{"report_id":"2ca94bb8-2e67-415c-8b16-03403b00b8a4","version":6,"status":"done","tags":[],"date":"2025-10-26T08:04:21Z","url":{"schema":"http","addr":"i51.pro/","fqdn":"i51.pro","domain":"i51.pro","tld":"pro"},"ip":{"addr":"172.67.164.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"title":"51吃瓜 - 官方入口"},"submit":{"url":{"schema":"http","addr":"i51.pro/","fqdn":"i51.pro","domain":"i51.pro","tld":"pro"},"ip":{"addr":"172.67.164.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-30T08:04:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.cagzvck.com","ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-26T08:04:21.590459Z","last_seen":"2025-10-26T08:04:21.590459Z","alert_count":12,"request_count":12,"received_data":95143,"sent_data":5272,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-19T22:12:19.186805Z","alert_count":0,"request_count":1,"received_data":403184,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"i51.pro","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-26T08:04:21.596848Z","last_seen":"2025-10-26T08:04:21.596848Z","alert_count":0,"request_count":1,"received_data":942,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"i51.pro/","fqdn":"i51.pro","domain":"i51.pro","tld":"pro"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2d700982407c5d4377e22250f7bfb1c9","sha1":"37a154af00807b9e22986f1ba265176c89bd855c","sha256":"8c1d1ce2ebe0dcb72aa91d770f86ffc05ef52ed4594138f66e236c09da740c5d","sha512":"9b52562326d442e63a40ac6a029ec8be3110fbc0b6eee59f5e61c70c253c9a1e6094e40056b329887e7708dcac956cdd6b3c8a84851c6000adf01abb4d3a4d2f","ssdeep":"","tlshash":"aac08c463088900f109aa4af59b612e8566250731641ca2a002b34d7083c7caad7bf8e","size":169,"data":"","first_seen":"2025-10-26T08:04:26.9004Z","last_seen":"2025-10-26T08:04:26.9004Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f6dd845dbfe09a3501f7d1531324f15","sha1":"6597685f372bad602d0b8162ff47000bc8f3bde6","sha256":"f0522cea5ad7e49f6b80c4440b9179ad98875b34f76bfce7fb7e2616c4297d32","sha512":"299d37b32a35a6cac6b0f839c492757674ce60a2739f2f6334a9c380d660afc30ea2531458642a302254344c9b67287452c772ab903966c20ab4c06d3de9023b","ssdeep":"","tlshash":"cc31ceba265f188d49f82dc71e0f44cbddb69b201b2981f0db01a6519aeaa84040df45","size":1480,"data":"","first_seen":"2023-08-24T21:43:45Z","last_seen":"2026-05-16T20:23:09.428492Z","times_seen":233,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/js/Vx.js?t=v8","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3f6f4265759caee73de9d895280013f","sha1":"5aacea03d6a379e1624e2f73fd2ef978b619da92","sha256":"99327a2006fb63b91e8ada062cc929cc9c8c231cd0fb9df22bbff8989f517323","sha512":"9153176ec76997eb058a880f7bffaffb968d3f67681805e966d0196626c1e3117d89f2496adb2f91e74628784acaa04e29bbad926d63dc97eeaddc492ad0a919","ssdeep":"96:90DzSBzRoF6Z0+QKxUGxpx2CZvp7vvpwjOIYbmN0usDY1gEzb:9czuzRS627mPPNvvcOfPY1gEzb","tlshash":"dfa1da9d6eeb2054a297307c4eaf1044b574942b1c5adc44be4ca6d4df34a3842e9fed","size":4719,"data":"","first_seen":"2023-08-24T21:43:45Z","last_seen":"2026-05-16T20:23:09.415956Z","times_seen":253,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"2580008a208820008aa323a0002b2c8800a000b028808c808080e8a20ca2030220baac","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-05-16T22:12:32.736679Z","times_seen":311299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"2580008a208820008aa323a0002b