{"report_id":"9a1b3089-c322-4d02-a5ef-bc2b73c4f94f","version":6,"status":"done","tags":[],"date":"2025-12-29T05:29:25Z","url":{"schema":"http","addr":"Cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"title":"访问提示","dom":{"size":2324,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2377e98351983f39740376553a583c6e","sha1":"2e9014152e0e937ecfbd471c443887dbc7e06354","sha256":"e2ef10f6b8eec6060d58a1ad1d12e4a01625317a16b4e9c0669c478fd1b6a32d","sha512":"f19492b43a2540161b244fbe00bdb848d868cb7f10868daeb5228d280fc8a2a60d1fe86683cf8ab2b67e518418b84900e332c7e6b3db9f2863213a88582e562a","ssdeep":"","tlshash":"2e4198d31ba69427bd92d45079522fd631acd807e40ac7a476f5a569cec0eb742333cc","dom_hash":"domhash9f56b4cf3fd7b1f4dab033f1c1ced99b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"Cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-02T05:29:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-29","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cav10.com","ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"domain_registered":"2025-12-11","domain_rank":0,"first_seen":"2025-12-18T05:22:23.700643Z","last_seen":"2025-12-25T16:43:12.833779Z","alert_count":24,"request_count":6,"received_data":198731,"sent_data":3190,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.qrserver.com","ip":{"addr":"88.99.85.235","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2009-05-16","domain_rank":342339,"first_seen":"2012-06-20T10:01:45Z","last_seen":"2025-12-26T05:26:46.676487Z","alert_count":0,"request_count":1,"received_data":836,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"584ae2fedc46b10d8b3b101a36fc7809","sha1":"a9decf3d19db783c1b8786175792f02a862e1bd3","sha256":"6445451aa000ca5ac7d44b7967f247e9a6908a106bb2263af1c6d4233ddfa0f0","sha512":"53471fd769a33bf2d40ca58c827153e53a46e6b06894867df5c74dba1604d0e2c29b3e1fe225efe6d1b93ed1de739657348d6d5e7cb3c9586a56a1c101553828","ssdeep":"","tlshash":"feb012140f1f2042484331c146096c2002ff2552417f4f94c5049f04c14e1a003080d4","size":98,"data":"","first_seen":"2025-12-26T18:39:19.836446Z","last_seen":"2025-12-30T03:07:19.991869Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c1feb8c0c0c70a0f78752c3a78d07329","sha1":"cd1de3b73077804da951f7fa662c5e8b384f97e7","sha256":"910dbe1447e0cbb9eade9a25e45cd09d9f8ab9a47c4c7e7ca30dd4e90dfe5656","sha512":"d15300d6952b22e00b1b277bebde8ef4545181874a4ab68a77b8640b232b9efd501fc48a6abc420872e272270d8580b1ad13c1f69a151778f7e3ffbb67e0476f","ssdeep":"192:kTJPZ+oN/BDFT0f/6NLnE4MZs/aaH0pyxv7qzUeBFFGr7rQy+O/2Qv2mIYAoGg:k1PrFAsLXZcFwfrQy+O/AmILG","tlshash":"b39260cfea8e093560ff93cdcc591b7f82d2492262e3c07ad0f65b4937546a8d112a29","size":21090,"data":"","first_seen":"2025-12-29T05:29:27.784147Z","last_seen":"2025-12-29T05:29:27.784147Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ceb5f4f7add8c9d2e5df84d5c01893b2","sha1":"7cf2f0e3826e585a159d26ba828502fde7d4d621","sha256":"e180160993da14cf48e16ae9387167234854cb11e060a7a165090040b0ddb17c","sha512":"548a3a5c8c5c341f6e31a05434f493a48c25aaad8efd1bdd163d604d43335b22e6353fba3d88feedefef0316d1b29e1692c2c4537a06f2e669fe7000ee4c697a","ssdeep":"","tlshash":"138000e008bec030208ac000c80a0002288aaf02800220833c08032f8cc0ea0c8320ac","size":32,"data":"","first_seen":"2025-07-04T12:12:16.373177Z","last_seen":"2026-03-27T05:50:39.471525Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dbcd8f29592548b53ea78d42e1071361","sha1":"5e7f77f14f6119ddb7e55ffada43ce72f30ee44a","sha256":"e4d6fcc951d060b75c62051239799bcc59d1968272aeb3aeebc25d370ac8d3f8","sha512":"a003cd0acab5e5aef36b8d8a58099fb17dff354135d892f195b6682806e9e5cba024d5227896dbb73634573953d45636f26e6a6f13b8252f6a1c2d660b083ec3","ssdeep":"","tlshash":"5cf097bf5c41a6586aeb28ad97abd649c06f1068140fd803a5d5c4cd2c3cfc8042134c","size":493,"data":"","first_seen":"2025-12-26T18:39:19.839111Z","last_seen":"2026-01-17T12:55:12.55872Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"cafa5b002cbbbe70940abf956a8c884d","sha1":"aa465b0ed57e29bcd4b7be6370976d7754c7011c","sha256":"5b8d90cea924949f9a763d28d6f4fd357a7e22c3eb8e59adcbe89f52d5085b7c","sha512":"590c11b3c82358dfdedf89c057d3f5933c1118b746e24386c249aa0953bdeed1cbc1c1ebc085c3d47dc566e2217b1a8f72dd0fd506570a4cfbbd17b241a58a86","ssdeep":"","tlshash":"fce0721a30c2403a12b348ba33f7910a2662370fc48ecb127a9fc4a62f24ca50506a4c","size":309,"data":"","first_seen":"2025-12-26T18:39:19.840415Z","last_seen":"2026-01-31T13:21:21.738411Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/wntheme.js?v=1766986139","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"60bdf4117f35d4dd14feb178af7f4c71","sha1":"2003798e6f9a60edb5374c3b01cdbaff9c649cbb","sha256":"cad017f5b61569bdd35060b114147c285cf6d8d2d4237cd5a3ad15eb736ff2b8","sha512":"d565b2537616ff17cfd333d605802b6878a14da23cc01af885de63c6ded24e5b390a278893abb20e859264986c28a1ea6cd6b3b32d278e281ad703f4b40959cf","ssdeep":"","tlshash":"3841e153dabe4c42622f40865656f4e8732c947300739eadf28c70a95f8c86e035eb79","size":2236,"data":"","first_seen":"2025-12-16T20:01:54.266129Z","last_seen":"2026-01-31T13:21:21.702953Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/jquery-3.3.1.min.js","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-04T14:50:17.301576Z","times_seen":118203,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/home.js?v=1766986139","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"44dfc073c5c3247fe10076e31bebd0f8","sha1":"d3182755b5b6ed5766746a53c85749588aca1ada","sha256":"a7bc246afae2c42df0dc4abd2703271cbeea5cdbbdb1d314e34937579b4e17bb","sha512":"e4dff093c15fc6a16f9379f73d67ce9fddd776bebde48b9bac9f0c4310c9b24563a9d002bd91ed4e5d3d09037e10d03350b6196a2c134e7812902f6ad2b82d1a","ssdeep":"768:hR0cTTu8eIbZLbhpa6aEb7z9SsbhbeA5gr9GpSo5E7Iw4TQv5:hRZXdep6vRpG5","tlshash":"3c03a45d7af3142050b3317a4fbf69082276815f190ddd88fe2d11a48fc4a4eba66bbd","size":38346,"data":"","first_seen":"2025-06-30T06:03:39.440742Z","last_seen":"2026-03-27T05:50:39.456969Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"80321646564352f5cd84666ba1c5660f","sha1":"a35cc47b9532a90b25ecd74e4dd9566e83f2d1f4","sha256":"9f1d2dc3efac552941ab1200a0279ac59d4f72b5e20cd055c0f2cbada98ecc77","sha512":"1edee16abc7030bbf89b444b8a1cbc8154107338db8bef8093aaa7685295a0b7cfa92e3a134bfa900e44037b72d9e57a8b8ff0cf2e748d0ab90d88c441eba8c3","ssdeep":"","tlshash":"a4f020b73c894134c7b712652bbb9148313e252f340ead15f54c18623f9086108bb92c","size":572,"data":"","first_seen":"2025-12-26T18:39:19.841183Z","last_seen":"2025-12-30T03:07:19.996703Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eeccbbea7c900822d394cb47b074f417","sha1":"e488f43fffe6c86c5992fb01acfacd85a505678d","sha256":"a0d1345f975b1fdb581ac0d3bf87b7f75a918fbf0d56eae1599ee69fa8ab782d","sha512":"ef54d613f0ea55f603dade0590fef4251198890ad3f1c290012bd6e96eaf5b25ac6ef7f75eda204be709c8daba9c43377e3d9d688f8cb14f06441c92b511184a","ssdeep":"","tlshash":"c21145cd55ee90994a2220287f5f2424307684ab02268241fd0e46052fc932e437fbee","size":946,"data":"","first_seen":"2025-12-18T13:44:59.878474Z","last_seen":"2026-01-31T13:21:21.742455Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb592fbec479fcf86b148138d910bb35","sha1":"45ce0041ee6d4eee4ad3631c79803cfbe0dc48dc","sha256":"544e26b4c403cd52e0df7ab03a923a311ccef4a1d94b936dd6b566488ff9abd1","sha512":"2695d92d187d48260309cc4567d303bc8891bb5c63a475327a52efdd0b2011d2103deb942f81be5efc25f0acb9698035821c0fdde85d4d37bbf42ce219606a0c","ssdeep":"","tlshash":"2df09eef1b121525af8fc68b173f3a15a59da10f5881df09742dd1021fe0f6c222b9d4","size":493,"data":"","first_seen":"2025-12-17T23:26:10.099061Z","last_seen":"2026-01-31T13:21:21.717068Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/images/video.png","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/","date":"2025-12-29T05:29:00.