{"report_id":"c7272ac3-d7cd-412d-a1bf-cfc9996a9cc2","version":6,"status":"done","tags":[],"date":"2025-09-23T21:56:13Z","url":{"schema":"http","addr":"kairuite-cn.com/73f4d/video/japanese+family+destruction+by+intruder","fqdn":"kairuite-cn.com","domain":"kairuite-cn.com","tld":"com"},"ip":{"addr":"172.67.131.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"kairuite-cn.com/verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder","fqdn":"kairuite-cn.com","domain":"kairuite-cn.com","tld":"com"},"title":"请验证... / Please verify..."},"submit":{"url":{"schema":"http","addr":"kairuite-cn.com/73f4d/video/japanese+family+destruction+by+intruder","fqdn":"kairuite-cn.com","domain":"kairuite-cn.com","tld":"com"},"ip":{"addr":"172.67.131.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T21:56:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"cache.sgvafs.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"tp.suppercacheimages.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"kairuite-cn.com","ip":{"addr":"104.21.4.69","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-13","domain_rank":0,"first_seen":"2025-09-23T21:56:13.575453Z","last_seen":"2025-09-23T21:56:13.575453Z","alert_count":0,"request_count":3,"received_data":27111,"sent_data":1712,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cache.sgvafs.top","ip":{"addr":"104.26.1.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-08","domain_rank":0,"first_seen":"2025-09-10T03:39:13.857252Z","last_seen":"2025-09-10T03:39:13.857253Z","alert_count":1,"request_count":1,"received_data":11011,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tp.suppercacheimages.top","ip":{"addr":"104.26.4.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-28","domain_rank":4373587,"first_seen":"2025-07-03T07:59:39.720127Z","last_seen":"2025-09-16T09:15:28.913781Z","alert_count":1,"request_count":1,"received_data":9539,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kairuite-cn.com/verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder","fqdn":"kairuite-cn.com","domain":"kairuite-cn.com","tld":"com"},"ip":{"addr":"104.21.4.69","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"100651779c3af19877c90c9bb5388f31","sha1":"de65c62ddbb7f470782789bb858132de87bd66d4","sha256":"f43c59607cc55fa344df950519a51fb3a1605aa7348b4a417c9aaa02d3e8b6b2","sha512":"c2a1996369e5db4164f82b424ec1bb256f4889584705a64bcd558c973ecdc68d55c4fd77673e929d3366c1f1ee79db5d3befd26851803d0a2e0d003e05a4e206","ssdeep":"","tlshash":"7221300aa8672499135bf1a01e27db8921b2912734c1ed023e5cc39c0f8d41fe3337c8","size":1376,"data":"","first_seen":"2025-09-23T21:56:18.763195Z","last_seen":"2025-09-23T21:56:18.763195Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cache.sgvafs.top/resource/aHR0cHM6Ly94bnh4LmRnYXYxMS5jb20vanMvanEtc2xpZGVWZXJpZnkuanM=.js","fqdn":"cache.sgvafs.top","domain":"sgvafs.top","tld":"top"},"ip":{"addr":"104.26.1.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4448d0ef59fcf5174d5c2592c07665db","sha1":"bb0bb7cbef8f9d8b44b9e12309d895567542718e","sha256":"c7c938f1097ebb4ebd688d907683428581db12c23e856f1d9f05bfe2edfc0238","sha512":"0b19d16cf5e49c2c3a53060f8e1206f1eff39407fd5a2cacec693e962a3bf84c5c60d7018cab015247dbad1901414fcd94eba162fed8bfcd7f6d3c98d62563aa","ssdeep":"192:CKPS5dNyHxk48GdcjvOqTduNTNd3ddcaTteAYPMGwI8QYcTL8YUTMo13gMyHYWVv:zPoIxk4xdci3vs7wI8QYcTL8YUTMKQL/","tlshash":"ab220f5a6aff2125d16bb4665e0f911a3a31404f244bde2c3cec91d0ef9487c16b2ef8","size":10144,"data":"","first_seen":"2025-06-02T15:45:03.145124Z","last_seen":"2026-04-03T17:43:35.488206Z","times_seen":1276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kairuite-cn.com/favicon.ico","fqdn":"kairuite-cn.com","domain":"kairuite-cn.com","tld":"com"},"ip":{"addr":"104.21.4.69","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kairuite-cn.com/verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder","date":"2025-09-23T21:55:52.