e6108b57bca5","sha256":"b2464a6e184f8e48f9dd9b02483cf8f9a049eb5ddf47bc900d570fe387613ae6","sha512":"13b68e7b1f8f4e9278ab87f46f2f9d12a9c7a48351d18265afce4d59c501c11bc510195ba10aeaf6c5c17cfd996a9ce4c639c162752cf6ea4b026e5fd6875e4d","ssdeep":"","tlshash":"5fe0863935761574097b986fc74b934b7da2141b5001e8167d4c914b0fa4f1034e6599","size":350,"data":"","first_seen":"2025-03-07T16:16:50.325983Z","last_seen":"2026-06-02T08:58:23.969339Z","times_seen":218,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/vue-3.3.4.min.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb7c7db47cea2c34652629b78dbedfa3","sha1":"c7ac35e6b96cdbf7990fb0e46bb8d51bc01da89e","sha256":"578b0ad025d8d56f1cc6e9294866d472c24d582c8fb824cdd1eae82ecca3cb9a","sha512":"a0fb4578d4e5fd8aea091dd5b2016971b562daaf13de7c2d506bd61c651f562393c79ab6c0f72e5aab73433174b91ed9f41130a520b73714f94721f8a9afcba4","ssdeep":"768:D5iD9cTnPEYGgIuEQIBym/ceCHnun27RWcOScwcGZclkgdCoq70T7DwmUwW9duih:dPFGgIuEQIMmEe527iIm0nB","tlshash":"ac63a2d5a90b90d58d1621dee037ed19e0281a23cdacf2a3ba7ceec1741df62c45717a","size":70511,"data":"","first_seen":"2026-02-13T02:32:03.168084Z","last_seen":"2026-02-14T08:02:17.081243Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"297a907d4e5b4c2198915e66274d9c9a","sha1":"e0f98af49ab0f7a270e2d739436181f924449098","sha256":"0fdbc26d9d5bd7f6a4bc38acfb91fc663c57463d43a08447f1386b3354cd84de","sha512":"48487cbd59e60a259a5836fc0315243da500d617e94e06b3073f79bb834bd141c9e5cfb59c42a3c2086c920c21be5996e589d4658513cf31d95bfc5757a4a44e","ssdeep":"","tlshash":"1371bc3beb00173bdc8fb9fdced5b4c02e62497262496560691ce102b16cd7087bed88","size":3741,"data":"","first_seen":"2025-08-14T22:39:51.132287Z","last_seen":"2026-06-03T14:16:15.147553Z","times_seen":3139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c40f44703948560a34bb214c7b7b7fc","sha1":"0a86a6ce2bb195e3f46c464ab4e3c1cf982f4db5","sha256":"702f420147d9a3eaae3fc766d257129daa3ef065c07c8887b992b086b7e62b6e","sha512":"b74905b4069fb7815e67268e0f00c5b04f6126faadff6c2a7e1d7aedf49bcd77ba84f46df3540af1dfe49062a15aa6b798b42472987529490adf916666e422bc","ssdeep":"96:IwYze5T0C3Q9IYTneXhQFl5fm+ZfyRuwAAAYnelTqX0IyeQ5wFBVMAa/JHJfJaia:DYzkT0CcIYTnAs5fm+Z6RzATYnelTqDr","tlshash":"3fc1750939a311b378472179737f62a83f3651ab7109ec5839ef83692f66d204de0ad6","size":5781,"data":"","first_seen":"2026-02-13T02:32:03.17408Z","last_seen":"2026-02-14T08:02:17.102066Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"59a13eef9e5e0ec7844e58e8b47d54a0","sha1":"0fb2b2059a878b87f8524284d448dd46a4351953","sha256":"c890c150b008d069bfddb86ee2c2e3fe979515939053b4c53fd6853b68e4fe35","sha512":"7fcdb614d30b1141e9a1e134a98e2888007f786f866c24e6383106d3e003f094e72901aa295e7d3450fccf5a249b25b436401a5b9439205da6b0eec8d72cfc80","ssdeep":"","tlshash":"33f0beaf336126ca23ae6ad20796c01d1e72e4ab3002163c575a36ca0cb6f52521b07e","size":494,"data":"","first_seen":"2025-08-01T04:17:54.874483Z","last_seen":"2026-06-08T13:16:56.58729Z","times_seen":2901,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1e21743cd2ee2004cd56bfc5c29e3609","sha1":"bf516634ffbcfd3186b71dafc0ecdcc47894c439","sha256":"0e428980439e794b176e0ee3cd84e4878510b1d52c1efc1c00f4af9729a17029","sha512":"4264e5ce5b4f3acb24046582388132a5915398c9266c18c6349d75fb94bd74bac990dc6ebd12e1e118a3a24752a3e4badae2faabd69b9827d1f223a0750da4c2","ssdeep":"48:atoyTqSsM+c69M+c69M+c69M+c60778KK7NaaM//M+A:atlDNDNDNDl778KKw//M+A","tlshash":"25913f32165427da63ce8fd45a85751d01d2c89a383e60bdff3279eded3a683c031612","size":4506,"data":"","first_seen":"2025-08-01T04:16:24.215618Z","last_seen":"2026-06-08T13:16:56.580916Z","times_seen":3039,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"53db6221634e3338f7338833b77fd005","sha1":"6b5162430d22629184bc86a5ab0e1b0fb91e8ba1","sha256":"00d8e29a10cc28a3be315e4c980233584e8209e00d34b4eb51566484624ead84","sha512":"6a26e1524205385a38aa50a30405d3104219ba42815a496f93851695708d958e92265a0c2ccf9f381937da9d05632ce56616e6920ba0e427c6fc14ec6b49347d","ssdeep":"384:mBG5aTJqj8rbO9DYJGGQN1nOks/Zi6SgQ0Nk4eNmAUE2+HzFqXZvl0:KGEJsdsogQ5drGBl0","tlshash":"769275c9ffa7f4211332687411bba14fb3eddd84501498bae7314f9cb9a0b7444e16aa","size":20623,"data":"","first_seen":"2026-02-14T06:37:56.877796Z","last_seen":"2026-02-14T06:56:16.358871Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"aaba2027fa595cd098fac364074a5de2","sha1":"b91cf19e4a0fd4db23a16676645dba92e8fcbb74","sha256":"7aeb5c784d8108b1e49c1c734fd209e0a435f0fdf029b290e8cbec32fefce290","sha512":"e79b33079cee2b5cae37138a5dde9840a677ee4287e5bf5a2080dd93073cc08fb5e120b7b059af37492c28412cc7eab1f8b1210a573392a19e75399f175d412e","ssdeep":"","tlshash":"b2d023992c75c9307298014650f6d79c67612051b731e54081cdcc6b7e21dd314b155c","size":217,"data":"","first_seen":"2026-02-14T06:56:16.37596Z","last_seen":"2026-02-14T06:56:16.37596Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f278e1582a6b32d6a9a05328bba73b0f","sha1":"02780b645a044990e49787663d3dba06626b1e3d","sha256":"07317dc90130ec69ed8e07a8362168074f9067473354101f361449cff37110aa","sha512":"08463b63ba1654bf203117d8f0c0a2ce4b5d92914ffba7c8ac3d942ff1a812c86cc61d9e840e5f3422c2b22d1b71b1a06b9a6d40d4e4259b32fd8cd40cc8357f","ssdeep":"","tlshash":"55319948a43216904242e8f1c676abeeabe774080574446d349cbec7eff8447e521678","size":1529,"data":"","first_seen":"2025-08-01T04:16:24.221852Z","last_seen":"2026-06-07T19:52:02.534591Z","times_seen":3070,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d3b0e9184ab382aba0ebbeb9c5b4650e","sha1":"244c063cbc567e697f9345ad26fa4fc2f1342dd1","sha256":"651e7f6ed9d558082d8df9f6114f5714870d0dcd5b0215ae8f5ec1e1c5b7e6ad","sha512":"0aef7f4e3949b1