2c8800a000b028808c808080e8a20ca2030220baac","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-05-16T22:12:32.736679Z","times_seen":311299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2R8P1Y2J84","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fe02ba48ca2b6d8006ec7694e9e096a","sha1":"eae77379b23ca4e37427dd38dcc77d3307172362","sha256":"0686f1123dc7635cd5829de6af868dbb447723e11c0ed42c88c4eb00184faa07","sha512":"312957b6c495f5332799b83cbc8d1f2c02ff0a1ea758084fd8880c2be25ffcd9112ef07eabfb49392ca9634c975aeebb3ddd7cb3e5c72562c7fdce590eaaf782","ssdeep":"6144:/vyJBX1784e9Z8nP57wr/s0s/+Kxxc20hYlGAL6KlhDjkN:/KJBl9e9Z8nP58DG/mYlZM","tlshash":"3584088e73d6746683d6f078503f018ba57b29a2b44cc895f189cce42e74a9a4277f7c","size":402580,"data":"","first_seen":"2025-10-26T08:04:26.892185Z","last_seen":"2025-10-26T08:04:26.892185Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"f71115a54ce711017fa723e20aab95aa","sha1":"1585cbb68de408759d3ce2d500828464f1644187","sha256":"50b6054eb65c6418255a9b3855fa038aeb13bb42280b7b8dfb6c2b552ed3135d","sha512":"ced970f89576dca00f201fc414a19dcdc2e45acdda2ba7069430369b4aa14da0f742b70178ee90b1fab3549e5cb6acc462ea6117f287785c12d6bcdb5c554dcc","ssdeep":"768:ht/qiIGGo1I9VkeA9VciDlJXXZR+xWlUfomtpfaD/g4S4tDMSO:/qiIo5DhSfxtpfaD/g4ntq","tlshash":"e4e25b17cd0b2d588760c55662ed2cd90e9d27cdb8c244de8a1bfbcac6ab13a91d50fc","size":31970,"data":"","first_seen":"2025-10-26T08:04:26.903801Z","last_seen":"2025-10-26T08:04:26.903801Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/js/isChina.js","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec686b95bd012348dff1e4a92b5deac8","sha1":"66f73e6f91d45b5b1d5691b9f7520fe443d19822","sha256":"178d09ecad8f0bd5b4c2f5b4d9348a65685a44d3543532ca506a24774bf4a8b1","sha512":"278b3a4315d5e69438ed3ec5f29685552b3e6c617bceb9a31bb79919227356ca460f1617c8dc76d2a009e6abd5b95a448bbbedb780ae58ce91fa4b54d520125a","ssdeep":"","tlshash":"cf51aa90c7761ca53891d84490ae9218315cd353dc88b45a7b2c3a4f1f3ee1fa7329be","size":3118,"data":"","first_seen":"2024-12-22T04:40:48.498942Z","last_seen":"2026-05-15T23:37:03.426128Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9f901e2ebe8a4fcf3a5bb940f4f16e02","sha1":"0f194dde98e9a75573316e3f71ca809e59b81b05","sha256":"e9e6aaa4ec58e2de584c31d1795a778a1508daccd381656b13ec285e21f7d807","sha512":"0ec50ea46fa47f967471a27bda6b2f7fc9b2941f453748a12686853dad7f23b2b2d8788d2a2fd4c8324d54581b0a738e84cfda3aa7550097902c95f9e9dc3f9d","ssdeep":"48:b/UBePAECfc0XHE0bvE7KPBtxOzgeR1Kg2AtFX8itcLbt1IAt41PC7dhKKgPmtc9:ujjU0048Kxs5Ked4bi/Kd3hZO","tlshash":"7fc12f46d9b3106292b770be175b9496e292611bf048dd1c3e0ccb810fd39b9e2ea7d8","size":5669,"data":"","first_seen":"2025-05-31T21:11:19.181993Z","last_seen":"2026-04-03T12:30:23.918635Z","times_seen":78,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b81443aabdd7e98127f1de703b4634f","sha1":"37c4d0c388ef0b2b5c48f3c93fb5478fb2db5d71","sha256":"23477a0770db675772788b0d8cba9b551e75969bff8e9b24752e71e9ca94d8f9","sha512":"d82f1656672ed199749ef87a233edccfb575d57acef3b6ac4d9237f0eca21194e18924e91f70ec8379e47877ef5e6c043efd5ec43e17bd6f121c40c0e161678b","ssdeep":"","tlshash":"3171d88de08908577f65223c1bae1244209c503bccbddc54baaf47945f930adb7d66ec","size":3739,"data":"","first_seen":"2025-10-26T08:04:26.906381Z","last_seen":"2025-10-26T08:04:26.906381Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"2580008a208