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kairuite-cn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 10:58:46 GMT","end":"Fri, 31 Oct 2025 11:56:27 GMT"},"fingerprint":{"sha1":"57:CD:DA:17:C8:41:92:85:EE:F1:93:D6:D0:3F:07:C1:4D:2C:6E:0C","sha256":"35:46:09:8F:F7:73:F8:82:16:04:7A:DD:4E:9A:07:ED:7B:B8:04:58:EA:61:8E:4D:53:E0:8C:F6:BD:08:66:23"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: kairuite-cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kairuite-cn.com/verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 23 Sep 2025 21:55:52 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\ncontent-encoding: br\r\nx-powered-by: Express\r\netag: W/\"3c2e-3fS4ZjbvH9YCHloM0poWDdkbQSY\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization\r\ncache-control: public, max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1qvHZ8BIz%2Beb4a9O1E4P8KX8IIf8vQstNkrirXuvAVDMqCUvLGmGhEfW5aNvXnteS7vk%2FOxrHG5w4NBh6m0wnpLKMwJnwrl17bEtjNM%3D\"}]}\r\ncf-ray: 983d49ecab7b56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"cf7d9511f01e4697a56e838a8b656471","sha1":"ddf4b86636ef1fd6021e5a0cd29a160dd91b4126","sha256":"0db75710af38919e25baccf4a07fb57474de2ae269941712998302b042e6b1d7","sha512":"1a448cd3abf5d219b6cefe14df04a3377c5f17f772c870f07146b6a300941c0adb796613e05adad0aa428f1af8b4d539d1fb074f3e5fe995f779028f92e339bd","ssdeep":"96:Q/nC/cNEx/qk+A7WsogkMqP5EGmhcx98r8YjwEx0MRs4FU:Q/C/e0iQmgkMG5JmqijwE/q3","tlshash":"aa62602bce765a0fca20b23d4541cb7123e0fd5d6566c5372ec38d43b83fa69a8162d2","first_seen":"2023-05-14T21:15:57Z","last_seen":"2025-10-11T06:12:37.941887Z","times_seen":252,"resource_available":false,"data":null}},"time_used":622,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":449,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kairuite-cn.com/73f4d/video/japanese+family+destruction+by+intruder","fqdn":"kairuite-cn.com","domain":"kairuite-cn.com","tld":"com"},"ip":{"addr":"104.21.4.69","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T21:55:51.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kairuite-cn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 10:58:46 GMT","end":"Fri, 31 Oct 2025 11:56:27 GMT"},"fingerprint":{"sha1":"57:CD:DA:17:C8:41:92:85:EE:F1:93:D6:D0:3F:07:C1:4D:2C:6E:0C","sha256":"35:46:09:8F:F7:73:F8:82:16:04:7A:DD:4E:9A:07:ED:7B:B8:04:58:EA:61:8E:4D:53:E0:8C:F6:BD:08:66:23"}}},"request":{"raw":"GET /73f4d/video/japanese+family+destruction+by+intruder HTTP/1.1\r\nHost: kairuite-cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 23 Sep 2025 21:55:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate, public, max-age=3600\r\npragma: no-cache\r\nexpires: 0\r\nsurrogate-control: no-store\r\nlocation: /verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder\r\nvary: Accept, accept-encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E9drM2%2BZ%2BM%2BEaAtC%2BTZq8R0fIkNn6xsIv2%2BYt03r6YkQAJVLUkJzOlZS2mWsw2RVh9UKT%2Fo3PYWQx0trIKB91lkPAhZk4fGvCeYJ9pZLZQ%3D%3D\"}]}\r\ncf-ray: 983d49e5fa355fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":719,"timings":{"blocked":185,"dns":14,"connect":1,"send":0,"wait":349,"receive":0,"ssl":167},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kairuite-cn.com/verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder","fqdn":"kairuite-cn.com","domain":"kairuite-cn.com","tld":"com"},"ip":{"addr":"104.21.4.69","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T21:55:51.