{"report_id":"aa212994-5e18-43a4-b562-e7fc0cf251de","version":6,"status":"done","tags":[],"date":"2025-12-24T10:04:09Z","url":{"schema":"http","addr":"Cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"46.202.208.18","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"title":"访问提示","dom":{"size":2324,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2377e98351983f39740376553a583c6e","sha1":"2e9014152e0e937ecfbd471c443887dbc7e06354","sha256":"e2ef10f6b8eec6060d58a1ad1d12e4a01625317a16b4e9c0669c478fd1b6a32d","sha512":"f19492b43a2540161b244fbe00bdb848d868cb7f10868daeb5228d280fc8a2a60d1fe86683cf8ab2b67e518418b84900e332c7e6b3db9f2863213a88582e562a","ssdeep":"","tlshash":"2e4198d31ba69427bd92d45079522fd631acd807e40ac7a476f5a569cec0eb742333cc","dom_hash":"domhash9f56b4cf3fd7b1f4dab033f1c1ced99b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"Cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"46.202.208.18","port":0,"asn":0,"as":"","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-28T10:04:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-24","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cav10.com","ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"domain_registered":"2025-12-11","domain_rank":0,"first_seen":"2025-12-18T05:22:23.700643Z","last_seen":"2025-12-18T05:22:23.700644Z","alert_count":12,"request_count":3,"received_data":190907,"sent_data":1585,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.qrserver.com","ip":{"addr":"95.216.163.127","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2009-05-16","domain_rank":342339,"first_seen":"2012-06-20T10:01:45Z","last_seen":"2025-12-18T23:58:19.150876Z","alert_count":0,"request_count":1,"received_data":836,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/wntheme.js?v=1766570627","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"60bdf4117f35d4dd14feb178af7f4c71","sha1":"2003798e6f9a60edb5374c3b01cdbaff9c649cbb","sha256":"cad017f5b61569bdd35060b114147c285cf6d8d2d4237cd5a3ad15eb736ff2b8","sha512":"d565b2537616ff17cfd333d605802b6878a14da23cc01af885de63c6ded24e5b390a278893abb20e859264986c28a1ea6cd6b3b32d278e281ad703f4b40959cf","ssdeep":"","tlshash":"3841e153dabe4c42622f40865656f4e8732c947300739eadf28c70a95f8c86e035eb79","size":2236,"data":"","first_seen":"2025-12-16T20:01:54.266129Z","last_seen":"2026-01-31T13:21:21.702953Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/jquery-3.3.1.min.js","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-11T01:53:53.87538Z","times_seen":134444,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/home.js?v=1766570627","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"85f42ef4e95aae5215b22b5f93b2068b","sha1":"cc2754e3130e779adc24935278dbb8651a12214e","sha256":"cbcd37a5cbf49c3c1e5a63613a2770458797cb5f94c17e7d644fe84a414769c2","sha512":"5299634b71ba0cb1eee36114fda95c3a25fd3c27ad3700aa92e1c33550305973bfa96f37d03d42c2845eb72c09491306fd3e76fbb3b94148923fccba5edb304d","ssdeep":"","tlshash":"8811ab135a66d64857c26fae4bcb2c0b93f4d34f085410fbaf7231ed9624dc11476e18","size":1000,"data":"","first_seen":"2025-03-05T19:45:29.856239Z","last_seen":"2026-06-06T13:26:18.094158Z","times_seen":188,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb592fbec479fcf86b148138d910bb35","sha1":"45ce0041ee6d4eee4ad3631c79803cfbe0dc48dc","sha256":"544e26b4c403cd52e0df7ab03a923a311ccef4a1d94b936dd6b566488ff9abd1","sha512":"2695d92d187d48260309cc4567d303bc8891bb5c63a475327a52efdd0b2011d2103deb942f81be5efc25f0acb9698035821c0fdde85d4d37bbf42ce219606a0c","ssdeep":"","tlshash":"2df09eef1b121525af8fc68b173f3a15a59da10f5881df09742dd1021fe0f6c222b9d4","size":493,"data":"","first_seen":"2025-12-17T23:26:10.099061Z","last_seen":"2026-01-31T13:21:21.717068Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/lazysizes.min.js?v=1766570627","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b82368b55ab941d0bb7db421e1084d6c","sha1":"27192bc19de2a9f69cb684d8bc627c78471ce049","sha256":"e76fb8d9f216898822b92b5be7fc0b3085b9a3685b14089d64a10935e83a08c5","sha512":"acd270d56dd39b1b2d2d1bf6ccc5b7c93f03888d741030d64b2977663284f610244c13f03ad395484149a386c97d617187101f3044591da4fa3b36d295ac3cc2","ssdeep":"192:zIJHXkovHIdcC9vaE6cyxqI1qwLcIRAKEFkNB+xb+25CqqBFPvAxOn:z2kNdcC9J6co91qwLcI6KgkixbdjqBFH","tlshash":"16f1b59f755570b3aadb74b5416f310f673279339d86e092e2bac080493c84aa323f2d","size":7891,"data":"","first_seen":"2023-03-08T00:57:24Z","last_seen":"2026-06-10T23:23:04.955434Z","times_seen":1785,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"e401f537911e3d5530a27343f195cd42","sha1":"3b13dd44a16516793330e158292a3e7a9f6ff3f9","sha256":"ddf456b40e6104fd4f7e9a11b1586012a2bc468bd1dec5a487af66d4c21914ea","sha512":"49fca999cdc724f6c510f22f2a6b102efb2ef164a2eb51664c2d1675e04c15abfcd961d264e3c026f25ec124aba1b10789b23b7ae60eb8028c4a2c886ca212ef","ssdeep":"","tlshash":"7ea022b2c2080c828800008ea0ce3bb38830030e03002b8c0202a3b0300b0002c332b8","size":73,"data":"","first_seen":"2025-12-24T10:04:12.855783Z","last_seen":"2025-12-24T10:04:12.855783Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T10:03:47.