ba75035d45c41330b0e81e6557d62e30edb4b92cc99b35f857fb6728362bfcea352562d9ce307048853192456da9202fd2238f546eac844a5b","ssdeep":"","tlshash":"7521fe0a30b225324027503963dba55f7a52d0df5126fc423e8e8378af96fa40841eb5","size":1323,"data":"","first_seen":"2026-02-13T02:32:03.175612Z","last_seen":"2026-02-14T08:02:17.106596Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/7388449f-bcd2-4739-bbf6-6f77515e7f82","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3db7121de2caa4fc77621070df31108","sha1":"35875701e9fdfd7282b8e8a84042a0fe83649bd1","sha256":"61af0caf40b8a5fc210938c94393682a068d7ead1fe78bad66057ed81434a13b","sha512":"8384e163c54455fd3906943492b3cbd6d9358716308afe91fd17c765fc3e9fed2016e91d765644dd3213a6be5d607aacc7441c67300e146ec539b2ce0140b59b","ssdeep":"49152:z7OwPEZJslM/wW2QUSvhjG+EyY4bfO3xrQanJfCpszVtu0M:q","tlshash":"eef533426c57b9f78f4443a470bb2e0b19940e13985db0dbe3a4f9c1386db9680efd69","size":3401734,"data":"","first_seen":"2026-02-14T06:49:56.957039Z","last_seen":"2026-02-14T08:02:17.10354Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e37b50ca7f1a84cb0d8bcc40a8f7b681","sha1":"9b18133da02afb24a5a608b60a7fff08a8e91c7b","sha256":"f535d364960e1951e47bf99fd2fc6edbe8b0c6bd09e98c9a3fe236768f757a51","sha512":"6565d9be6acc87e5c69bb1a3830aee0bcd04ccc02d6828de30ac80c2b30c19ca2c1915a8c6500b78f94b4e66d9e0d6c4866582af90c12cdf20216992a44113c3","ssdeep":"","tlshash":"c411c4753e195534d6c5418731bee7a93e3250617b12d044c36ccc255d58d8714dfcbe","size":902,"data":"","first_seen":"2026-02-14T06:56:16.379056Z","last_seen":"2026-02-14T06:56:16.379056Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"cec5c6d2c3d2ddfe9335487d9fa30850","sha1":"182d3db313ba3e3fe18de6a0c6bac9c83ec41dce","sha256":"52ac6c80578ae1d79e15c6e923df3ba11a468885211b4fc10552ff95675d1eed","sha512":"753708fd9f3e69392db8207be49d42d48cf523e5df7a85f69029df9d749ea47cb18503272a881ed6416d2505baab5dd1301202a16f1b5d725f229b7c31c5a303","ssdeep":"","tlshash":"65d023d61975c93071d8018650b6d7dc66703064b725a94081cacc6f7e32dd304b1958","size":217,"data":"","first_seen":"2026-02-14T06:56:16.379955Z","last_seen":"2026-02-14T06:56:16.379955Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2380d391cf784bce2f77e0e16fa2268b","sha1":"2b88cb08e3d7f56772d46fe1a10d84774e8728d5","sha256":"e65fcff70fe965f3d1878fe515a7ebcd265dfe61b15461521450c882e8d081d7","sha512":"0f3264af3a045928be20d2ee1ef3af905571d07e3fc25eaeda22199baca89b8c9bff94d90d81124ff45b16c5e40df291c2f49d9464ba901d2d961f6fd1196f1f","ssdeep":"","tlshash":"e6411b1e00aa0aa31ba3054333ce846d0956c2cedcc73534d3b27f8134c67832a93bea","size":2254,"data":"","first_seen":"2025-08-01T04:17:54.882582Z","last_seen":"2026-06-08T13:16:56.583434Z","times_seen":2932,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3433c9d3e9b7e8e5b34ed72e309db572","sha1":"d53d7df082088749c1df6b08330ee9b9e4076932","sha256":"1d96fa9904e3743570bccd5be90e83fd91975299f374093cc6f723673d582dd1","sha512":"ffd0e047331871f21738643968b7eb7fa045ee0e45346a9ea986c4b8a3e745dd310542c6b2734f6d244408bba6548ec66f5cd7662c69485b5e59e3b9432cdff2","ssdeep":"","tlshash":"06f04245bd825a24d35670ddc41f978cc53690dd91491c4cbb64ece1de94c2cdfc6534","size":585,"data":"","first_seen":"2025-08-01T04:16:24.219641Z","last_seen":"2026-06-08T13:16:56.579886Z","times_seen":3107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"marketts.xyz/","fqdn":"marketts.xyz","domain":"marketts.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T06:55:48.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marketts.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 03 Feb 2026 12:11:25 GMT","end":"Mon, 04 May 2026 13:11:20 GMT"},"fingerprint":{"sha1":"C1:BC:7D:F0:8C:30:03:A9:63:CB:D9:5C:A0:F3:70:1C:46:20:BD:16","sha256":"19:4E:4E:9A:5A:F6:37:04:FF:83:58:30:79:AB:99:81:FB:AB:ED:46:0C:31:28:A7:26:F8:DE:E2:0B:0D:5D:FA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: marketts.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sat, 14 Feb 2026 06:55:48 GMT\r\ncontent-length: 0\r\nlocation: https://marekets.xyz/\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S9lP2YvKi7CtXG1fVuAVJ0c4d4SU1520urdbB%2B%2FDpGFW5%2B6HulviMrRyzwdrUjv%2Fwn7eProLhdiBJVnKohbbRjNuFfmTZrIMITwi%2Fw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9cdaa979686c1525-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":360671,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T16:34:27.378125Z","times_seen":16244212,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":69,"dns":53,"connect":1,"send":0,"wait":4,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marketts.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/h/g/jsd/oneshot/60138c04e6b2/0.27642984319690417:1771049181:rt_uIn568u88veT_TYslt1w0SpiSZSJH4RurrcHYaWw/9cdaa979ba4223eb","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/oneshot/60138c04e6b2/0.27642984319690417:1771049181:rt_uIn568u88veT_TYslt1w0SpiSZSJH4RurrcHYaWw/9cdaa979ba4223eb HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12141\r\nOrigin: https://marekets.