820008aa323a0002b2c8800a000b028808c808080e8a20ca2030220baac","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-05-16T22:12:32.736679Z","times_seen":311299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"615768da6625a8732708e5bf124d88d3","sha1":"bfe93771549ff0ca78f5c3b89179f1969b176a0d","sha256":"c1dba1a1ba64b9a327266066e7be18cc82b1e0d086425573d612118b7fa995d1","sha512":"47bd2e130df17f7b44aa5e23397bde4abc905e3f5722fa5019d04357ff82cec5522a67e28207b2d6d346cfec7eca73a458df8288a152f879d191f613fd2e5450","ssdeep":"","tlshash":"d9e02b8ce10b0cb141fb37b08b7fb708b4023214e4d4a970480923044d30e0bd748830","size":414,"data":"","first_seen":"2025-05-31T21:11:19.183192Z","last_seen":"2026-04-03T12:30:23.919574Z","times_seen":78,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"447173fe896c205b11c4de7863f220ff","sha1":"dd44fb1e2fcc905262ed99a27e4ccd54891a89ae","sha256":"c6906814486808362ad94f51b4bd5f2d3c54b865f23cdd6bef584009f1f8757e","sha512":"d904d7b30714a436cc3a943cbd17541e0f14cff15af90f103a85ab2668bdd5f9d4efa858c203b5356b70164bedd0d45e9dadae57f9ee2536f580d3a312602809","ssdeep":"","tlshash":"b2f0596704a12c1e9210c2332ce4f0004f9279bbd38ae840788d385f0fc5fc895d765b","size":548,"data":"","first_seen":"2025-05-31T21:11:19.188317Z","last_seen":"2026-04-03T12:30:23.928803Z","times_seen":78,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"www.cagzvck.com/favicon.ico","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Wed, 06 Dec 2023 12:49:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nage: 2741\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p1YGU%2FEuyFjGPGZ4MrYAtMxNn2ypjFfA25759%2ByoYiZldcuXtgqEQ%2FyYlrhLp5%2BTx7AcIK8nZ%2B%2Bw%2FaLtNw%2Ff21rJ6NlEn7QQtnWu1%2Fc%3D\"}]}\r\netag: W/\"65706dc0-6d9\"\r\ncontent-encoding: br\r\ncf-ray: 994870bdbb1c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1753,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"afd5895f78ec26b8a309a6e571140864","sha1":"1b208f895a59d8dfa4279ef030c56094bb287857","sha256":"d6f9f03f25995aad8c17d5a01d11caf3c2933e48af79a57d5c6e18819f6154d9","sha512":"1a01c5c33cb0477b7ccce3647cfd6b89dc0f6652d03d57a92087d94c911a163149012c67e80277046739da58b1a424e70a3d70a62809f543e2fd9c01e3f6509f","ssdeep":"","tlshash":"37312bec4331476f096c059a668e8021abd24fc32273d70e2db7844264a4b1acaf7f1e","first_seen":"2024-08-19T13:16:33.988806Z","last_seen":"2026-04-23T17:16:31.289298Z","times_seen":88,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/js/isChina.js","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:03:59.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /js/isChina.js HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cagzvck.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:03:59 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 29 Oct 2024 12:44:52 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nage: 2743\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NXpvl1GyVnTu%2FVcVVtznbfg4yeWiI%2BhtbxcMnDUKFBSN%2FM11IzhKTLG%2BYaKUdHeOUu2dnbhngxCS9dCp8xskxwXordNjc1ftQGyaYFw%3D\"}]}\r\netag: W/\"6720d8c4-c2e\"\r\ncontent-encoding: br\r\ncf-ray: 