{"report_id":"0609973e-d20c-43fb-a788-83aa0855c774","version":6,"status":"done","tags":[],"date":"2025-12-27T15:54:37Z","url":{"schema":"http","addr":"cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"38.225.209.250","port":0,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"title":"访问提示","dom":{"size":2324,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2377e98351983f39740376553a583c6e","sha1":"2e9014152e0e937ecfbd471c443887dbc7e06354","sha256":"e2ef10f6b8eec6060d58a1ad1d12e4a01625317a16b4e9c0669c478fd1b6a32d","sha512":"f19492b43a2540161b244fbe00bdb848d868cb7f10868daeb5228d280fc8a2a60d1fe86683cf8ab2b67e518418b84900e332c7e6b3db9f2863213a88582e562a","ssdeep":"","tlshash":"2e4198d31ba69427bd92d45079522fd631acd807e40ac7a476f5a569cec0eb742333cc","dom_hash":"domhash9f56b4cf3fd7b1f4dab033f1c1ced99b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"38.225.209.250","port":0,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-31T15:54:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cav10.com","ip":{"addr":"38.225.209.250","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2025-12-11","domain_rank":0,"first_seen":"2025-12-18T05:22:23.700643Z","last_seen":"2025-12-25T16:43:12.833779Z","alert_count":12,"request_count":3,"received_data":176384,"sent_data":1585,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.qrserver.com","ip":{"addr":"159.69.246.187","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2009-05-16","domain_rank":342339,"first_seen":"2012-06-20T10:01:45Z","last_seen":"2025-12-26T05:26:46.676487Z","alert_count":0,"request_count":1,"received_data":836,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/wntheme.js?v=1766850855","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"60bdf4117f35d4dd14feb178af7f4c71","sha1":"2003798e6f9a60edb5374c3b01cdbaff9c649cbb","sha256":"cad017f5b61569bdd35060b114147c285cf6d8d2d4237cd5a3ad15eb736ff2b8","sha512":"d565b2537616ff17cfd333d605802b6878a14da23cc01af885de63c6ded24e5b390a278893abb20e859264986c28a1ea6cd6b3b32d278e281ad703f4b40959cf","ssdeep":"","tlshash":"3841e153dabe4c42622f40865656f4e8732c947300739eadf28c70a95f8c86e035eb79","size":2236,"data":"","first_seen":"2025-12-16T20:01:54.266129Z","last_seen":"2026-01-31T13:21:21.702953Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"38.225.209.250","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb592fbec479fcf86b148138d910bb35","sha1":"45ce0041ee6d4eee4ad3631c79803cfbe0dc48dc","sha256":"544e26b4c403cd52e0df7ab03a923a311ccef4a1d94b936dd6b566488ff9abd1","sha512":"2695d92d187d48260309cc4567d303bc8891bb5c63a475327a52efdd0b2011d2103deb942f81be5efc25f0acb9698035821c0fdde85d4d37bbf42ce219606a0c","ssdeep":"","tlshash":"2df09eef1b121525af8fc68b173f3a15a59da10f5881df09742dd1021fe0f6c222b9d4","size":493,"data":"","first_seen":"2025-12-17T23:26:10.099061Z","last_seen":"2026-01-31T13:21:21.717068Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/home.js?v=1766850855","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"85f42ef4e95aae5215b22b5f93b2068b","sha1":"cc2754e3130e779adc24935278dbb8651a12214e","sha256":"cbcd37a5cbf49c3c1e5a63613a2770458797cb5f94c17e7d644fe84a414769c2","sha512":"5299634b71ba0cb1eee36114fda95c3a25fd3c27ad3700aa92e1c33550305973bfa96f37d03d42c2845eb72c09491306fd3e76fbb3b94148923fccba5edb304d","ssdeep":"","tlshash":"8811ab135a66d64857c26fae4bcb2c0b93f4d34f085410fbaf7231ed9624dc11476e18","size":1000,"data":"","first_seen":"2025-03-05T19:45:29.856239Z","last_seen":"2026-04-04T18:59:48.550659Z","times_seen":174,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/jquery-3.3.1.min.js","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9a14b26aef8bba135e0749ec536f608","sha1":"096cbb5ce5fe7992c85f0bac682974196ad78d09","sha256":"cad9fc1485e97aca7816e5ef8406c7cb26648ee9fb2552e98c5dfc0e531474d4","sha512":"93abc3b0d3fd8546ba52c21dcaffdfaef6d29b8b931a8f6b1ed1d0739c86c6bbd4019c2b48dd77a36b7ec2061ccc21db9e0537a9234c4ad6205104ca61cb62d6","ssdeep":"","tlshash":"2611e59d3224f26d27ab10a4523b860ff2a1513c346d5453477dc8f4b8a58bf4227658","size":1000,"data":"","first_seen":"2023-04-29T08:43:09Z","last_seen":"2026-04-06T10:14:20.22457Z","times_seen":1694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"38.225.209.250","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-27T15:54:15.