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /template/cav10.com/asset/images/video.png HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Mon, 29 Dec 2025 04:50:13 GMT\r\netag: W/\"690382cc-7ad\"\r\nexpires: Wed, 28 Jan 2026 04:50:13 GMT\r\nlast-modified: Mon, 29 Dec 2025 04:50:13 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1712\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1965,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"7e3c0651d41293376aefd9c5fd3992ca","sha1":"034b668192c896f01291974839881f79cd68a8a0","sha256":"cfecf8ddacbf3e38bdd886434e4c2c6d471641ea7648be892e580ca11f4fb552","sha512":"39b8e96e488451c629cd2a8c29c1422f17c5b2bf0076d7b980d280f993bda4887b80cdf0ab2a277d5977278cb6f9f0fcae6c440ffaf3d33c9a7098d26738bf0d","ssdeep":"","tlshash":"7041ca05eea2ac89a291fa0268db14639b59498c9fc0d26fadc8cca31c319d95c5dcd7","first_seen":"2025-03-02T01:36:31.985825Z","last_seen":"2026-03-27T05:50:39.446851Z","times_seen":44,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-29","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-29T05:28:59.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Mon, 29 Dec 2025 05:28:59 GMT\r\nserver: nginx\r\nset-cookie: think_var=zh-cn; path=/\nthink_var=zh-cn; path=/\nserver_name_session=c29c1bf587a2eaf4defcda57986b9127; Max-Age=86400; httponly; path=/\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":184463,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21047), with CRLF, LF line terminators","md5":"682a6fdf937d2f257094fb7189acaee6","sha1":"2cbddde3d1a3f56a644ca141e283ef8b0b74f1c7","sha256":"e74a7cb56b1cdbe7b6e339c36f279502feba81008ece64e1a7416efeb0511607","sha512":"7e1a02deae74e3638087bf905b8a960cb84f32af854758940efdd119464deaea4d0a1cb59418891b62f27501f6f7715fb26d1516ae379435188474377e1252d0","ssdeep":"3072:HXFjZfrQyDXc/Zc3UxdJ8dZetE4J7N0lP0l3h:RZfrQySZc31etE4JClMl3h","tlshash":"6a14a55445d197730bbac1e63d641758f6a680c7c681ae27b7bd37cb3fa4e0280af258","first_seen":"2025-12-29T05:29:27.773296Z","last_seen":"2025-12-29T05:29:27.773296Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1106,"timings":{"blocked":315,"dns":1,"connect":153,"send":0,"wait":475,"receive":0,"ssl":158},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-29","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-29T05:29:00.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /mob.html HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Mon, 29 Dec 2025 05:29:00 GMT\r\netag: W/\"6947bcc9-8b9\"\r\nlast-modified: Sun, 21 Dec 2025 09:24:25 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1346\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"b7193e97e8c4e09dfeec17143af5e3f9","sha1":"6c575d19397fa66f07a6b8c793996340bf63f96a","sha256":"f975f367fb20f2e8b94af78d2ce9a58583ebb7e1a80f77ce3013dd6f63ce2cd5","sha512":"2145076c20c0ca48d057a88233b160a14c13f46d50482806f7cfea569258b2fdfc5fbb2f88bb18f8b2413e4c79dc8866248f05e54dfb4c6d4962def6b9bb8be5","ssdeep":"","tlshash":"be4196d34ba685267d92d8503a522fd631ac9807e00bc76466f5a478cec0ea642333cc","first_seen":"2025-12-22T09:56:04.017029Z","last_seen":"2025-12-30T22:52:16.270914Z","times_seen":11,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-29","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/css/common.css?v=1766986139","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cav10.com/","date":"2025-12-29T05:29:00.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /template/cav10.com/asset/css/common.css?v=1766986139 HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3319,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"fd1883f3175814b2ab831a61de46270f","sha1":"6bdb5ea6e5742b603065968175146f37490efc34","sha256":"aef52165eda8d9be75951262896f8831842b93e8db7f1a99a5f281294d2f208b","sha512":"6de5d8af1052bb8baeee9239d563732dbf4df9e66aa86a846cfd1888ba675a3350f29a0d401b0f54b32576e73af40abe16edc2edd871ae5f8cda71a584737590","ssdeep":"","tlshash":"5761ef4219022c85d52bf2a798f786eded4f6403a78360eab9e17805cfcf69700225d8","first_seen":"2025-07-04T12:12:16.310038Z","last_seen":"2026-03-27T05:50:39.447895Z","times_seen":74,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-29","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/wntheme41/asset/images/play.png","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/","date":"2025-12-29T05:29:00.