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12141,"data":"l9kd1qs-S8MPtFmwbUs8OmPmGmlSmldsUsG5kmcd7UM4mLAhhfoFrUMQkgpmMdh+Fme-tdMGm5ews0F-NbpopmhJpDpmS+BFq2miOSUjdr8wcvqb9PQU9drWgxI4UEaqmSviuMcSrcivq3N09msHASK+qwFMZmd1qNqsXm57mAArI7yIT-QkhyQkimMhqmCCXsywm2Ev-+tIiK6JjsAj9m165mb9mIH6Qm8Ll1kOdrv3uTkN7bx4hzKr9m11Ims90yFt12J8PmrBEDuQOIKFmSEFQUSkdm1H9O1KdxAkm6LZyUDgY2419m7LI8SYxcAlyJ7RYfsDmSqXM76F8UmmwCFQmIw$MSEMbESmr2WmMRo2qmsbKxM$qyKIqm2K9z77OpBfL$yL$229dIIJLuh7-nrFHiWx7I4p9WSN87mF5DjvXnFmF0vc5vygyYiSD6vRUyAyZ4Beiausy1oLqmGhqImm+Ijo4bw5hT1hWKw$DBhhj5Khz5bsPpetWvOH31Hgl3el+J8pmM7KKWSj76i61a-F8dJgrQyIS-xUuM06qI$MWyROwm4vN9JGjYjH4s4OpzxCFzKPqO7PnuG5OKaB4EQLMoD21r5M05cJacTABzO7tC9DW$DOmv0E1iKeODqA9UdHQLMM8MWDF$KNUYD2WGhgNxgdMOdgI3K6r86X5tlUutuwj0XMT8DiWX4z7sK7LNuCZCsIuy0FObOmPOBFhs5O0vx3fZfy$Mw0fWX4RB+vqTr5d8lfHLZB6KU4RhbayrNYuIk-cqM5msnhqTsBbchbKUcHq9TFvOFWmnvzGdwiP$TNiY7u5Sw6BBNKxwJm-5wO3TBphs5-FR0miKem7xcoGoNmAs9Pwxd88TciPshhiKbdsb9Ud40Smk4A9shoiky9wAK7Fw7Q8FBs7MkuZIrdws9PBKBgBb0hmxU9ak-FULqPwk0mfHf07yFdaPu1-cB$eb15fKwi581BIs7pmL5acZM8MHUoDBLDbqc5s1wxUBb9vKTsxLDdERPFGLDgUd0iphYmioUHEitm8Hh7HZbKfsIQKULTl2YD95AcUGP2SwdL4KkGEG519HRtLDI9YyOv8QcoM5F7Gk4d9QM5g1rkXObxr-oH-0Xk6GqKa6sKmB3Kk2wiRlF9yBUBY7K-chm9-2olXQr9-Bpr568x+kgcD5Qb9m9YHUilqrks7e7IWdNCwUCy-sU72xHACso9xcqMmxbgGpPT2bOcDobOZdm6myHy678vxxy9dHUBQafbZaHTGkbpcMjPFA1WRTlfw8TSxcT+ndS8sILBIsZcgJKMdqsWgMmmpxjY8sqiGy1H05h7WSPfv-cG2Z3scQ2O5GzZMiPfr9vxR2wJmSGJo00Wgs7sFwsGW1JLwsWD7SrQQM87IaL8a7zPKbGFM2JZ0M8krMicb+a+mNAmjkNmugkbccM6dQYSjFTMiAFwaLJ0tQ9lYfRuUShHJwkisiPmwNCCRtbMBWU3Xna-3pHg53RjaqjmWQcUqLEQPSNDCGHmij1qt9z6JWPMLR58TJJBWXCJ8laO1f4XCYwMzTzCdi82cmFdhtAU-sDdwMjdwmm0XMuf653niKhso$NsDwF+dIm0EMsmlwxmzs4S-9dbGm7bUEY6mReU8PboQ57djwEdmlW9ikbq+cXq2MxMFF4gsxrIMU7wPwjSlHHOD0iSwwcgKPnPdnlGJPxbO8aI97FohZMDvwiCxBhlT1HikGkQsdhMrqMWAUk2$l$wNyPr9rdjWCc4QgNt6Kjqo260729O7GWNio22je2wpSWpXNjm7XZqkeSo7DkPFKLcC69bcNSyhgsKAThh7ChhShZi3aDAtlhcBXd2sUbIjhkmSApNk25YczBQrACRSTh4Q-9v+kym5ZKUdWcdSN0LxHSBP09SGj2Qd$WDms1cGv6GSBdqTNqQm6dFlS6Xyqv7wKhkCkpWOPFBFfyeSWSHqw7FsjCk3T3qpNmHTLsEMv03gZY5ZKWaRkFmKq-j7LNy6wb9oe5ALh0lelKnZFsk06SqQdxksdJv7rYWxjW2ImiITS2rqd5c5ZWKKE12-7-RhdApgySL-KobeLMrNgcY2kjsTmxZLd53wTK8aIlK+F-OcB6D$lpdC8wv8ZxPZAQUh7nE7v3W71$-dBOhR3ND6IFbnFyF2ChFm2O4QW6Aj5+AbGP729x7udWEIc5Yjpu-dDsGO0Y4hp34xmtnoDHqhTea5nqjymqvb2WYLoB6l7zFRM7mX1qvTnSRj-HgEEQoccza3N$cUFwy$njL2b$FBou27dyDsLjFbqPKQe4GdN7+whfaNMMg7KhIPMjrGPMi8bo5gQhPpQm$4U0BWKIQWM++gsev5e7mKlFHuxnpvw8DDA7FwnC7oliO3xe-qqE7kSTje2HyWEqLOmZC2-n5sPleld7ZY4WB3aYE7pOhCqWU-k+EO2wUdMXh5MOUsBMJlUGC6AyxRCvL77ZwKLS62$kmFDe+U6eFZwB8KwbbRIyaGPhT2wj6gnW3K71gi4ZNkddov58DUYGWuKMyv8AUcb057A$QtmGJJhds0ML14Ud0n9sNvSPwlcZSTygF99dQRXaPvmG-rDp8wOY19U7FboJq8KODc20Hav4lG3+HiwbjymS25lEA0Hmlko7NMk9mLBlPnuW8RDkIsU8+pxdU5v4rgS9dt1ONACe75nMcOtSYnwR81KwiPLsW+IEhktmN2Pe4+6fKCdg9SGLC5z8dWqmBSnUSEWhhMhzv2Q4c7C64GWvzU7FZYqQsq-9ndgbq25GBB7mwPo$rNSmCJISEPpOkqCPDD9hBnl6R1sj$O-9N8U45n65wq141SsmT72EhlFTob6lSA+Im0LDcPS2iYL1UdRLI7uvTM9lian8ENof-W$v2cblU1HC2N7Cx2rGk8ZFqc4isMyZldHoA8N8Z4CCmoLsq90q6$M8lZwBsPbOT6k7IdmBiiDRPuwRchN4x2F579NSOvNhRPq3+nJ5n4+jFDh7N7BM-ePSUS05lro1svQmkiRdKdPrw1fypeI6AP3ZJFgpFQWWX6cn+phlyRA9XTJhuFtY9+qSQoKF+zEeNpCSBTub0G7d5fPNEn14Jihurw75w+E6LM8Uk4u8H7LYw20csuxWuPc866+US9+KeQW$G1ctxAJwBmsGRD0H0fLP401Eg-qcT1zCOe7bj2jSEyxBL7QpyBFlbQF+2QcYHDZGCoQUGh2JC9Akv$8z+qHscxMNEfyhP0+cIPDMHovM1N1XUvODaOwnwhptgL77LIm4abmDf7AOG$rTdHq8K9USwgM2IHopPY5eXgBE6K5OHuny1xY4iYc6hdUdsXCGHAiwlQ364rhhfnZ7FAUNaN+Q5n4rAxs8FOrdB3l$kO2$hZyEnp31q2TundlNEJ56kJ7mHci1slUqSscuMWBc0$dbF228$5BNlnhBSS74yYen4q3xBnqIQaTLncSQ3fWI4PbtCxWsqcQKsUA0ZjAtQb3xv8sUcfvUS$qEvpv6SDw5nCw9TpBMwD5nSITAnDdBd57K7cr7ZSIa5Fe2nRSD41jgrgiw3wwK12Fx4prm4mNPciTR4iCh5HWqIAii01IYQRrWc2wCAm4RmX7feDAgd8vmyd2rncb-bU7peMvv3+vBijWjBUyKMBv7B$4-0$4QikSEqqMY7c704pdLT3FB55m7r+qSI91rWI3wZwk7Gjdd163KNkrdNIZ5BiOC3O1xrQQAbZ0DnOkX0N5e3ynhcB7JTIa7cc3q5SdEA0ner1y9Cli03c7iQ9syCP4tZHjtZTerQJWOc2FB3jafy8W+qBijeCcMODyCZ$OYkoeM4F8sFP1k2aAkm5Ncm5w2a0iqkveMeDkXwQ1lyUdZSHA97kbik4yykOwke67YGYN6vYhmbUWj75ydwjBHiDhb4PGYInrgbK3qA9yuFXbQwAlzc3O$A$c9bfZJO05ze4v+yQA-FcQAiCn83CTA4csUsqZHIZ3M3qFWMHWo1raRs5m+4w2ZnKMywJ4UAaF$eQ1xm2Oc8wZMa109QPmfZOC0jWZS4cMEAinP4Qs8bq5syFNrZZqMn+lXF9ycmRnPTC52bFMXNfO87sGA3AOY8SASAiTM3C3+jGiU75bTdXTMT3590DChcGh3FgvcsGk2W13aIbGQO2FnAIbmG9CmGjjpODqblbGk7KMNdXNp4cs28ISj7saUWR47rU59ypcxOjNDd2N57ssbISwPTbMvA9iUmXbxFU5sapBnbOqkGJs1a7ZdOn49in4UciwjychplqyjSS7m1cSM49WnsZIkmcT8Sic7bUFo7QZM1An$0GQ14KM-ZssJChdLw2aUQgiKbO3ghiA$2H2Aw0NiNXWvkW2d3Ri9rKMeGo4pW78bNayLckOsSqIGngsG4s703+qsdM1mMe05btC61aF-kABCehN7ICG-A04WQ9sv4+aRMFvcrQO0NQWqSHntZIqJkvWB8B82SXbZqqdf8cv9TOl5wy84vDnTZJ3vN64KO7QgWXsi3Ba7r6kj2mKw1cbi1m8BMxO8STkK5s7kizT05DiFNK1wOmtyGeTm2mHHrUmnsUcx8mPf4fTKDq0Rl6kcGLILNswnjLGcOaNlihI8MNFj5GqPSUClSOw9W8hD8EjoqACa2dELTdE4h4a53tI$B+n4NRrILKM9S8mllQ5+1CcsniI+Cs17h3AgCrwRC7CRl5KQSLC71RIIN3qLcC8hBmSjsKsp0-DmG3WUifnIDse2WANKrC8T12QN3$wTqAFteLdad-oFNRlv8OFBrvI7TGkDnRCv8A5KlQFvNP4mZBsPj97-AeODIB3RigsQM8SL4-whW$yfOSiIlJlcwYA8PgIsvqwJa+waItvxE-ZPQYCznYt4F2bKnwM0TdFOtcmrTcG5v87GhYGcrNjZc0FP8ZaPeYtvWE1MaeshmSi9mUe5bF1vQjciZiPJyjsQMvcw3qqilq52SKMFHsZa2Mv3dqmCI$vEc0hbeyZshlewsZHAZnBh1t0X72SqQyIkSR8eBi4ZrDsU79oycxtTWSAxwyb9ts1xsteWGqEQBIoQ8mK2a62mwZPp19LxsFqqiBk-DLcrZ$IZK+DQq7MRn+tW04B1BhaRGpHQ0QcStflGPcrWjihrmNZ8bcKjyAmYnqHZ5xTjhScR12FWs2sWQUKdWM02BhL7H+GYAxKkTBAgaJWSCsKSjZiYIIrqAgT6Q$4ksNwTAYPueQDqG$PYhekltkFsbivJnr2b2oDLdjQTaWCUHkKj5qP4kE40OGO578sa2HoiNrOm2IeKr7SAmQrgP27Kq4HXtli8OfalmH8LdCIlkdtPO2mZ8UEDhB0UsAlQBNh4aPeiim3m4ki7N11neMNiGPSA2$O$y6dXiAo95UAudt8Qt8Z$BTQ+NSNRhieRyJCYeZ82rvymOtFPhBHjTTEAeTkFDZOxZqbqtKsUTGb3O02j0wHllfa7QrC9PyEPkTjyEM5Jjjvzw8bjy$Lxv2DUIhqSNkyQAWkLZLeaIbweGMwyHD7gd3O8dAnuKymuSuSpkBlsvBrdlK70BLcgI8btjql5wrTy88l$8mGpcloXS21$kLBBhkDb1xwBS$1QT05foEZIOxnLnTv4LM8svLEBAQsJdsEGEKx9dW7vLko0Zc157KyScYDjrvI4FsMZCLItvXrAyZ0fwC0G8tFxl6cJ3RhTNhduoI18STyIUljKS5hxPxeCNKbctpBAOby30BGZCcOmLvTclskCARiRMXS5nWdLO6LTqw5cC57S-WeEZmoc7HhcrPT35XP5mcBgjxBGGmThsqB0SOgNHmbMPUqJeI-IMvj+0XWPkybGsdZGOY2-ggMBSbBEHs8YFCC6NgkiirNm$TP3tkF2F1EHEMNHDhD+H+DQv1o2S8s8m5OPDpeMl7$dQKkDLiDXTfwJFfFen65Jve87oLG7DcevCrciOB4BZ8W2T3QsKfBGNehthAnig8b878L32pTZAUrc8UK2BHmGPmL2AaAKrGdAr-2CHBCWdPhdaXFPNeLI-182r9wlTa5JhZl+dLOJPtW5k9d8NPb1A6NK2KSU2sSeawB5rbdrqSPZ0Y3-U08uG1PP3ni9cg+P4YisOmP7N+rNKSc9S88btXB6Eqvz3KHkHfEhQwT3jR4AM5xbSQ17oS4pI4hywkgIgo65bo-Afr2TH770oPrYtdPpDhHbLRndKYPtQJEJthjB+ieRNT5UPBT0Ss6De8mF-KsaKvql1EllGUHDDpfLDd3p-UP$yK6lKSHayvq0cx+aa7F6TRq8siO$W1HK3r436GW36bDke5DLKsw-PEQRsieWvAFQv7bi+yDUdZAaWLNDge4pcR4l5dN3l+K1nS2Q0gmXbUl7-Ds9q$834l1vEqv26xsSPEn-LJK012G1HIULL+El1t1xskTA3W29ZfWxhig6yvQ4+L14+7sHmWwGy6k0hIomUhLLg9k6eo1$Huy23rChCfPlyo07b8gPSuPFNhL7mqS3nPZWlKs6nYLW4cM6yHTRjUm3T9cK-9cgSRowOsblonDBmO$eUX7XaMtHl1tH+WKD$Us-bJhLfoyiSqiYIBMsLJaYiWLMfTv-Gqg-ttw8Mogw$wf$Cw$tA7e+yROvGjZPSQiPmsKLnUfTaeDU$n-lFig5ZpoQ0RnbLdz1KL0rG$KjQpH77v2H3Ods5v55aY04liwrPbEYtKigW1x52jmWnYjT2lvoQtDWfoxmE1h7NYLNO6ve-aU5e6FPmL3BQkr7B6IQi8f9k+Wlk$ks2ke+W7fQvOzM0z8v16swORSqZE8BsGG+fPgUFNgtgwYnc2L2QAgXh$cEoYgxxZP8Hbvbayf5fAvkhdJ8f8ZvEEhjHTO4F5ept0f9DKtgOKQsbrO5MnoRUy7+5uWBjZithoTAw8P5es$A$iKuSZgDSPsxuHNkW38gqNhf4FEiTrMufdPh4heb$nDUJFtjhthpB4oAWAWLWe$i+Hs0l5bn38zSoyA04A-sFb6$et+0QhcGipqcxKKeEX7yQ1PMDb5qoOZ5PmPSD5Rs$XOrvJF2$F1XredyMXy807HIUILNa618m7xEABnYd40l+ShnrDEjvk2s-UDEKqS7$SjY+8n7SMTt$vfZlZbtftLcy$c3vu-iOgWFKD+P8b-OvgMN6TJDBM8O2DQ1L-OIsKfBDjyHgTbUp9YJchz8zhJoJmyk4EUXSUvLt5M7DBS-IOdjYL4eKA9ymgt5rO8YwulmHP6nTrb1DQRheNNYZByqfeQO1cm5O1Z9CdZ4Ij-bm4IS5B7rt0w9L6bFi-XDtTfGKZsinJhjqW25bW1+nj3tdWmSr5MHCY0noUX1-OXX4OXSADK5F8YGQnB$XK7Y2rQRd5x5$Zc5gsSNxyKXsR4rkt-7aaytG6NRN6G$ULT6RtK8ecb2dRgqxn5q+M$ivxUCdiyiBaQwDsYDcKlAnRhhH6pJJEpmrBDibWxY9zTYRRFKLrBqJ8kW7YkCJMvu1FhQ82sRvpR+xaK+HhEvN9wWRcvAYDWP94f5Sxl7l2EqyWKYcKljkqivuXm15DkUJ4U6XdA5Bk+yy6Qm7iD879P7rRS63SGw55Lb-aOFFb9KYmqlKUbRs2$NUgN$Tdqa$kkjR-jqm4iUm1xcUoodqSwl$y9yF3KA9ai1MO3QBOSy25Zvsj-sxLPPq5LE2tHNTMTJmndjmg7HWM4MZKR8WyroGNjGpJm8KgtvRiUM4m7Tb4e16cKn0wsJmTdfR8ml-QPSWkpsow-Fsui3KKwK8YdReEMbxHTbjsY52F6IiiyRFUZyd6-P$jO70wj73d-B1HMP09syi7EWF6PmEqamUyZs5JASmZcukBmr52qKUScK5cFcqx-kUK7qbF3-FzFiky1TbeTM57w5xkBGbq7q9GKP8SIM6S0e4UwFBFn$PI82rdjTkvmwqdGckDjSDcz5ljsadxiI+aK6FgKgS7xbKMkOAmu4ld2dTdcyUBpbK6Pr5m3mwmKwPKyljx7tBuX798KWoqA1wjyPPw4YE8M7MeW+RwU8KxdOm0Kli2xwPFMHw0BGIESGwTKy-GYcCMZY2FCkQIlxvTMPcwUSZNpW27OI2F175fk9j4sfSCUtwl96P7UdqmKgWGSIhOcZcbBnKwFnUkvi4BFqMSdFqFByMcrl-nKscBDjv4-dKqp8xk0KFU5jw9q7SSk0RNOiA9NK+PBkX7gqkXqU9fcq5UWAqwYcBF2FUwhcb$T2rdcpUcFq2isFv0TFwFMkEbb8dbiJsGIvP-E77mTDPqod0XsAh2ljwMUhw9KE0s-s8TkuwB9dz0IeTgFd0oUKmCUxTjee4B2UiOilcGbBb+FZZQZ2I$ajwr-TqZmQ7k6ISErA-2FwkzrP-8IMcP2FSdRihR8Prd07OHKEKGxGMM+BrckUP8-RGRB6-JIDF9YEFsQsPp+sSwXZlkvmmHqFT5wu8v+bTe+0KAHFn8veb1KbqbXUkNb1osXdvdgmWUA7$8rPbDbSmIklFrT7DbEM-53oF9WO1xrhSxXXmULoi2PxUEdwi5-rLcjirmqoq1UL$22kPS5H0ZGE5W0QG9s30HT5kaOB4j0k-BATi9q-l8SxdJqQTbkM-1U5iBuBScfP-tkQl4sHTaZSk5UfPnS69m-TJI$qM51nBXBKicFK0m4jb7DsDm6mBRrkO-0XPwFm7KS$wScHp5NdnqS-iC7vxvM4O87C9gKiF+sPamA9wYW8dwjWwwF$5N2HCS4k-KOwkkNYGkrwmSmemeU3rPHZ8cZ-wc+d1NijABdvTPI8ihqi7iPSKpz8L7IR70i$FRBlZkdNqadbOqssBhkmk9Lj58BjhHhAtroseTlJQTsIqkWdo5OUHPKlQp1x5fkb+po9em6wrOtd7NprjxUXfGK8o34+3IAhDQQa7lAsJAmnYNwlF12jHdQ3YQfdfvk+dsdo+JkCKCmHFlF2ddS2pS+qFqvPrHBSQwdyKMB18mmmHfKsZrUiGshg3RF3mkiE73Kh7MEQmKKn7sYkWocjQAr-d1cZM-duqiT19lnsI9zhcZaF$-dBmKM$s8+lutGkxCcbPQ0sgaswqPrJsu4M6fbCPr2s38dFPdaF+HSnZDsYytdc7lNwE6iM$dQgldr3lKCQOhw95JP-88vy9$dw33S1LuOR7OsvZJKcZcyi+dBsBBYkyo2AGMSEvn4z9qwSEkHmIHBBJAMZ22GgmYO3KczSINv7kM-TBBEUq+iu13v8YA76OAZKZORbmd7Fh3iPfGI3pdczkGKqDyu2kZqqkF5klPBG7-cikIGR9A7-wrYcuhS+cFn-QKbC7tyCkyfSAByihCkdR+xUi8sHsH2C$pdw51MH9mPM$s5-IgyI69lw25sQTPrSgiSm7SLBBmyK98i8mWbvm2dJKXwr5ZESOsrdLw8HiSqXjrFlmxU+DDhSLbWTJkewFxBOmBhiZ9on8ByjuIULAesHjPCMovSKsYebkpI-FQPewM4Bvk7YgZm+S8qoZWK2wyxx7TmSgZjTrdbdrbW$jOwkpZH2GxwrPi2mvmmFluq+nPdCs8O5-KJb6MvIfSN+rq-bbOCUjBZxdEYlGWMrvjzUKpbuNGQKSUssePprOm$2Jl6icBDTk-ToxnNpK3ZsOy5+9EnkZsTTt+r-wwrHOM1EeQTgIiovTMywWerh7y$Zrq3G9BknYyYcZNYjpRoZ1mI-tGBUml04sa+74BFbFNYL4BMpg2bFgn8NANBa+XEiXy$TAw6ZYpXEi6msjMkQwJpRd5gFIrPd$mfZTY346zN7SkcM+1mFs$jMKZWFfp4tFYFmo3J2T4pUSwg6mHz1aZYp17WSdbCPd2sk9LPcFMXWwQTZYpS-ZzGn2Y0THL-LPwF6N8d5PsqXnY4c-MsK56mhKg-pc+LjaAIYuPp51A7$I5stmeP+PnNAkSFxoZdbXsl2onkKIzHQbihxcxkKEcm7GbDXh42kDHT30a+P8PFku7OkO1dGjis7rkLFQqHzZKqnmWzl8aQ0QUcquo6HSrcCKPbxKuQlrk+q91rb3dfX5FL-5gwQ9MqZ9b-00qo2zbZ-XcWeSSWk1NbFy9s5NlS5A+gplSjGt8qYaQhOYvYtZkIDSah2QBg-PUs12jbMsLb5SeK1IDjI6SamJ-f4ai29cop8bN-yHFUbaAPm6P7ABFKkPxa1jMIbP8g-AetvFlCbfzNG$BOGvFlRjiq9DDemudCe38NyYAGULFW97Gx$yEof+SbC9bn5vyXZNYlg+F+jjYZE+gOEAaEZWjvPF+gFQaALeLmpytGgFb2MQmtkNING+aiGF$Hx9uSTpyD0synZYpwkwdm5DhZeTLi7Fap6jF3KO1dWK5SpxWCP05sUdY8uof+bcWU1FKeUcfKqPoImeDsHSAKrHnGr4BHddg-Al1Ipw-2rhlSPbkyDJp9DnBg-0py$3$A0T9PSfgZssq4cODCXk-lGr+MRSpFs+gOwZlwHXi9Dr2FXbRlULsScZCjJOYyMYi90CSTWN-ip5UCw9gFkB8DC9$Tb9qkdNXRk8UywHg7GBh+il5W6PsuIiDcd72PQ-xK0jg1jHBDnT67PF6AD2FRUIHE3N4TiDi+0efWSRNkrsdmdoiFbsQ2YWkYm3owUHB0BMQZeh+YPdwSitPc5sn+gDL45RLajXZhw-x4dkr2eChDnjOw1g$a13aBZ7pZxwE-DyvjOmtmTxJKd2D9c+DO3lxtZlQPpWyLCUygUEyaG1ajZD3rxJW561LA3DuW1-0XdGKrF02R3dRDh-APrWT1h3mR-h-GKZmr2pW7Yjo7ooCCIT6WWdsgBwccbC2gW-DIjkz13WpDg3h8hz1kcnaPs75rqtWQfkKW3DLp2RZ3+YL3aNZF9dnbuff15SteM3-DzQKoPEWd1L3-DPsBGLLWd1H3UiRsF7PdOzj9bwiosUGNdOK1r3ZZ0s-AowQZL1WgSI3rDD1W3Lqb7qoWQFordY8R3WSLEQBtIUCLoKPcGEQwovWP1B3gDec53T95JjXbXpFU+xL7WJLolsF-B5GLjWy1$D$i4BBBoUO22oXMipBygERT284p-DeB$KHrbZDub8QM$QTr7Z7xXl3KzuU+OPWHeTlqAXlhhQL5T2Cb3yuMW9Dm3UxtbDSnMW9Hda9xtb-i4eQ7PF3oxv8Kice57Kd3RD7jpARwhIoa7fLzkdQJ31ZhSnwxqjHDOHBoHZQTx2d0DoEQOHCAQx5EqZquxjthq61$H-DJ1xeMO3v2cjRRu1aDHGaM2bljDqLgvmAahDxEcQeHygDGWJ2OPvioWy3K2O62QjnUC++FbQW$xGjv7+L6PKx3C1I3ZQj9QTQPmf0EWSdNqh8htrex$8CktbNwDHZXUAmhSP7bUSRy66g-dAnUsoigsOq2FexIwcmMvSWsrdTyRlfpvtiJ+Hd4bNU7um7Sru64QKCj-lNe09bKKC4ZF+xHnUtv7E8xzJv28RsZZcdykDvfs1J+-DQWxU6wN8c7SFmmmu20KGMvmhPWwaUlFIRSNs1+JJ2O22Mzskk3kQqB9hKC5cHcbObdf6kYbHnRkskxUiycAKmm72w1mGQmhmkhrdgwNZhkrChQcFo1csDNBMiiLq5FewxkQHmDCQkuw9o4Pv1LwMks$dqmlCFmmHddu9mmhBYRh$nm$Ko3vvs4mQmR7fafU1mmIHc$aF5ax0EWnDRl$HoDdykM+n9d4$ymlaFmi94$HocsMJHQMXR4$iPimlxmwsDR$$6Gtu20iKSKJ5mqmhmmCKv3PJH7OwmZSPbBnFmwuxozavXQkSMTkIxUxNQwMkjRmaEmFme1EvvmimmmEMysyrqJAmBdmbaoiLOPmRuzFrmh+76nz21KWKglfF7UslRGm77aUkFFCMJvRsAdX5bxbByn9NgHq5fa+Mf7sFz5xU+5MisL3OB8kR-oKoLmlijSHRYF-RBrkakgkRK$-l884EBngm4dcPhfvpeBmF7LFAG9BBWlT42sY$KXRRd-mPsQcLdMXwSBwqEsSB8uimGN5hr1sPJ7mpUym8diFSFm8mx95fFehwT3BrkjkE8iS0H30veTjkOfgSWN270yhPFGO8YsRqimQmxs3tadS8AYsTY$KGdRRt207iYm$K-U-Do4qKZ4sxUmm8yvJPSKX9JgaC6BQdI$WBlrB0tU0URBmrXeK20LEMkTTmnqi9mmbuWMFmm"}},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-out-s: coggO3ePvunAKv/KoqzvDw==$k7UE1kcFFRcpfhyhDSoXVw==\r\nset-cookie: cf_clearance=zjiw23QksGvuJaghMCuOXAMsEXwG2qb6on5yHxjHAnU-1771052149-1.2.1.1-K2mqbmrhRr9DxgfSqBtbJuEuhJ.0r6OGKVst.xkDG2waf8Ywxv_wosmmvT05OK_Qx.mZ2sTChPXl6_aHGXClYjt5gz46Z.7n34zox4V1LgHM_wBZh884C9dz4VKjNLdjSkaIXyGtOiaWqTP.Y.rtCI0O0gGlOACJVLuBvh0qZHKFaso6w7vPU.tJ6jIRpGD0Yw8dTOzAXcDEosqusJg1kUGUktOeVQ7XMZy6Zse55Bk; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=marekets.xyz; Expires=Sun, 14 Feb 2027 06:55:49 GMT\r\ntiming-allow-origin: https://marekets.xyz\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-length: 0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9cdaa980ae251525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T16:34:27.378125Z","times_seen":16244212,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/secureproxy?e=jscdn/getFile","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://marekets.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://marekets.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"t19l6m7w3u0aulogvdg2\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:50 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2F%2Bw8kjTL8GND%2BZXMwM8lZKaVP9z45gG4KRaRYtRtTEmMXvfpnCFHbSKZerUfeWRLz6wEEVnen4P%2BXbeDSZSmyFoWTHr%2FvZW5fkOPMUUmYy6vg%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa980be261525-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3401734,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"33c8f8896459612635f22b7549da759d","sha1":"b4812324c847d2d4bab1eb7bba658f45f75f39b6","sha256":"39185d200e39fd5306f05baa6b9892b8b1a406f92588f74f426332f1531cede9","sha512":"3736b1916cc4b796211eef9936a385fa3f7b326048e15346da3af231ec3a870cdd2268379e9a523bccdf09b0367277b71bd60e2cb4159214b976f73a86b7fe8f","ssdeep":"24576:RNV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbdSUxf:z7OwPEZJslp","tlshash":"602523111eb7fe5e0f4ceea5347f7e0369414f82858d58dbaa72f6c000a467b424af5a","first_seen":"2026-02-14T06:49:56.901736Z","last_seen":"2026-02-14T08:02:17.089309Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":551,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/60138c04e6b2/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9cdaa97dddbb1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20623,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T16:34:27.378125Z","times_seen":16244212,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/60138c04e6b2/main.js?","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/60138c04e6b2/main.js? HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9cdaa97e6dc11525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20623,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (20623), with no line terminators","md5":"53db6221634e3338f7338833b77fd005","sha1":"6b5162430d22629184bc86a5ab0e1b0fb91e8ba1","sha256":"00d8e29a10cc28a3be315e4c980233584e8209e00d34b4eb51566484624ead84","sha512":"6a26e1524205385a38aa50a30405d3104219ba42815a496f93851695708d958e92265a0c2ccf9f381937da9d05632ce56616e6920ba0e427c6fc14ec6b49347d","ssdeep":"384:mBG5aTJqj8rbO9DYJGGQN1nOks/Zi6SgQ0Nk4eNmAUE2+HzFqXZvl0:KGEJsdsogQ5drGBl0","tlshash":"769275c9ffa7f4211332687411bba14fb3eddd84501498bae7314f9cb9a0b7444e16aa","first_seen":"2026-02-14T06:37:56.877796Z","last_seen":"2026-02-14T06:56:16.358871Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/5c285b27cdda1fe8-s.p.a62025f2.woff2","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /5c285b27cdda1fe8-s.p.a62025f2.woff2 HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/ee8993b79509c8f9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 36980\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: \"6987107c-9074\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 102255\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5yiVKC6WihpdfelQQ8f9ggBOvZXIgh3ciPN8%2BKEicNC5wRhsIn2HFOkMB8UNoROE%2FOGrnJHgMUft1wUGsTKtDs%2FjNX6gBdH7YPEgEQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa97d1da21525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36980, version 1.0","md5":"d4c68940b772538be3593f0c646de4a0","sha1":"780cf59b7711cee0db291f06922ca66b12b65dcf","sha256":"468d56b6b25b05b70190b6c233d773f6f1770e8579827ce022a57f03fa8002fb","sha512":"9ef888244841c65da84ab26fee2d312bf0410e340df78b10f087c00e6f190cf8abd61cb09e5790dfd7270edaac1bbb7f871031b195a7b2363f389b6be0038e89","ssdeep":"768:HLi1ptmFif/WvZWPAD1lDB55/hMWS/CtVkvIP0t8eY:HLktmFif/WYPe1lod6fkvfueY","tlshash":"d1f2f1730f45f63229562eb8fd398b4e772845856ec18ec68d90a8f8f403f646469a09","first_seen":"2025-09-15T08:14:29.049499Z","last_seen":"2026-06-08T16:39:10.943113Z","times_seen":4765,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/BTC.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /BTC.