{"report_id":"b3e0d67c-a2a7-4fb0-8ad4-84d2f390e7e0","version":6,"status":"done","tags":[],"date":"2025-12-27T18:15:28Z","url":{"schema":"https","addr":"cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":0,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"title":"访问提示","dom":{"size":2324,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2377e98351983f39740376553a583c6e","sha1":"2e9014152e0e937ecfbd471c443887dbc7e06354","sha256":"e2ef10f6b8eec6060d58a1ad1d12e4a01625317a16b4e9c0669c478fd1b6a32d","sha512":"f19492b43a2540161b244fbe00bdb848d868cb7f10868daeb5228d280fc8a2a60d1fe86683cf8ab2b67e518418b84900e332c7e6b3db9f2863213a88582e562a","ssdeep":"","tlshash":"2e4198d31ba69427bd92d45079522fd631acd807e40ac7a476f5a569cec0eb742333cc","dom_hash":"domhash9f56b4cf3fd7b1f4dab033f1c1ced99b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cav10.com","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"45.147.200.225","port":0,"asn":51659,"as":"LLC Baxet","country":"Russia","country_code":"RU"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-31T18:15:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cav10.com","ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"domain_registered":"2025-12-11","domain_rank":0,"first_seen":"2025-12-18T05:22:23.700643Z","last_seen":"2025-12-25T16:43:12.833779Z","alert_count":16,"request_count":4,"received_data":191025,"sent_data":2119,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.qrserver.com","ip":{"addr":"88.99.85.235","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2009-05-16","domain_rank":342339,"first_seen":"2012-06-20T10:01:45Z","last_seen":"2025-12-26T05:26:46.676487Z","alert_count":0,"request_count":1,"received_data":836,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/wntheme.js?v=1766859306","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"60bdf4117f35d4dd14feb178af7f4c71","sha1":"2003798e6f9a60edb5374c3b01cdbaff9c649cbb","sha256":"cad017f5b61569bdd35060b114147c285cf6d8d2d4237cd5a3ad15eb736ff2b8","sha512":"d565b2537616ff17cfd333d605802b6878a14da23cc01af885de63c6ded24e5b390a278893abb20e859264986c28a1ea6cd6b3b32d278e281ad703f4b40959cf","ssdeep":"","tlshash":"3841e153dabe4c42622f40865656f4e8732c947300739eadf28c70a95f8c86e035eb79","size":2236,"data":"","first_seen":"2025-12-16T20:01:54.266129Z","last_seen":"2026-01-31T13:21:21.702953Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/jquery-3.3.1.min.js","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9a14b26aef8bba135e0749ec536f608","sha1":"096cbb5ce5fe7992c85f0bac682974196ad78d09","sha256":"cad9fc1485e97aca7816e5ef8406c7cb26648ee9fb2552e98c5dfc0e531474d4","sha512":"93abc3b0d3fd8546ba52c21dcaffdfaef6d29b8b931a8f6b1ed1d0739c86c6bbd4019c2b48dd77a36b7ec2061ccc21db9e0537a9234c4ad6205104ca61cb62d6","ssdeep":"","tlshash":"2611e59d3224f26d27ab10a4523b860ff2a1513c346d5453477dc8f4b8a58bf4227658","size":1000,"data":"","first_seen":"2023-04-29T08:43:09Z","last_seen":"2026-04-04T22:21:49.349851Z","times_seen":1684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/js/home.js?v=1766859306","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"85f42ef4e95aae5215b22b5f93b2068b","sha1":"cc2754e3130e779adc24935278dbb8651a12214e","sha256":"cbcd37a5cbf49c3c1e5a63613a2770458797cb5f94c17e7d644fe84a414769c2","sha512":"5299634b71ba0cb1eee36114fda95c3a25fd3c27ad3700aa92e1c33550305973bfa96f37d03d42c2845eb72c09491306fd3e76fbb3b94148923fccba5edb304d","ssdeep":