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /template/wntheme41/asset/images/play.png HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Mon, 29 Dec 2025 04:50:14 GMT\r\netag: W/\"690382cc-476\"\r\nexpires: Wed, 28 Jan 2026 04:50:14 GMT\r\nlast-modified: Mon, 29 Dec 2025 04:50:14 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\ncontent-length: 1103\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"80fec6f006f07202c2aeb5534d67e8b4","sha1":"307583d5c0582015f9a3235d7cd55dd2835b877d","sha256":"a8241f53955bdb514662cd4d3e8079b71bc00684932efd5442edd8252460e407","sha512":"349843f1c0261d61c3ac552cfed58e4520371751baa5913eb10f7ac988d829c1a4aab3dc73defa80ed3fe3b95b55d2493acc433dde6ef78c17fdb4df5ce3c67a","ssdeep":"","tlshash":"6d21c661f729b290d79c173591f4b680e87ba7ad3ca30020dc55f52d782a68d3c9c2cc","first_seen":"2024-08-20T12:35:14.602369Z","last_seen":"2026-03-27T05:50:39.452996Z","times_seen":40,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-29","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.qrserver.com/v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F","fqdn":"api.qrserver.com","domain":"qrserver.com","tld":"com"},"ip":{"addr":"88.99.85.235","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-29T05:29:01.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qrserver.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 29 Nov 2025 22:04:13 GMT","end":"Fri, 27 Feb 2026 22:04:12 GMT"},"fingerprint":{"sha1":"48:8B:D8:E9:7B:04:DB:21:21:D6:E2:66:2B:9A:29:36:2A:46:3E:60","sha256":"5E:02:1E:80:D4:76:1F:0F:AD:79:30:D1:01:CE:97:B5:D4:B0:38:19:D8:26:70:CF:51:F5:35:6C:34:E9:CD:FA"}}},"request":{"raw":"GET /v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F HTTP/1.1\r\nHost: api.qrserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 29 Dec 2025 05:29:01 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT\r\naccess-control-max-age: 7200\r\naccess-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 1-bit colormap, non-interlaced","md5":"28e7ddc2d3cd129cc1f8fcc7f50c1287","sha1":"48c82456e0fd8316ed7a9d3135f2518b2b6b774b","sha256":"a8930ab174d25927eb092cef404baa066cb14c32029ca2d9cbddb52e1e274d50","sha512":"448dad6db9d06a8e28f55b4beb5985e6c1fa0df984255ac1df2464e7968b7cf1728785a1556c3bf00d013ed579f8c4ca8a238e23e76dd2403f3f7723e063f3a9","ssdeep":"","tlshash":"4bf023c3f36350beb54480b5dd27446b829148a4a5f4411685ea4c3ec521a4f8dcc901","first_seen":"2025-12-19T11:42:55.834624Z","last_seen":"2025-12-30T03:07:19.989917Z","times_seen":10,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":113,"dns":12,"connect":25,"send":0,"wait":29,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/favicon.ico","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"23.27.168.117","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-29T05:29:01.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/mob.html\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/x-icon\r\ndate: Mon, 29 Dec 2025 04:50:06 GMT\r\netag: \"6933481e-fc4\"\r\nlast-modified: Mon, 29 Dec 2025 04:50:06 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4036,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e59ad0a9aefea690d92ffc6266516c6","sha1":"f82e7a5e38ad362b54a94522fd99963bc1515d27","sha256":"fa3958fb852fab1c92b41cbb3a1ad0c4487ee1cd1ef4712e6817fab8b8fde0eb","sha512":"3b4c28339115ca408dd153651ca8a2447b50788ff8499e51986f4062a8124e3145ef0d0ee9dbc36515be338d7cd0a21e1d6eb9725e9905454911af9c6d8827e0","ssdeep":"","tlshash":"a8817e69280b2a67e7f9a51b07360117ddf1a0ad62d7a88dc909c037bdee2b73086414","first_seen":"2025-12-05T22:31:48.407286Z","last_seen":"2026-02-14T16:06:52.824936Z","times_seen":254,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-29","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-29","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}