994870bbe986568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3118,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"ec686b95bd012348dff1e4a92b5deac8","sha1":"66f73e6f91d45b5b1d5691b9f7520fe443d19822","sha256":"178d09ecad8f0bd5b4c2f5b4d9348a65685a44d3543532ca506a24774bf4a8b1","sha512":"278b3a4315d5e69438ed3ec5f29685552b3e6c617bceb9a31bb79919227356ca460f1617c8dc76d2a009e6abd5b95a448bbbedb780ae58ce91fa4b54d520125a","ssdeep":"","tlshash":"cf51aa90c7761ca53891d84490ae9218315cd353dc88b45a7b2c3a4f1f3ee1fa7329be","first_seen":"2024-12-22T04:40:48.498942Z","last_seen":"2026-05-15T23:37:03.426128Z","times_seen":97,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/images/book.png","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /images/book.png HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nserver: cloudflare\r\nlast-modified: Wed, 07 Aug 2024 14:34:42 GMT\r\netag: \"66b38602-24f\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ranges: bytes\r\nage: 2742\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FNmKlN7BfMy%2B35dA0SnHwlVhX3Uuz8i7oA%2FZfHjgk5%2FA1bkONCdWXj29Bbn62liN3dfMTP30K9rCaTdKUsT0qMYf355QdPuTgPqMC8Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870bbf994568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 67 x 66, 8-bit colormap, non-interlaced","md5":"abe67735591e57fc8ad6a2e4550b736f","sha1":"02b9a9786c4a1c071d287a85cca75c72d3c88a46","sha256":"a052199060d2cc2dcb7b7b09d60c8647c1c50ad680485458e0ef38487d748269","sha512":"5b2f8bcb72ca6a14d1821b528b7f77b4ade4284b28cb7c0f8e872cfce873d77f39a569ce95247b7ea7cc14b75529e5857734d7213e7cf5c9badbaf0e41ea3491","ssdeep":"","tlshash":"0df0acf5a7741be9286505b58573d2d76c2137dd21160049ad804c0b289c10e5bca7a6","first_seen":"2024-08-15T02:48:51Z","last_seen":"2026-05-15T23:37:03.42705Z","times_seen":225,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/images/x.png","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /images/x.png HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 873\r\nserver: cloudflare\r\nlast-modified: Tue, 06 Aug 2024 09:58:05 GMT\r\netag: \"66b1f3ad-369\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ranges: bytes\r\nage: 2743\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pyfalonLKZoV7R2f1AyutfiOZh6r7HbrjA%2FRsMZ6cd8bjc9Qavpe6KwdoJFZPSTQMKHHK2KvvTclWPEUnvxHCom20%2FQMj5Ikm1J5WZ4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870bbf997568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":873,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit colormap, non-interlaced","md5":"61610b159c08a4d237b81f16ad87bcba","sha1":"e59bb699c633f0217287c94939fcba72846f7dbf","sha256":"fe906e5d652b3eae678e93b52c4499db2db1b045cc014aab96d73a5b98553c5c","sha512":"07b9dece21e623b2b29e0602c02f50af1060aa1948408a4c7b44552e78b97774009954b7261aeaf83f57fe3abfa15c5e35e7825aa531f43bec3ce665227044a8","ssdeep":"","tlshash":"f011b3812740ce90cc8210a32d3ba1e7e81972ca64748a2d4e0290b889182f103e1f22","first_seen":"2024-08-15T02:48:51Z","last_seen":"2026-05-15T23:37:03.415964Z","times_seen":220,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/images/qq.png","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /images/qq.png HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 711\r\nserver: cloudflare\r\nlast-modified: Tue, 06 Aug 2024 09:58:05 GMT\r\netag: \"66b1f3ad-2c7\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ranges: bytes\r\nage: 2742\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jlOgboxdpx0sJMZyk%2FdFds%2FpnwS8ZkHkVUvfmIHyHF%2FSuUOhJu5LPKARpg3Ox3h6PpjlXsW4Clmqk5yYYA8FpOUAAiC%2Bo91BMyUWzOY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870bc099b568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit colormap, non-interlaced","md5":"178b7b2ddb8f5fd269b9aaffc72a457e","sha1":"494c0ef7ab2125b361fa8f03cef05afb7d8c8fdb","sha256":"811410e38327180d256de48a835c3b380dbacc2fe4598d3258c3b84e64a6a52f","sha512":"35d5fa8b8724b5dd0d4f96641b7585cbea37732e35b527f39072c70ca8c76cfb3f36fa1690eca5c95c731b3951cc0bad95f70301ae45d780cb57c4ec6e2054cd","ssdeep":"","tlshash":"760194832f6cdcbcc43ac717a3af62b3ccac08d628014d0e74900d2d90242c5432d6e7","first_seen":"2024-08-15T02:48:51Z","last_seen":"2026-05-15T23:37:03.420904Z","times_seen":214,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/images/telegram.png","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /images/telegram.png HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 761\r\nserver: cloudflare\r\nlast-modified: Tue, 06 Aug 2024 09:58:05 GMT\r\netag: \"66b1f3ad-2f9\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ranges: bytes\r\nage: 2742\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TDcSG81S9IaUDNaI%2BJC43X1c%2BpcL%2Bth4Erb%2BpxUIRNXGd1n6KEBEg6%2FMhYeF9uAV%2B3dvcNUWWo01lj7zf%2BgHan1eE8%2FEfOoKZ1LdVBg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870bc099e568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":761,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit colormap, non-interlaced","md5":"a650cdbde047ad02c29831c68559c0dc","sha1":"9b6bd7e30be31f378992589ffdbbe4b52096dcff","sha256":"f97131686ef4d7d1e0089b16dfb615dc5c9d5cc65176636fed6985929721881a","sha512":"8fe9a6d7b3a89612329d8f5671cb27751876e20a3dfbfa80d5d36e265d6a3bff80998dd8d44562b62575c7f38c2fdc1f08d2073324c5ba359d46b3f47b28e4c2","ssdeep":"","tlshash":"3c01b0c3af4e3ac8ce62a078023c4bc3cf78be282028c418a840890c49694bb4353cf2","first_seen":"2024-08-15T02:48:51Z","last_seen":"2026-05-15T23:37:03.428126Z","times_seen":1554,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/images/bg.png","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /images/bg.png HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 18163\r\nserver: cloudflare\r\nlast-modified: Tue, 06 Aug 2024 09:58:05 GMT\r\netag: \"66b1f3ad-46f3\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ranges: bytes\r\nage: 2742\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rIavqFz%2BpyWGEmEkt%2B%2F4MqC76mV2mpbbcHfMuAad9Gmg9H13BfK%2BU%2FGSG3sJ5yp7WEU%2F8OCtUkl%2Bg2dJaO1F8wJ1uAPLK8xCfKLW%2Bqc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870bc49ec568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18163,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 660 x 100, 8-bit colormap, non-interlaced","md5":"9e68670d51f6ab745992b0886db726b2","sha1":"692e81545646b72ea7257b3b6a985e2b6b55c1e5","sha256":"1baaeb1cd78f22ed3d46dcdfef40bc22dbf34889eb065804bab3c249b752b16b","sha512":"934e535a0cab9a8e2000728489c2556ed1d87f25dbcd05429886eb98ebad292fb836825463f80dc73c5f58bbd606f082ece7f650ace60c187740df9a47e3449f","ssdeep":"384:Ht/Bq3oDXcgX1jqhGaIqyUfPwnIH9X9VLdbDzi+iLQgWcJlD:HtJko5chFIqyUAnIdX9XvWQY","tlshash":"f382e1539e61d8fd835c84d2620de30e11ad7a034b709ea39856dbff49e06b728346a7","first_seen":"2024-08-19T13:16:33.987485Z","last_seen":"2026-05-15T23:37:03.422529Z","times_seen":112,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/logx.php?t=json\u0026u=W3sidCI6Ingtc3VjY2VzcyIsInUiOiJodHRwczovL2F3YXJlLnpqbGF5Y2NhLmNjIn0seyJ0IjoieC1zdWNjZXNzIiwidSI6Imh0dHBzOi8vYWlkcy56amxheWNjYS5jYyJ9LHsidCI6Ingtc3VjY2VzcyIsInUiOiJodHRwczovL2JhbmQuempsYXljY2EuY2MifV0%3D","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /logx.php?t=json\u0026u=W3sidCI6Ingtc3VjY2VzcyIsInUiOiJodHRwczovL2F3YXJlLnpqbGF5Y2NhLmNjIn0seyJ0IjoieC1zdWNjZXNzIiwidSI6Imh0dHBzOi8vYWlkcy56amxheWNjYS5jYyJ9LHsidCI6Ingtc3VjY2VzcyIsInUiOiJodHRwczovL2JhbmQuempsYXljY2EuY2MifV0%3D HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_2R8P1Y2J84=GS2.1.s1761465840$o1$g0$t1761465840$j60$l0$h0; _ga=GA1.1.925122773.1761465840\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/gif\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AfETRKHnjQJYCajA2nHhi0LUy2uYTgbmC74k0Nw4%2FMtTuFbRpPe6oZv0O4gaU5qgSgKouVGBPP52fya2RUYKndHYHWnnoeCok%2FEqvqs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870be1b65568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-16T22:10:44.120301Z","times_seen":354728,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/images/logo.png?v=2","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /images/logo.png?v=2 HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 21291\r\nserver: cloudflare\r\nlast-modified: Wed, 07 Aug 2024 11:40:02 GMT\r\netag: \"66b35d12-532b\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ranges: bytes\r\nage: 2743\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gg6%2BpAigLDZDQa15ICOrD1pRbvFFI9On2AVW4WoCfmppDweUWLqUn0RhR0jkBnf3fbP%2Bo6MnIy8sWhvg9dLfK4mSQQ51uAcw7hkv7Yg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870bbf991568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 450 x 230, 8-bit/color RGBA, non-interlaced","md5":"4d2e867770b2990d62915fbf95d65709","sha1":"4ee28dfea8f022b2407cb33cd8f80e04928bb79e","sha256":"d3d0e6f5633c5641d1e015d888b00ba61f66bfe3347869a9ed2ae51178be5f6f","sha512":"a92769791c3a844c5464d6cd8123f9287d30ab1f2ef701dfbc71a1e31a51a58d13b1309a1b62c50b9cfef5b95166cc7759ca821c24a61f42786195fa02ffbd3a","ssdeep":"384:AmmLessm/vP1Q18wRRPG03XZegJViSgrH3mhg3/92VB58UOtAYwe8iLA:Ama9/1Q18urAgOSM3mhgmwUejwe8F","tlshash":"e3a2e229eaf05d9fe7afaaf404c8bc53f72105809ee1bb0f079a84213d536b7b255520","first_seen":"2024-08-19T13:16:33.986303Z","last_seen":"2026-04-03T12:30:23.9125Z","times_seen":84,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/images/github.png","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /images/github.png HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 755\r\nserver: cloudflare\r\nlast-modified: Tue, 06 Aug 2024 09:58:05 GMT\r\netag: \"66b1f3ad-2f3\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccept-ranges: bytes\r\nage: 2742\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XFzltApTDth9EV6TpBtbOS4ciHNTw47eueAXHNxQePT35WrNYPhEEmLE92SfbUlg6%2FVhtEM0BAiXkaBsao7cQsSXwxwTqg2%2FgcQULu8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 994870bc099d568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":755,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit colormap, non-interlaced","md5":"1a5d708db96b0c3e512038a4e53b3556","sha1":"97941c6df9b3ecf0c8d5caf774f7fa644d492af2","sha256":"13c46e2030633a5cbdc57a7b9c091fe46441eaeded277bda22eaa3cda0f36bfc","sha512":"761e3574607d5a82cbe1826d4c4816a531cc4d320c95da3ad76e26f5ce78d6605b23bacafc02d232bc098d9e9d3b1765ec0ecb8bcd22fa897f8384e42f007137","ssdeep":"","tlshash":"d50125802134f88c8a358666463e6183f83471727d6bb58ad6105823bb4c90ae3c2b42","first_seen":"2024-08-15T02:48:51Z","last_seen":"2026-05-15T23:37:03.421618Z","times_seen":188,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-2R8P1Y2J84","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:04:00.