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kairuite-cn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 02 Aug 2025 10:58:46 GMT","end":"Fri, 31 Oct 2025 11:56:27 GMT"},"fingerprint":{"sha1":"57:CD:DA:17:C8:41:92:85:EE:F1:93:D6:D0:3F:07:C1:4D:2C:6E:0C","sha256":"35:46:09:8F:F7:73:F8:82:16:04:7A:DD:4E:9A:07:ED:7B:B8:04:58:EA:61:8E:4D:53:E0:8C:F6:BD:08:66:23"}}},"request":{"raw":"GET /verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder HTTP/1.1\r\nHost: kairuite-cn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 21:55:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: public, max-age=14400, must-revalidate, proxy-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nsurrogate-control: no-store\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GTORuNeuSbeqGNI51HhcNcKZWjbRl2Eiir1Nn8vrPJ4hiVTOVU3AK5mkwIKb19j7kYpV9j8c%2FBUcYeP6GSyoLvzv3zly8nF5uKhtVGKMCg%3D%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 983d49e83b955fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8ea02d2e7ea3a9e439dd5622e1130e6f","sha1":"d4c3b9e933458a770883ab3a1471aef64077cc4c","sha256":"3df62c3635dd982d7e4005dbd7bc625d4d4898646d2e184f1b2e4af1d8b2d44f","sha512":"12fb6a8dc7b64114523e2fb3176a81a580606616edfc70700239de628f81ef0e202677950b52178e5f39e3d633f963debe8d4dc2f75aff146ac34fd4cdccbdd7","ssdeep":"48:toSpuPl/z9TFcaKj0qNvVcWlZR2ykaOCpeXlml9lN8wmImyvIZn0IfmO//ajFUL5:2SyHTFpq0qhVcMuBB98LHmtwIdPcUN","tlshash":"e191a61ba651100a6133c7b4fab3a308fa3691176282c61978bd664b5ffd84685b3fc8","first_seen":"2025-09-23T21:56:18.760051Z","last_seen":"2025-09-23T21:56:18.760051Z","times_seen":1,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":380,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cache.sgvafs.top/resource/aHR0cHM6Ly94bnh4LmRnYXYxMS5jb20vanMvanEtc2xpZGVWZXJpZnkuanM=.js","fqdn":"cache.sgvafs.top","domain":"sgvafs.top","tld":"top"},"ip":{"addr":"104.26.1.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kairuite-cn.com/verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder","date":"2025-09-23T21:55:52.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sgvafs.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 10:38:46 GMT","end":"Sun, 07 Dec 2025 11:38:35 GMT"},"fingerprint":{"sha1":"8C:65:8A:81:76:0C:8D:34:B8:84:B4:69:76:36:56:48:62:39:D2:10","sha256":"79:FF:B5:2A:4A:BD:5E:D0:3A:BC:79:B4:45:6E:DD:AF:A9:65:B0:3E:37:FA:92:01:66:BD:26:25:0A:DF:15:01"}}},"request":{"raw":"GET /resource/aHR0cHM6Ly94bnh4LmRnYXYxMS5jb20vanMvanEtc2xpZGVWZXJpZnkuanM=.js HTTP/1.1\r\nHost: cache.sgvafs.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kairuite-cn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 21:55:52 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=60\r\netag: W/\"27c8-SXopyxq/ilISXKW7clFZgxZZg2g\"\r\nexpires: Wed, 10 Sep 2025 15:35:38 GMT\r\nx-cache: HIT\r\ncontent-encoding: gzip\r\nage: 1142404\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XLFOAPzPNr%2Fh%2FkEwWb7y%2FMtzNj%2FItV%2BnHK6jLo35nopV1yAylfjdjA6vn6U3IT1r8wk030Y53oWXTLF8Z8FoP8LETD4pAsM9bdvmQcc%3D\"}]}\r\ncf-ray: 