"","tlshash":"8811ab135a66d64857c26fae4bcb2c0b93f4d34f085410fbaf7231ed9624dc11476e18","size":1000,"data":"","first_seen":"2025-03-05T19:45:29.856239Z","last_seen":"2026-04-04T18:59:48.550659Z","times_seen":174,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb592fbec479fcf86b148138d910bb35","sha1":"45ce0041ee6d4eee4ad3631c79803cfbe0dc48dc","sha256":"544e26b4c403cd52e0df7ab03a923a311ccef4a1d94b936dd6b566488ff9abd1","sha512":"2695d92d187d48260309cc4567d303bc8891bb5c63a475327a52efdd0b2011d2103deb942f81be5efc25f0acb9698035821c0fdde85d4d37bbf42ce219606a0c","ssdeep":"","tlshash":"2df09eef1b121525af8fc68b173f3a15a59da10f5881df09742dd1021fe0f6c222b9d4","size":493,"data":"","first_seen":"2025-12-17T23:26:10.099061Z","last_seen":"2026-01-31T13:21:21.717068Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cav10.com/template/cav10.com/asset/images/video.png","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/","date":"2025-12-27T18:15:07.406Z","timestamp":0,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /template/cav10.com/asset/images/video.png HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/mob.html","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-27T18:15:07.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /mob.html HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Sat, 27 Dec 2025 18:15:07 GMT\r\netag: W/\"6947bcc9-8b9\"\r\nlast-modified: Sun, 21 Dec 2025 09:24:25 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 1346\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"b7193e97e8c4e09dfeec17143af5e3f9","sha1":"6c575d19397fa66f07a6b8c793996340bf63f96a","sha256":"f975f367fb20f2e8b94af78d2ce9a58583ebb7e1a80f77ce3013dd6f63ce2cd5","sha512":"2145076c20c0ca48d057a88233b160a14c13f46d50482806f7cfea569258b2fdfc5fbb2f88bb18f8b2413e4c79dc8866248f05e54dfb4c6d4962def6b9bb8be5","ssdeep":"","tlshash":"be4196d34ba685267d92d8503a522fd631ac9807e00bc76466f5a478cec0ea642333cc","first_seen":"2025-12-22T09:56:04.017029Z","last_seen":"2025-12-30T22:52:16.270914Z","times_seen":11,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.qrserver.com/v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F","fqdn":"api.qrserver.com","domain":"qrserver.com","tld":"com"},"ip":{"addr":"88.99.85.235","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-27T18:15:07.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qrserver.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 29 Nov 2025 22:04:13 GMT","end":"Fri, 27 Feb 2026 22:04:12 GMT"},"fingerprint":{"sha1":"48:8B:D8:E9:7B:04:DB:21:21:D6:E2:66:2B:9A:29:36:2A:46:3E:60","sha256":"5E:02:1E:80:D4:76:1F:0F:AD:79:30:D1:01:CE:97:B5:D4:B0:38:19:D8:26:70:CF:51:F5:35:6C:34:E9:CD:FA"}}},"request":{"raw":"GET /v1/create-qr-code/?size=300x300\u0026data=https%3A%2F%2Fcav10.com%2F HTTP/1.1\r\nHost: api.qrserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 27 Dec 2025 18:15:07 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT\r\naccess-control-max-age: 7200\r\naccess-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 1-bit colormap, non-interlaced","md5":"28e7ddc2d3cd129cc1f8fcc7f50c1287","sha1":"48c82456e0fd8316ed7a9d3135f2518b2b6b774b","sha256":"a8930ab174d25927eb092cef404baa066cb14c32029ca2d9cbddb52e1e274d50","sha512":"448dad6db9d06a8e28f55b4beb5985e6c1fa0df984255ac1df2464e7968b7cf1728785a1556c3bf00d013ed579f8c4ca8a238e23e76dd2403f3f7723e063f3a9","ssdeep":"","tlshash":"4bf023c3f36350beb54480b5dd27446b829148a4a5f4411685ea4c3ec521a4f8dcc901","first_seen":"2025-12-19T11:42:55.834624Z","last_seen":"2025-12-30T03:07:19.989917Z","times_seen":10,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":115,"dns":20,"connect":25,"send":0,"wait":28,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/favicon.ico","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cav10.com/mob.html","date":"2025-12-27T18:15:07.