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Oct 2025 14:32:04 GMT","end":"Wed, 24 Dec 2025 14:32:03 GMT"},"fingerprint":{"sha1":"D7:8C:7A:D0:97:B6:11:02:45:69:BD:62:90:53:49:F8:8D:01:20:26","sha256":"F3:B2:48:55:BA:37:4F:37:37:83:8F:61:8F:04:B7:1F:E7:6F:4D:1A:D6:71:F7:BA:2C:E5:C4:45:B8:D7:B7:7E"}}},"request":{"raw":"GET /gtag/js?id=G-2R8P1Y2J84 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.cagzvck.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 26 Oct 2025 08:04:00 GMT\r\nexpires: Sun, 26 Oct 2025 08:04:00 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 136717\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":402580,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"8fe02ba48ca2b6d8006ec7694e9e096a","sha1":"eae77379b23ca4e37427dd38dcc77d3307172362","sha256":"0686f1123dc7635cd5829de6af868dbb447723e11c0ed42c88c4eb00184faa07","sha512":"312957b6c495f5332799b83cbc8d1f2c02ff0a1ea758084fd8880c2be25ffcd9112ef07eabfb49392ca9634c975aeebb3ddd7cb3e5c72562c7fdce590eaaf782","ssdeep":"6144:/vyJBX1784e9Z8nP57wr/s0s/+Kxxc20hYlGAL6KlhDjkN:/KJBl9e9Z8nP58DG/mYlZM","tlshash":"3584088e73d6746683d6f078503f018ba57b29a2b44cc895f189cce42e74a9a4277f7c","first_seen":"2025-10-26T08:04:26.892185Z","last_seen":"2025-10-26T08:04:26.892185Z","times_seen":1,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":54,"dns":1,"connect":7,"send":0,"wait":27,"receive":24,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i51.pro/","fqdn":"i51.pro","domain":"i51.pro","tld":"pro"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-26T08:03:58.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"i51.pro","organization":""},"issuer":{"commonName":"Cloudflare TLS Issuing ECC CA 1","organization":"CLOUDFLARE, INC."},"validity":{"start":"Mon, 08 Sep 2025 07:46:48 GMT","end":"Sun, 07 Dec 2025 07:54:38 GMT"},"fingerprint":{"sha1":"15:20:A0:B5:E9:B2:4B:8B:D9:C5:AE:58:B8:62:7B:C4:A7:02:2F:67","sha256":"35:69:37:42:30:50:BF:88:44:8B:78:36:F9:B8:93:6F:DE:EF:D7:B3:C3:F4:40:56:B5:99:42:00:75:F9:22:5F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: i51.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Oct 2025 08:03:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.3.33\r\np3p: CP=\"CAO PSA OUR\"\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bCRgLGiQM8S%2FU%2BDYu4OaDvX6HX68yyoQMaNSZjP6EgnaQglFOiYt4msnwNiwVcj%2FQSApNVB92%2FkNLc4wW2frN1Lyk2FAkvI%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 994870b3e9bc0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":307,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (301), with no line terminators","md5":"ae1d9fc3a536d6fd24fda669b97e60b6","sha1":"6280d5de385daf10e4c8beccdacb78522124267b","sha256":"ace6a0d8a6cd0e9fd6c07e5abdcbaaba101319bb184149c29831f843466b4d9c","sha512":"b38f82e03cfeba1f6667b8bc8548e1d8baf2a7d42b41f31ef9718e3884891774f0d19f2a6cf8d4493443c4d776ad0181f4155e2ef62b7a592a7c4ccf835e1d2e","ssdeep":"","tlshash":"09e07d963884c04e156699972cf6a3ec455b50a60e41c91504db20f9001c7c69c37bca","first_seen":"2025-10-26T08:04:26.894975Z","last_seen":"2025-10-26T08:04:26.894975Z","times_seen":1,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":46,"dns":25,"connect":1,"send":0,"wait":411,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-26T08:03:59.