{"report_id":"579fabd7-ba16-4b7a-89ae-baa5c2d1d164","version":6,"status":"done","tags":[],"date":"2025-12-19T11:42:53Z","url":{"schema":"http","addr":"cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"46.202.208.18","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"title":"访问提示","dom":{"size":2323,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"85fae951f0d1b03cae2bfc21011d6de7","sha1":"261cd3e563162f204e249389be2150eaba31c25a","sha256":"e65781519950adb277029c3b3ad274c94c6cf2ac1580d00da89d9c31df9ef1f8","sha512":"4696aabec4e6517586b0970f52ba2fc83fa302850ec9dbbe4511bc735e703da4924cd8693a33f65a870dbdc73c171396c0c49b5c993c76235fb18af91ab678c2","ssdeep":"","tlshash":"9441a7d35ba68426bd92d49079522f8631acd807e40ac7a476b5a569cec0eb7423338c","dom_hash":"domhash9f56b4cf3fd7b1f4dab033f1c1ced99b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"46.202.208.18","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-23T11:42:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-19","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cav10.com","ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"domain_registered":"2025-12-11","domain_rank":0,"first_seen":"2025-12-18T05:22:23.700643Z","last_seen":"2025-12-18T05:22:23.700644Z","alert_count":5,"request_count":5,"received_data":192579,"sent_data":2652,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"api.qrserver.com","ip":{"addr":"159.69.246.187","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2009-05-16","domain_rank":342339,"first_seen":"2012-06-20T10:01:45Z","last_seen":"2025-12-18T23:58:19.150876Z","alert_count":0,"request_count":1,"received_data":836,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb592fbec479fcf86b148138d910bb35","sha1":"45ce0041ee6d4eee4ad3631c79803cfbe0dc48dc","sha256":"544e26b4c403cd52e0df7ab03a923a311ccef4a1d94b936dd6b566488ff9abd1","sha512":"2695d92d187d48260309cc4567d303bc8891bb5c63a475327a52efdd0b2011d2103deb942f81be5efc25f0acb9698035821c0fdde85d4d37bbf42ce219606a0c","ssdeep":"","tlshash":"2df09eef1b121525af8fc68b173f3a15a59da10f5881df09742dd1021fe0f6c222b9d4","size":493,"data":"","first_seen":"2025-12-17T23:26:10.099061Z","last_seen":"2026-01-31T13:21:21.717068Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/wntheme.js?v=1766144552","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"60bdf4117f35d4dd14feb178af7f4c71","sha1":"2003798e6f9a60edb5374c3b01cdbaff9c649cbb","sha256":"cad017f5b61569bdd35060b114147c285cf6d8d2d4237cd5a3ad15eb736ff2b8","sha512":"d565b2537616ff17cfd333d605802b6878a14da23cc01af885de63c6ded24e5b390a278893abb20e859264986c28a1ea6cd6b3b32d278e281ad703f4b40959cf","ssdeep":"","tlshash":"3841e153dabe4c42622f40865656f4e8732c947300739eadf28c70a95f8c86e035eb79","size":2236,"data":"","first_seen":"2025-12-16T20:01:54.266129Z","last_seen":"2026-01-31T13:21:21.702953Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/jquery-3.3.1.min.js","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9a14b26aef8bba135e0749ec536f608","sha1":"096cbb5ce5fe7992c85f0bac682974196ad78d09","sha256":"cad9fc1485e97aca7816e5ef8406c7cb26648ee9fb2552e98c5dfc0e531474d4","sha512":"93abc3b0d3fd8546ba52c21dcaffdfaef6d29b8b931a8f6b1ed1d0739c86c6bbd4019c2b48dd77a36b7ec2061ccc21db9e0537a9234c4ad6205104ca61cb62d6","ssdeep":"","tlshash":"2611e59d3224f26d27ab10a4523b860ff2a1513c346d5453477dc8f4b8a58bf4227658","size":1000,"data":"","first_seen":"2023-04-29T08:43:09Z","last_seen":"2026-04-27T10:01:58.491148Z","times_seen":1753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/home.js?v=1766144552","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"85f42ef4e95aae5215b22b5f93b2068b","sha1":"cc2754e3130e779adc24935278dbb8651a12214e","sha256":"cbcd37a5cbf49c3c1e5a63613a2770458797cb5f94c17e7d644fe84a414769c2","sha512":"5299634b71ba0cb1eee36114fda95c3a25fd3c27ad3700aa92e1c33550305973bfa96f37d03d42c2845eb72c09491306fd3e76fbb3b94148923fccba5edb304d","ssdeep":"","tlshash":"8811ab135a66d64857c26fae4bcb2c0b93f4d34f085410fbaf7231ed9624dc11476e18","size":1000,"data":"","first_seen":"2025-03-05T19:45:29.856239Z","last_seen":"2026-04-27T01:11:21.127404Z","times_seen":177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-19T11:42:31.