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102255\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-60c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nfTGo%2BI1oubOROB%2Bu4B5j1UNZBKwFlMW121Z4SJuDp0%2FQA6AQ1f5mH9O0k4TB3Ww%2FO36cRjpN%2BWmegsGfjbS3EznQQQVBayo8wrZxw%3D%3D\"}]}\r\ncf-ray: 9cdaa97d6db01525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1548,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fbd0dcd24fd10dc292588fe8a03e9076","sha1":"b6b0422c99f8b7823bd69e95fa8673f36dddc402","sha256":"06a1f0fd5f0376d80e2b81d8368abec89fa2476b5b4ec6fdd1f1e60933d80583","sha512":"cc4f35fb478d0bcbfe7b75e206b52b95932edd7787b357640779e3a246104bebc92291bccbf1ca78b918c8641fcf77d41a146ce0eef53c743ea45a35ef265ad1","ssdeep":"","tlshash":"f13153bd99664761888e43bce9bc09ed2e47745f6f0b02fcd16203b078157b9cb0496d","first_seen":"2026-02-13T02:32:03.169022Z","last_seen":"2026-02-14T08:02:17.077047Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/markets-logomark-wordmark-dark.eeaa20bb.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /markets-logomark-wordmark-dark.eeaa20bb.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 379\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-e71\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NoSp4kBOYTuK9%2Bd6tk0gNvwgXb3Aift2lbZZUVfsDwwNdyhXpfchNVmRr8e9eM24FoTMKlWc71FPlNt4WzPtFNELuvxzGbxaF6KpIw%3D%3D\"}]}\r\ncf-ray: 9cdaa97d5dae1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3697,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4f3953b6c5915e0c97797f4ebc0065b5","sha1":"7139f8cb7b8bbd81d2f2a030ef3a299bf973a849","sha256":"43e584be6fd64fdb964eda0a463adf3749e1b5fe8c4e1cf89d33ec1fe01da15c","sha512":"ffac0d4f2e3b02e2803967c5c37e5ab2308dba64da33ee34eb9396467a4a0dd1197768ff7dc2d73d8c447f6db6dfc4c4a4696a278f6c20d70b3835f653514f62","ssdeep":"","tlshash":"407180e91b7842f8a4cb8f51ef3048893a6fa07d3e234784c13ec664a5c3f9ca449c24","first_seen":"2026-02-13T02:32:03.159409Z","last_seen":"2026-02-14T08:02:17.080243Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/US500.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /US500.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 379\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-bcb\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PVdoaoLqtPjZBgxUQoPKyU7rNknng6lu0tLq5%2B8DwspYKaAN02K2uxocQQaRPqp6bSAycdiU80CkiOvpG0lYtQqpG3t6frMGV2%2BOvg%3D%3D\"}]}\r\ncf-ray: 9cdaa97d5daf1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3019,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"759245bd02002cfe565e216c31408003","sha1":"3a75dbd01a2384eb84fc90884461d16311530d8f","sha256":"35746a36f3d6551b77b85bfe0188e157f354186dec4f63c3657fb19f252c0de8","sha512":"7c09638e568f7bfaff4b6b78558b26709d10a5278819b4d13436b27177b240dc633fb2435d5e0bd7d79f34d3037775daa306bced97267c316efc70715cf4379b","ssdeep":"","tlshash":"475123f55734aa49a7e7deaedf230ca61f0df8fe7d9141c0805d8aa95e46ac1e103c10","first_seen":"2026-02-13T02:32:03.170729Z","last_seen":"2026-02-14T08:02:17.084377Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T06:55:48.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 06:55:48 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XxRc5XvO1gYGC3yUusIk2nQM2Q8rP2nxycFTIXhpdXoVJ%2FAsIgRad9AuAwgnRyx%2FaPRHwcp1CsqWH3vYOKNOf3PAqPhy5djKnFmHXQ%3D%3D\"}]}\r\nage: 379\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9cdaa979ba4223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js:3.3.4","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":360671,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (27043)","md5":"840462cce7d6d1d9cc245305d715f400","sha1":"080381786c2d72e93d75bcc4925e2967faf9feea","sha256":"f754555fd3163693bbe02d60425e0ab9dc52bafad2770f2145a7b56f33c207c0","sha512":"49d59bf468066ccd1f163084934ad50c0d7058204d06b00fb7ef680d0db4e89ce542b250034933bbb1c67e97a1b971472f6142ac3febb34b3e2123719fb10142","ssdeep":"6144:Je0rg4MWTCeZdk5hottpOzKh08G5CyhsiLoll5SGBvVO/D/7a/BI3pt5n0:JdM4M4CeIz1ptl0","tlshash":"e7740a3a261077397527c52c52b8738dc125d904fa9399acb5e74f118be3ad23f7a28c","first_seen":"2026-02-14T06:56:16.362151Z","last_seen":"2026-02-14T06:56:16.362151Z","times_seen":1,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":15,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/a1d298d105e3a295.css","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:48.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /a1d298d105e3a295.css HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:48 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-19f5d\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 102255\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9FCCx4%2FrUWx6Vv%2FfFRafMNFdVRjBBKquN%2FckGWZXf3ne1bt4UanvdotILtkAeW3ffUoZAOVsPIoriTlJAr%2BTlQMufnG5irJY%2BiaOxw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa97afd831525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106333,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"37f29a2f4c139f92b0437ddf52e2bb8d","sha1":"2f53091c28dd8b78103891f7b1017b14ab62c959","sha256":"9e470357541c0a09867e41e2600392b351cc86df264bb39d4e0dd3309c897f31","sha512":"555e86a602e8c1d95f7db82fa32941c4f063ffbe93a845bb9c14770fb5f81fd3e3e61123b761ebd6edb1186d726ca8f265dccc1bf6c3d108be6e99f2e66b87d1","ssdeep":"3072:EQhK3J0gYOAM3uw/onLh6mttMq+WDhm4G:EQhK3J0gYOACuwwnLh6mttMq+WDhm4G","tlshash":"58a3a2a4a23ae53fac33b4f9539cf81c9119b085de250aecfe12a11257c7bf21977614","first_seen":"2026-02-13T02:32:03.149151Z","last_seen":"2026-02-14T08:02:17.08834Z","times_seen":18,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/index_1.html","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\nage: 379\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rbPLgOd%2BwS0Rl00uDhvfNaAJRxp%2BHh%2BkMuqcAM1g8BwHBFpd%2Fhpfq2IAvyaZ78SjjQ66gCq6BSqskX%2BmqzIW%2FIOjdgrLjn6vlQSFqg%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa97c6d941525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":119309,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65202)","md5":"ccd07d750c9d99c10750e7ce58e26e75","sha1":"6ac6b0e6fcdacc7fe4e0102e08d5bfbc8a08f731","sha256":"4d6b34f34610d31825f2b1ac8ad82e14bc0b3bf8c7f02d338bd3eaf0ee79f017","sha512":"4d57ea90a496dd04ca69bda3ae257a6d18572757d119946c0f2e0ad8aaa5a480f9b7eba2820f535c5b22ebbadbff0fc7a2b51eb5fe2299248d74f7c0d25303ce","ssdeep":"1536:VDaJSVf/FeEXe8e5BAeOVh8r7LibtMA4kKix+vmIVvzoCGx/0:Z/ffh8r7LibGNfeI00","tlshash":"e6c3f936911da72e63130dacea26227e334793dce64600de69aee7f153ebcd0d45ac50","first_seen":"2026-02-14T06:56:16.364554Z","last_seen":"2026-02-14T06:56:16.364554Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/ee8993b79509c8f9.css","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:48.