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /mob.html HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Sat, 27 Dec 2025 15:54:15 GMT\r\netag: W/\"6947bcc9-8b9\"\r\nlast-modified: Sun, 21 Dec 2025 09:24:25 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1346\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"b7193e97e8c4e09dfeec17143af5e3f9","sha1":"6c575d19397fa66f07a6b8c793996340bf63f96a","sha256":"f975f367fb20f2e8b94af78d2ce9a58583ebb7e1a80f77ce3013dd6f63ce2cd5","sha512":"2145076c20c0ca48d057a88233b160a14c13f46d50482806f7cfea569258b2fdfc5fbb2f88bb18f8b2413e4c79dc8866248f05e54dfb4c6d4962def6b9bb8be5","ssdeep":"","tlshash":"be4196d34ba685267d92d8503a522fd631ac9807e00bc76466f5a478cec0ea642333cc","first_seen":"2025-12-22T09:56:04.017029Z","last_seen":"2025-12-30T22:52:16.270914Z","times_seen":11,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.qrserver.com/v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F","fqdn":"api.qrserver.com","domain":"qrserver.com","tld":"com"},"ip":{"addr":"159.69.246.187","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-27T15:54:15.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qrserver.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 30 Nov 2025 22:44:12 GMT","end":"Sat, 28 Feb 2026 22:44:11 GMT"},"fingerprint":{"sha1":"FB:98:84:F2:6B:C0:3C:0D:9A:D7:8D:F1:D2:A1:53:57:78:23:7B:96","sha256":"2D:19:E3:19:2F:8A:F0:F8:B3:9E:9F:DB:F1:FF:A3:7D:12:3B:77:63:AB:D3:C4:48:C5:E4:9B:C4:AB:6E:70:94"}}},"request":{"raw":"GET /v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F HTTP/1.1\r\nHost: api.qrserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Dec 2025 15:54:16 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT\r\naccess-control-max-age: 7200\r\naccess-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 1-bit colormap, non-interlaced","md5":"28e7ddc2d3cd129cc1f8fcc7f50c1287","sha1":"48c82456e0fd8316ed7a9d3135f2518b2b6b774b","sha256":"a8930ab174d25927eb092cef404baa066cb14c32029ca2d9cbddb52e1e274d50","sha512":"448dad6db9d06a8e28f55b4beb5985e6c1fa0df984255ac1df2464e7968b7cf1728785a1556c3bf00d013ed579f8c4ca8a238e23e76dd2403f3f7723e063f3a9","ssdeep":"","tlshash":"4bf023c3f36350beb54480b5dd27446b829148a4a5f4411685ea4c3ec521a4f8dcc901","first_seen":"2025-12-19T11:42:55.834624Z","last_seen":"2025-12-30T03:07:19.989917Z","times_seen":10,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":105,"dns":14,"connect":24,"send":0,"wait":33,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/favicon.ico","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"38.225.209.250","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-27T15:54:16.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/mob.html\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/x-icon\r\ndate: Sat, 27 Dec 2025 05:48:03 GMT\r\netag: \"6933481e-fc4\"\r\nlast-modified: Sat, 27 Dec 2025 05:48:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4036,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e59ad0a9aefea690d92ffc6266516c6","sha1":"f82e7a5e38ad362b54a94522fd99963bc1515d27","sha256":"fa3958fb852fab1c92b41cbb3a1ad0c4487ee1cd1ef4712e6817fab8b8fde0eb","sha512":"3b4c28339115ca408dd153651ca8a2447b50788ff8499e51986f4062a8124e3145ef0d0ee9dbc36515be338d7cd0a21e1d6eb9725e9905454911af9c6d8827e0","ssdeep":"","tlshash":"a8817e69280b2a67e7f9a51b07360117ddf1a0ad62d7a88dc909c037bdee2b73086414","first_seen":"2025-12-05T22:31:48.407286Z","last_seen":"2026-02-14T16:06:52.824936Z","times_seen":254,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"38.225.209.250","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-27T15:54:14.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 27 Dec 2025 15:54:15 GMT\r\nserver: nginx\r\nset-cookie: think_var=zh-cn; path=/\nthink_var=zh-cn; path=/\nserver_name_session=c29c1bf587a2eaf4defcda57986b9127; Max-Age=86400; httponly; path=/\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":169248,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21047), with CRLF, LF line terminators","md5":"2409707e772c97c36c75668992067b97","sha1":"661acfd7b1e0f4271f3a26968019458d8ae139e4","sha256":"49b7ab6bbefd7b473d6f33279224cb71e64350ab49ef0857eb80051b01cd0563","sha512":"3a0c1dc4d8a6ef05484c37da6218632abd6f080c54c9bc2926e8399a67d0396c6795e6a67a13ac76f23cadea574e299dadb24740e5ad6f40b36d91b450c73d92","ssdeep":"1536:ypNeJjZfrQy+OXoSYs6VfVT42yAeoaJUxyMhDBFC3CWCUSxJiSrawckHO6jyAeze:0eJjZfrQyDXcb4fWc3jSx7++jh","tlshash":"28f3c55448d159b30a73c0e53ab81718f7969087c682ae37b4bd278b7fa4e1250ef39d","first_seen":"2025-12-27T15:54:39.156887Z","last_seen":"2025-12-27T15:54:39.156887Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":561,"dns":497,"connect":28,"send":0,"wait":221,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}