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 19 Dec 2025 11:42:33 GMT\r\nserver: nginx\r\nset-cookie: think_var=zh-cn; path=/\nthink_var=zh-cn; path=/\nserver_name_session=c29c1bf587a2eaf4defcda57986b9127; Max-Age=86400; httponly; path=/\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":181620,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21047), with CRLF, LF line terminators","md5":"ee04af3ce1511f2b8505a8f64a8c0498","sha1":"41a494f086df42c7cd1e60a66e5bf787d4ad27d4","sha256":"9e5199eb4c270e03a90e9a18a214b94efc69df34cc0739bafbe2b86fc203fc73","sha512":"7bb875ed247c3528c9b5c8bb89e7245f23e49a011b3a1afe572b65a896090b9e808758a6adda3095f9c02562382c9b6a0e92acebec2c80893d71b5c57e721486","ssdeep":"1536:3yljZfrQy+OXX6VrVZ6AfvwuTR1zokfvSr+6SvM5D6lHjWar5D6lHjWaYh:3yljZfrQyDXRMU0ll0l6h","tlshash":"8704d45458d158b31b7bc1d27da4176cf7968087c681ae27b9bc378b7fa4e0280af25c","first_seen":"2025-12-19T11:42:55.832727Z","last_seen":"2025-12-19T11:42:55.832727Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2820,"timings":{"blocked":737,"dns":628,"connect":43,"send":0,"wait":1344,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-19","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/images/video.png","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/","date":"2025-12-19T11:42:34.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /template/cav10.com/asset/images/video.png HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Fri, 19 Dec 2025 08:14:46 GMT\r\netag: W/\"690382cc-7ad\"\r\nexpires: Sun, 18 Jan 2026 08:14:46 GMT\r\nlast-modified: Fri, 19 Dec 2025 08:14:46 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1712\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1965,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"7e3c0651d41293376aefd9c5fd3992ca","sha1":"034b668192c896f01291974839881f79cd68a8a0","sha256":"cfecf8ddacbf3e38bdd886434e4c2c6d471641ea7648be892e580ca11f4fb552","sha512":"39b8e96e488451c629cd2a8c29c1422f17c5b2bf0076d7b980d280f993bda4887b80cdf0ab2a277d5977278cb6f9f0fcae6c440ffaf3d33c9a7098d26738bf0d","ssdeep":"","tlshash":"7041ca05eea2ac89a291fa0268db14639b59498c9fc0d26fadc8cca31c319d95c5dcd7","first_seen":"2025-03-02T01:36:31.985825Z","last_seen":"2026-04-19T16:07:48.613264Z","times_seen":45,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-19","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.qrserver.com/v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F","fqdn":"api.qrserver.com","domain":"qrserver.com","tld":"com"},"ip":{"addr":"159.69.246.187","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-19T11:42:34.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qrserver.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 30 Nov 2025 22:44:12 GMT","end":"Sat, 28 Feb 2026 22:44:11 GMT"},"fingerprint":{"sha1":"FB:98:84:F2:6B:C0:3C:0D:9A:D7:8D:F1:D2:A1:53:57:78:23:7B:96","sha256":"2D:19:E3:19:2F:8A:F0:F8:B3:9E:9F:DB:F1:FF:A3:7D:12:3B:77:63:AB:D3:C4:48:C5:E4:9B:C4:AB:6E:70:94"}}},"request":{"raw":"GET /v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F HTTP/1.1\r\nHost: api.qrserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 19 Dec 2025 11:42:34 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT\r\naccess-control-max-age: 7200\r\naccess-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 1-bit