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Dec 2025 10:03:47 GMT\r\nserver: nginx\r\nset-cookie: think_var=zh-cn; path=/\nthink_var=zh-cn; path=/\nserver_name_session=c29c1bf587a2eaf4defcda57986b9127; Max-Age=86400; httponly; path=/\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":183771,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21047), with CRLF, LF line terminators","md5":"a529c0eed7e7180a771ad2717896c61b","sha1":"276070aa3834d417fc1640659e3271bc3078f6c8","sha256":"1266b47a07856cfe005b1498bfc52d367d46ee4bf02fea2f67260b038b183a83","sha512":"3988355656ef933928814bd83f6ac641e301fdb19b1c462e090b3dbba0b82516249c1fbdb2867fe61adc11820ee9df8abd398d604b531839361b8e23cb94eb3e","ssdeep":"1536:Op+qpjZfrQy+OXnJ6Vr5D6lHjWa45D6lHjWaIVpVNzytTvwNL+/M9JOMeQilh:vqpjZfrQyDXnE0l20lqVNgTvwNL+h","tlshash":"9904e65458d158b30b7bc1d67ea41768f7968087c681ae27b5bc378b7fb4e0280af25c","first_seen":"2025-12-24T10:04:12.848153Z","last_seen":"2025-12-24T10:04:12.848153Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1417,"timings":{"blocked":627,"dns":553,"connect":34,"send":0,"wait":163,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-24","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.qrserver.com/v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F","fqdn":"api.qrserver.com","domain":"qrserver.com","tld":"com"},"ip":{"addr":"95.216.163.127","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-24T10:03:48.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qrserver.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 29 Nov 2025 23:01:12 GMT","end":"Fri, 27 Feb 2026 23:01:11 GMT"},"fingerprint":{"sha1":"21:B7:43:02:F1:BA:3D:D8:97:E2:1D:81:FC:90:98:34:D5:CB:CE:30","sha256":"1F:CE:5C:10:18:14:84:9C:FD:E7:56:E0:AE:F1:02:28:81:B2:43:87:42:27:78:09:A1:CA:09:5C:70:89:B4:2F"}}},"request":{"raw":"GET /v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F HTTP/1.1\r\nHost: api.qrserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 10:03:49 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT\r\naccess-control-max-age: 7200\r\naccess-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 1-bit colormap, non-interlaced","md5":"28e7ddc2d3cd129cc1f8fcc7f50c1287","sha1":"48c82456e0fd8316ed7a9d3135f2518b2b6b774b","sha256":"a8930ab174d25927eb092cef404baa066cb14c32029ca2d9cbddb52e1e274d50","sha512":"448dad6db9d06a8e28f55b4beb5985e6c1fa0df984255ac1df2464e7968b7cf1728785a1556c3bf00d013ed579f8c4ca8a238e23e76dd2403f3f7723e063f3a9","ssdeep":"","tlshash":"4bf023c3f36350beb54480b5dd27446b829148a4a5f4411685ea4c3ec521a4f8dcc901","first_seen":"2025-12-19T11:42:55.834624Z","last_seen":"2025-12-30T03:07:19.989917Z","times_seen":10,"resource_available":false,"data":null}},"time_used":2090,"timings":{"blocked":746,"dns":13,"connect":27,"send":0,"wait":598,"receive":0,"ssl":702},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T10:03:48.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /mob.html HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Wed, 24 Dec 2025 10:03:48 GMT\r\netag: W/\"6947bcc9-8b9\"\r\nlast-modified: Sun, 21 Dec 2025 09:24:25 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1346\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"b7193e97e8c4e09dfeec17143af5e3f9","sha1":"6c575d19397fa66f07a6b8c793996340bf63f96a","sha256":"f975f367fb20f2e8b94af78d2ce9a58583ebb7e1a80f77ce3013dd6f63ce2cd5","sha512":"2145076c20c0ca48d057a88233b160a14c13f46d50482806f7cfea569258b2fdfc5fbb2f88bb18f8b2413e4c79dc8866248f05e54dfb4c6d4962def6b9bb8be5","ssdeep":"","tlshash":"be4196d34ba685267d92d8503a522fd631ac9807e00bc76466f5a478cec0ea642333cc","first_seen":"2025-12-22T09:56:04.017029Z","last_seen":"2025-12-30T22:52:16.270914Z","times_seen":11,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-24","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/favicon.ico","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-24T10:03:48.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/mob.html\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/x-icon\r\ndate: Wed, 24 Dec 2025 09:31:12 GMT\r\netag: \"6933481e-fc4\"\r\nlast-modified: Wed, 24 Dec 2025 09:31:12 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4036,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e59ad0a9aefea690d92ffc6266516c6","sha1":"f82e7a5e38ad362b54a94522fd99963bc1515d27","sha256":"fa3958fb852fab1c92b41cbb3a1ad0c4487ee1cd1ef4712e6817fab8b8fde0eb","sha512":"3b4c28339115ca408dd153651ca8a2447b50788ff8499e51986f4062a8124e3145ef0d0ee9dbc36515be338d7cd0a21e1d6eb9725e9905454911af9c6d8827e0","ssdeep":"","tlshash":"a8817e69280b2a67e7f9a51b07360117ddf1a0ad62d7a88dc909c037bdee2b73086414","first_seen":"2025-12-05T22:31:48.407286Z","last_seen":"2026-02-14T16:06:52.824936Z","times_seen":254,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-24","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}