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /ee8993b79509c8f9.css HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:48 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-1032\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 379\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NEFslYllHF%2BSR5x6gjWnqeFpkpzrSzf2N4t2Q%2BLb50I6FcHwIJFO9c1qZogzzViwP90PZL6PardQDD0Xhrv75iN7tj2Rp%2BQobv1yvg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa97afd811525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4146,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2713)","md5":"d816886d11295660141051700756eafe","sha1":"9e5a2a028d8a38bf700238d49fc9a6cb52a47b1e","sha256":"73aa05a1547db83e7284184e2ce9fe9ca3eeab5d0d76848d20ce550daa7b0c90","sha512":"051acac7cfda36d723fc6da8dbce152a25062bf5fcc6ca770a54bf86788134d42a718195d8910c844956cb98bc73a4eb56181018d1b8c01fdaa07e1786e27347","ssdeep":"96:AMqsOO15qsHO1WqsQO1zqsxO1/JSHsWqFOMqmOtZ:AJsOO14sHO1/sQO1+sxO1/AHs/FOJmO/","tlshash":"05818c34442a7809d7eb8c5231ce7e03b82d51756ba6116398693ef89eab97f13e0724","first_seen":"2026-02-13T02:32:03.152457Z","last_seen":"2026-02-14T08:02:17.085409Z","times_seen":18,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/ETH.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /ETH.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102255\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-88b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MrsnS9VAykKnSHkBURvp5HBZv6VvSkZ%2FKJJNWJLJW5SehOjtZ%2FimwPNiV9Y%2FqDpZ6HdtVI4YXiOKcaTQQAl4w0TaWBUN3uIebvsejw%3D%3D\"}]}\r\ncf-ray: 9cdaa97d6db11525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2187,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0514837200ab036e3fd4fa421b3d0193","sha1":"98226e822173019b717482bf3f56e75d590a7aaf","sha256":"9a90c888cddd158f2431304ac557e194bd45c41475a53b426fa7095300c177ef","sha512":"aef84265f899d757542a47527fb632c5d74e33875703095576d4ee11cd2f473a6fd0aceca1adf423ab480c83bae5f70cdfb11e5722e63d455a8bb74cf7aa2562","ssdeep":"","tlshash":"7841fdce1360f3886f98d74bff54ed25410a60fe14b58d8582ce8b1de71eed67a15810","first_seen":"2026-02-13T02:32:03.165271Z","last_seen":"2026-02-14T08:02:17.078224Z","times_seen":18,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/HYPE.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /HYPE.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102255\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-19a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cEMQgPzQpmJXb3unewOJz3rLF43tV23Ayj1Li1hMj8BUCNJ9FlBSlRZLtkgDXH8Z95onVfUM89OVa3N4qAxPVwf6bP2RVvGV3NSbaQ%3D%3D\"}]}\r\ncf-ray: 9cdaa97d6db31525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":410,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0adaaf2bfc9bf7e3a95a6f5f048553c9","sha1":"935ee69d7887f150700b7a65c3f9aad0d585fb51","sha256":"3cb02b5a6c10b308353039cba5d5d09e50c3abaa38a049c47f5ac148c17794cb","sha512":"83e64a411c16ecba7fea21070ebf06e69e8b6523fb3ed8d2e46ea783259632e33308e0901f4d68be3024ac131b6fbdcd7e80efe8cf1b9b8df1045eca3e861078","ssdeep":"","tlshash":"55e0abd4e56de970ec9c8fa017292464386a808b38c884fc6a920f139a81edc9600c0a","first_seen":"2026-02-13T02:32:03.155648Z","last_seen":"2026-02-14T08:02:17.09018Z","times_seen":18,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/markets-logomark-light.svg","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /markets-logomark-light.svg HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\nage: 102255\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\netag: W/\"6987107c-1a2\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xKWoFzJ4zx0QxjXB9f97F54wNRU5jkuoc5AVkjRkswrEhIpgy93weykgdI14PwTmphjKPC8Ijz8%2FOBRm0PRnR4%2Bg8QJjXwjQ7a4faA%3D%3D\"}]}\r\ncf-ray: 9cdaa97dddb91525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":418,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f34071f0160ba21a945fdb026290cc8f","sha1":"017ead9bf3eb2175af58150f8854eb803bab3633","sha256":"9c2d46df887758a1014274b551de3bae8cada3ab700f87aab1fca932a9033546","sha512":"46b909f1a63efa01afb49cfc2dba644ea13dd72f5a8819218e9867476c638499ff2825de5eda5ae004c2cc4890cd13b513897c9995021ed0f4ddf036a2ae2a65","ssdeep":"","tlshash":"cde081ed1ca4009daaa4cb2e3c642f8cb49e62ec5a708de230ce01053203ba3f890085","first_seen":"2026-01-28T19:26:06.708847Z","last_seen":"2026-06-05T20:54:12.109142Z","times_seen":44,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/vue-3.3.4.min.js","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:48.