colormap, non-interlaced","md5":"28e7ddc2d3cd129cc1f8fcc7f50c1287","sha1":"48c82456e0fd8316ed7a9d3135f2518b2b6b774b","sha256":"a8930ab174d25927eb092cef404baa066cb14c32029ca2d9cbddb52e1e274d50","sha512":"448dad6db9d06a8e28f55b4beb5985e6c1fa0df984255ac1df2464e7968b7cf1728785a1556c3bf00d013ed579f8c4ca8a238e23e76dd2403f3f7723e063f3a9","ssdeep":"","tlshash":"4bf023c3f36350beb54480b5dd27446b829148a4a5f4411685ea4c3ec521a4f8dcc901","first_seen":"2025-12-19T11:42:55.834624Z","last_seen":"2025-12-30T03:07:19.989917Z","times_seen":10,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":156,"dns":62,"connect":28,"send":0,"wait":27,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/favicon.ico","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-19T11:42:34.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/mob.html\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/x-icon\r\ndate: Fri, 19 Dec 2025 08:10:24 GMT\r\netag: \"6933481e-fc4\"\r\nlast-modified: Fri, 19 Dec 2025 08:10:24 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4036,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e59ad0a9aefea690d92ffc6266516c6","sha1":"f82e7a5e38ad362b54a94522fd99963bc1515d27","sha256":"fa3958fb852fab1c92b41cbb3a1ad0c4487ee1cd1ef4712e6817fab8b8fde0eb","sha512":"3b4c28339115ca408dd153651ca8a2447b50788ff8499e51986f4062a8124e3145ef0d0ee9dbc36515be338d7cd0a21e1d6eb9725e9905454911af9c6d8827e0","ssdeep":"","tlshash":"a8817e69280b2a67e7f9a51b07360117ddf1a0ad62d7a88dc909c037bdee2b73086414","first_seen":"2025-12-05T22:31:48.407286Z","last_seen":"2026-02-14T16:06:52.824936Z","times_seen":254,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-19","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/wntheme41/asset/images/play.png","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/","date":"2025-12-19T11:42:34.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /template/wntheme41/asset/images/play.png HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Fri, 19 Dec 2025 08:14:46 GMT\r\netag: W/\"690382cc-476\"\r\nexpires: Sun, 18 Jan 2026 08:14:46 GMT\r\nlast-modified: Fri, 19 Dec 2025 08:14:46 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1103\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"80fec6f006f07202c2aeb5534d67e8b4","sha1":"307583d5c0582015f9a3235d7cd55dd2835b877d","sha256":"a8241f53955bdb514662cd4d3e8079b71bc00684932efd5442edd8252460e407","sha512":"349843f1c0261d61c3ac552cfed58e4520371751baa5913eb10f7ac988d829c1a4aab3dc73defa80ed3fe3b95b55d2493acc433dde6ef78c17fdb4df5ce3c67a","ssdeep":"","tlshash":"6d21c661f729b290d79c173591f4b680e87ba7ad3ca30020dc55f52d782a68d3c9c2cc","first_seen":"2024-08-20T12:35:14.602369Z","last_seen":"2026-03-27T05:50:39.452996Z","times_seen":40,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-19","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":443,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-19T11:42:34.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /mob.html HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Fri, 19 Dec 2025 08:26:07 GMT\r\netag: W/\"6942bf65-8b8\"\r\nlast-modified: Fri, 19 Dec 2025 08:26:07 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1346\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2232,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"e6bda14384482790d0afa917fc71b5ea","sha1":"fbcf910270a85d233ad1358fc61f79383d3e0634","sha256":"1b3de5a79b15389d97aa3c3edc1779193cf5b97ed25ed9d9c9a83facc773daa7","sha512":"b641f8c7a42ca0d1c41974da9ec6685887ee46b4dc2c0658d5ee0c99806bc0f1598b79d7e712303ca8ed9c46c974bd1300cdd5fd54f3916ee2710f5c229c2419","ssdeep":"","tlshash":"c84196d347a685267d92d8503a522fd6319cd807e00bc76466f5a478cec0ea642333cc","first_seen":"2025-12-17T23:26:10.09739Z","last_seen":"2025-12-21T01:19:01.556638Z","times_seen":8,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-19","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}