983d49ec28345687-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10184,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2134)","md5":"4448d0ef59fcf5174d5c2592c07665db","sha1":"bb0bb7cbef8f9d8b44b9e12309d895567542718e","sha256":"c7c938f1097ebb4ebd688d907683428581db12c23e856f1d9f05bfe2edfc0238","sha512":"0b19d16cf5e49c2c3a53060f8e1206f1eff39407fd5a2cacec693e962a3bf84c5c60d7018cab015247dbad1901414fcd94eba162fed8bfcd7f6d3c98d62563aa","ssdeep":"192:CKPS5dNyHxk48GdcjvOqTduNTNd3ddcaTteAYPMGwI8QYcTL8YUTMo13gMyHYWVv:zPoIxk4xdci3vs7wI8QYcTL8YUTMKQL/","tlshash":"ab220f5a6aff2125d16bb4665e0f911a3a31404f244bde2c3cec91d0ef9487c16b2ef8","first_seen":"2025-06-02T15:45:03.145124Z","last_seen":"2026-04-03T17:43:35.488206Z","times_seen":1276,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":3,"dns":22,"connect":1,"send":0,"wait":11,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"cache.sgvafs.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tp.suppercacheimages.top/LightPicture_y/2025/06/a241d6a680f41a59.cache","fqdn":"tp.suppercacheimages.top","domain":"suppercacheimages.top","tld":"top"},"ip":{"addr":"104.26.4.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kairuite-cn.com/verify/f430a337?t=1758650615200\u0026host=kairuite-cn.com\u0026redirect=%2F73f4d%2Fvideo%2Fjapanese%2Bfamily%2Bdestruction%2Bby%2Bintruder","date":"2025-09-23T21:55:52.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"suppercacheimages.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 09:16:55 GMT","end":"Sun, 23 Nov 2025 10:16:52 GMT"},"fingerprint":{"sha1":"69:25:C5:3F:64:99:28:53:F7:E9:CE:28:C3:B5:4D:CB:21:4D:39:28","sha256":"83:3F:73:5E:27:3C:F0:31:51:AA:FD:F8:A1:46:65:D2:7D:1C:78:06:B9:A3:59:8F:96:0B:80:21:46:E4:AC:E8"}}},"request":{"raw":"GET /LightPicture_y/2025/06/a241d6a680f41a59.cache HTTP/1.1\r\nHost: tp.suppercacheimages.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kairuite-cn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 21:55:52 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8470\r\nserver: cloudflare\r\ncf-ray: 983d49ec2f7f1525-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nage: 1974547\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 01 Sep 2025 01:26:45 GMT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nx-content-type-options: nosniff\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=6gnSixSY58QFFRrUPZHyS%2FVJea%2BoaovG4eGmWsPelGwYnDFPQDYFXSvGdrCBByMILI507RfFJXk%2FpRfqbK8W5qwkCT0voI%2FdfNznr0K7%2FLl%2BP4b1MZKXmlAiXKk3NeRfkp%2BPC4K5AakvAfc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=501\u0026min_rtt=429\u0026rtt_var=170\u0026sent=7\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3305\u0026recv_bytes=1249\u0026delivery_rate=6776911\u0026cwnd=253\u0026unsent_bytes=0\u0026cid=21bea51fc416827a\u0026ts=55\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8470,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"648de9db476ca061d20274f19389e0d8","sha1":"a6dc522dc5dd8dc9317f5baa377e0b4dd2ecc7a0","sha256":"2dbee785d16d4c4a1c8acd69e131766cf663a822bd0fdf04d4a222539b306fd0","sha512":"dac8f785fabd6d2bfe5ca53c4147420b85c1ca3ab09acec78a0dfd476f4f7709979f3fdcc27b96eb2d580ce32a09ea1945fca1424775ce105b571fd5c21e8a90","ssdeep":"192:c9pUkTXLJ6GGs9sGHdqFUVRa5likDh6u6gq2lJiCbn:8pUkXJ6GG8sudq6TkQOD","tlshash":"4902bff42853a1167af80f37272e110919518a5dceba4bc4eb9fe5714cc660ab0f96a3","first_seen":"2025-08-04T10:57:59.114675Z","last_seen":"2026-01-11T12:22:06.599411Z","times_seen":13,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":3,"dns":22,"connect":1,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"tp.suppercacheimages.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}