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cav10.com/mob.html\r\nCookie: think_var=zh-cn; server_name_session=c29c1bf587a2eaf4defcda57986b9127\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/x-icon\r\ndate: Sat, 27 Dec 2025 17:40:03 GMT\r\netag: \"6933481e-fc4\"\r\nlast-modified: Sat, 27 Dec 2025 17:40:03 GMT\r\nserver: nginx\r\nx-cache: HIT, policy, disk\r\ncontent-length: 4036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4036,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e59ad0a9aefea690d92ffc6266516c6","sha1":"f82e7a5e38ad362b54a94522fd99963bc1515d27","sha256":"fa3958fb852fab1c92b41cbb3a1ad0c4487ee1cd1ef4712e6817fab8b8fde0eb","sha512":"3b4c28339115ca408dd153651ca8a2447b50788ff8499e51986f4062a8124e3145ef0d0ee9dbc36515be338d7cd0a21e1d6eb9725e9905454911af9c6d8827e0","ssdeep":"","tlshash":"a8817e69280b2a67e7f9a51b07360117ddf1a0ad62d7a88dc909c037bdee2b73086414","first_seen":"2025-12-05T22:31:48.407286Z","last_seen":"2026-02-14T16:06:52.824936Z","times_seen":254,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cav10.com/","fqdn":"cav10.com","domain":"cav10.com","tld":"com"},"ip":{"addr":"166.88.132.178","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-27T18:15:06.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cav10.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 12:21:48 GMT","end":"Wed, 11 Mar 2026 12:21:47 GMT"},"fingerprint":{"sha1":"53:9F:FE:74:33:24:4F:A8:E6:E0:5E:3D:F7:A2:F0:88:30:BA:B5:53","sha256":"72:7E:EA:E6:37:16:05:EA:8A:86:99:59:8B:5F:49:2C:D5:74:B1:DF:11:B5:A0:86:84:B0:AE:52:62:B9:80:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cav10.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 27 Dec 2025 18:15:07 GMT\r\nserver: nginx\r\nset-cookie: think_var=zh-cn; path=/\nthink_var=zh-cn; path=/\nserver_name_session=c29c1bf587a2eaf4defcda57986b9127; Max-Age=86400; httponly; path=/\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":183889,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21047), with CRLF, LF line terminators","md5":"4b9e4cba8c57d688d386966191245070","sha1":"81f8b91ba8844751c5d16ed6bfc29e075d4b6f26","sha256":"46072456efc49e7a2993ab7314e4bfa5cd0e0d20f99cfc294f1c0f08e758db1a","sha512":"c325ddee25af7d3b8dd97b30b10277241f3888c8d612161a51a136add2a6166d8f075c4865fed2955e5fa840010700d933ec8e7f2b036cefb7661664e66fc90f","ssdeep":"1536:ypxyZjZfrQy+OXoSYs6VfVjTCX4AeoaJUxymX4UC3CWCUSxJiSrawckHO6jyAez/:IyZjZfrQyDXc7T0c3jSx7++X0l80l3h","tlshash":"2604e75448d158b30b7fc1d67aa41728f7969087c681ae27b5bd378f7fa4e0280af25c","first_seen":"2025-12-27T18:15:29.223867Z","last_seen":"2025-12-27T18:15:29.223867Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1105,"timings":{"blocked":440,"dns":369,"connect":33,"send":0,"wait":221,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-27","alert":"Content Category / Application Block","trigger":"cav10.com","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-27","alert":"Sinkholed","trigger":"cav10.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}