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://i51.pro/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Oct 2025 08:03:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B0K2%2F8%2FeTam02uwNWZJTC2MzWix83uo3KxkFcj0dPJR9UUU1P2vX83bz5MCWoHzs70phXtItl1t%2FSsYMFA2lmMrFj3aPd0M5%2FS03EKg%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 994870b80ebd0b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33514,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (32016)","md5":"49278922fde1819a7b20dd79eca8dc1b","sha1":"e64152ea2283318626738e5dce241e6ccabe5216","sha256":"aed25959e335ea1e03642e788b196dbe94064b9d119b800ecafced878daae15e","sha512":"34030b950b9c00ebe1389a7f04e9b68f01173f8b45e55c18556921840d76e5ec6fde06d89bfbb49c1ffedae921242b34d1f5ec94426ebf022f7eac5bd2accfaf","ssdeep":"768:e5Et/qiIGGo1I9VkeA9VciDlJXXZR+xWlUfomtpfaD/g4S4tDMSO:e5+qiIo5DhSfxtpfaD/g4ntC","tlshash":"dbe24a2bcd0b2d4887a0844366ed1cd90e9d17cd78d244de8a1bfbcac6ab53a94d45fc","first_seen":"2025-10-26T08:04:26.89719Z","last_seen":"2025-10-26T08:04:26.89719Z","times_seen":1,"resource_available":false,"data":null}},"time_used":571,"timings":{"blocked":83,"dns":65,"connect":1,"send":0,"wait":402,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cagzvck.com/js/Vx.js?t=v8","fqdn":"www.cagzvck.com","domain":"cagzvck.com","tld":"com"},"ip":{"addr":"154.207.127.18","port":443,"asn":0,"as":"","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.cagzvck.com/","date":"2025-10-26T08:03:59.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cagzvck.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 24 Oct 2025 09:24:00 GMT","end":"Thu, 22 Jan 2026 10:22:27 GMT"},"fingerprint":{"sha1":"DC:B5:3F:06:81:6D:FC:83:0E:6E:77:93:8E:EE:AD:0D:5C:57:32:E4","sha256":"F2:13:B6:FC:99:1C:B6:A9:20:6A:B1:4D:80:0D:18:8B:55:35:08:8C:7C:F8:DF:3D:B5:DD:36:E2:69:E5:30:43"}}},"request":{"raw":"GET /js/Vx.js?t=v8 HTTP/1.1\r\nHost: www.cagzvck.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Oct 2025 08:03:59 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 01 Aug 2023 15:48:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nage: 2743\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Be48QvyNo1RuHjUPOHZvHSkeb4hNYJjQXwOBa5yJ9wm%2B7g38iHUjPynsUdvqirnHuCf2DIscDKWIDGAxSMu6h%2FU8wJ1nM1ovy7wFW8%3D\"}]}\r\netag: W/\"64c92933-126f\"\r\ncontent-encoding: br\r\ncf-ray: 994870bbe983568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4719,"size_decoded":0,"mime_type":"application/javascript","magic":"Apache Avro version 101","md5":"a3f6f4265759caee73de9d895280013f","sha1":"5aacea03d6a379e1624e2f73fd2ef978b619da92","sha256":"99327a2006fb63b91e8ada062cc929cc9c8c231cd0fb9df22bbff8989f517323","sha512":"9153176ec76997eb058a880f7bffaffb968d3f67681805e966d0196626c1e3117d89f2496adb2f91e74628784acaa04e29bbad926d63dc97eeaddc492ad0a919","ssdeep":"96:90DzSBzRoF6Z0+QKxUGxpx2CZvp7vvpwjOIYbmN0usDY1gEzb:9czuzRS627mPPNvvcOfPY1gEzb","tlshash":"dfa1da9d6eeb2054a297307c4eaf1044b574942b1c5adc44be4ca6d4df34a3842e9fed","first_seen":"2023-08-24T21:43:45Z","last_seen":"2026-05-16T20:23:09.415956Z","times_seen":253,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-26","alert":"Sinkholed","trigger":"www.cagzvck.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}