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /vue-3.3.4.min.js HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:48 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-1136f\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 102255\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YEVlf5UqOzvZIZG5ebH%2FnZDhxAwodyPiXMVowwjudYa3BZAAcYcc4lAfMUtqfdDGbFHgzsZijEhj5k8W%2FXElU5zHJXs3ejOguOTKHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa97afd841525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":70511,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bb7c7db47cea2c34652629b78dbedfa3","sha1":"c7ac35e6b96cdbf7990fb0e46bb8d51bc01da89e","sha256":"578b0ad025d8d56f1cc6e9294866d472c24d582c8fb824cdd1eae82ecca3cb9a","sha512":"a0fb4578d4e5fd8aea091dd5b2016971b562daaf13de7c2d506bd61c651f562393c79ab6c0f72e5aab73433174b91ed9f41130a520b73714f94721f8a9afcba4","ssdeep":"768:D5iD9cTnPEYGgIuEQIBym/ceCHnun27RWcOScwcGZclkgdCoq70T7DwmUwW9duih:dPFGgIuEQIMmEe527iIm0nB","tlshash":"ac63a2d5a90b90d58d1621dee037ed19e0281a23cdacf2a3ba7ceec1741df62c45717a","first_seen":"2026-02-13T02:32:03.168084Z","last_seen":"2026-02-14T08:02:17.081243Z","times_seen":18,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/5c285b27cdda1fe8-s.p.a62025f2.woff2","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /5c285b27cdda1fe8-s.p.a62025f2.woff2 HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/ee8993b79509c8f9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 36980\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: \"6987107c-9074\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 102255\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jBZJrRHfkoLikUjFFBHcRRjHnYO9pwt1Ug%2BGrXQlkHO6dOWUdFGj3Na4Ss%2Fss4A0IyzWbjPXBWDEZV45C6ngJPFRpifmrdRy8qwInA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa97d2da31525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36980, version 1.0","md5":"d4c68940b772538be3593f0c646de4a0","sha1":"780cf59b7711cee0db291f06922ca66b12b65dcf","sha256":"468d56b6b25b05b70190b6c233d773f6f1770e8579827ce022a57f03fa8002fb","sha512":"9ef888244841c65da84ab26fee2d312bf0410e340df78b10f087c00e6f190cf8abd61cb09e5790dfd7270edaac1bbb7f871031b195a7b2363f389b6be0038e89","ssdeep":"768:HLi1ptmFif/WvZWPAD1lDB55/hMWS/CtVkvIP0t8eY:HLktmFif/WYPe1lod6fkvfueY","tlshash":"d1f2f1730f45f63229562eb8fd398b4e772845856ec18ec68d90a8f8f403f646469a09","first_seen":"2025-09-15T08:14:29.049499Z","last_seen":"2026-06-08T16:39:10.943113Z","times_seen":4765,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/514668ce6c591535.css","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:48.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /514668ce6c591535.css HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:48 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: W/\"6987107c-2b2da\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 102255\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=54%2FJ%2BJ5S%2BPn5aTsSWNNKcERCJiWZgVNnCS4uuI8V2sd6GYbmlTSEME7joVouaFq96m5txqZw3j72S8J7HRUCrdAF4SSamB03g7Og%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cdaa97afd821525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":176858,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"eac132d6be9f4feabd3c222537aa5387","sha1":"6de77f28896b112747f6fd6278f52015b13c62cb","sha256":"b3ea1c8f2cc3147bfe545f049dddda881857073a386fa0811e8ed86ededddb26","sha512":"6e2932babde2c8891ecbf649013979a0cd1e5405d9f9a22b6ce3f685332b75d247226a0352175f6a5788d5365ff4bdb5d68a2a4b85b8f5d974240e8fba4aeed0","ssdeep":"768:Zxu4hiVAkwXo8Cv+QDsGHTEAjyrInGO/UsnTNXoYKG+gyuqBGQesYoyYolLlRoib:bo6G/KGQ64VLrXrv+kBw4w","tlshash":"d604fec4bd6cff3ea97f643d35c5849c8e877996cc40869fac2530de09d979420a3a4a","first_seen":"2026-02-13T02:32:03.154698Z","last_seen":"2026-02-14T08:02:17.087405Z","times_seen":18,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"marekets.xyz/5c285b27cdda1fe8-s.p.a62025f2.woff2","fqdn":"marekets.xyz","domain":"marekets.xyz","tld":"xyz"},"ip":{"addr":"172.67.203.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://marekets.xyz/","date":"2026-02-14T06:55:49.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"marekets.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 16 Jan 2026 22:29:11 GMT","end":"Thu, 16 Apr 2026 23:28:05 GMT"},"fingerprint":{"sha1":"37:93:4C:F2:16:38:27:7E:8E:17:BD:7E:07:79:C7:CF:9D:4A:B9:AA","sha256":"D4:91:31:7B:C7:A4:3E:90:72:76:C9:21:69:6C:4D:D5:7C:82:AA:D7:4E:EE:27:3C:10:87:BC:AC:F4:5A:FB:75"}}},"request":{"raw":"GET /5c285b27cdda1fe8-s.p.a62025f2.woff2 HTTP/1.1\r\nHost: marekets.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marekets.xyz/ee8993b79509c8f9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 06:55:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 36980\r\ncast-mode: default\r\nlast-modified: Sat, 07 Feb 2026 10:14:20 GMT\r\netag: \"6987107c-9074\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 102255\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3lvlfpZ7iRL%2BvPEevkbSXAlYCY2M4lpcCokqezr3cRQLONcQBK3Gm6PP%2FTOL2eGU4rjWeph78i1%2FfboRH6Sc%2B8eg0vFeQXG5mo3TGQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cdaa97cfda01525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 36980, version 1.0","md5":"d4c68940b772538be3593f0c646de4a0","sha1":"780cf59b7711cee0db291f06922ca66b12b65dcf","sha256":"468d56b6b25b05b70190b6c233d773f6f1770e8579827ce022a57f03fa8002fb","sha512":"9ef888244841c65da84ab26fee2d312bf0410e340df78b10f087c00e6f190cf8abd61cb09e5790dfd7270edaac1bbb7f871031b195a7b2363f389b6be0038e89","ssdeep":"768:HLi1ptmFif/WvZWPAD1lDB55/hMWS/CtVkvIP0t8eY:HLktmFif/WYPe1lod6fkvfueY","tlshash":"d1f2f1730f45f63229562eb8fd398b4e772845856ec18ec68d90a8f8f403f646469a09","first_seen":"2025-09-15T08:14:29.049499Z","last_seen":"2026-06-08T16:39:10.943113Z","times_seen":4765,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"marekets.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}