{"report_id":"851a69be-4512-48af-88ac-83efa7891017","version":6,"status":"done","tags":[],"date":"2026-02-28T12:04:58Z","url":{"schema":"http","addr":"zoommeets.us","fqdn":"zoommeets.us","domain":"zoommeets.us","tld":"us"},"ip":{"addr":"104.225.130.131","port":0,"asn":395092,"as":"SHOCK-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"zoommeets.us/","fqdn":"zoommeets.us","domain":"zoommeets.us","tld":"us"},"title":"Zoom Meeting | Secure Video Conference","dom":{"size":63600,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7733)","md5":"8ac1facc867321265573e4544e67a44c","sha1":"2d412c8c6647419ff5dc90eb90c25ba19556ba44","sha256":"f2e7e2606f12208b22be497f5ad3c45f7efc46d071aea4bdd192ae64beeb3176","sha512":"a53251f8396ff22485b7fe494b777e5838b5c185b075bc6276366a6030a39b9541055622e2bf6cf9efcec72312801cea4b1150422b45f631cc461c6f7a012ed8","ssdeep":"1536:ICsFThNIIYYmPNataxu7Jp5nl3Jzxvl1xBvV34VeZ1DT9Y3HJf5joPWiyf2o6JXg:kh1Pi","tlshash":"3b53d76921f2203d5d5b80ebeaaf235931b28147c50ec074f94d82486fd6f46a8fb6dd","dom_hash":"domhashc8c602642bf1b92b18f47346df1e5723","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zoommeets.us","fqdn":"zoommeets.us","domain":"zoommeets.us","tld":"us"},"ip":{"addr":"104.225.130.131","port":0,"asn":395092,"as":"SHOCK-1","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-04T12:04:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"zoommeets.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-02-23T04:50:45.056452Z","alert_count":0,"request_count":2,"received_data":815945,"sent_data":816,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"zoommeets.us","ip":{"addr":"104.225.130.131","port":443,"asn":395092,"as":"SHOCK-1","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":56616,"sent_data":967,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-07T20:33:26.129689Z","times_seen":39725,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoommeets.us/","fqdn":"zoommeets.us","domain":"zoommeets.us","tld":"us"},"ip":{"addr":"104.225.130.131","port":443,"asn":395092,"as":"SHOCK-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2a8ccbc598a3c942bac7bdec662eee5d","sha1":"bd040ebd43d86c6342126ca6d0d375c8e9638478","sha256":"da9f8f2b80b1c2102d42cfdcfde14bbee68da4ab8dbe5face964ad3513bf0294","sha512":"0a28e3d0abc655788cdbf3e6a69d5510383d8cdaa0b43302296634ffb24ddf57f98b67306ce243e8b9cc575acfa60e2444a956541b357787b77ed5473488b629","ssdeep":"768:zataxu7Jp5nl3Jzxvl1xBvV34VeZ1DT9Y3HJf5joPWiyf2o6JXVCWnRiWWk/Trc+:zataxu7Jp5nl3Jzxvl1xBvV34VeZ1DTf","tlshash":"d3e2635a31a320384d9f45fbaaaf125a22f3061b144ac470b95cc50d3fa5f05b5feade","size":32556,"data":"","first_seen":"2026-02-28T12:05:04.211088Z","last_seen":"2026-02-28T12:31:45.664106Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"zoommeets.us/","fqdn":"zoommeets.us","domain":"zoommeets.us","tld":"us"},"ip":{"addr":"104.225.130.131","port":443,"asn":395092,"as":"SHOCK-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-28T12:04:37.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoommeets.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 05:58:30 GMT","end":"Tue, 05 May 2026 05:58:29 GMT"},"fingerprint":{"sha1":"3A:36:6A:EF:7B:B7:88:1C:12:93:34:B7:87:8F:A2:D4:A5:0E:A9:16","sha256":"FB:2C:D3:CC:50:13:37:7B:43:E8:AA:06:89:65:D5:BE:87:93:F5:68:85:A2:37:34:36:49:1A:9B:A7:75:1D:DE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zoommeets.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Fri, 27 Feb 2026 22:57:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12939\r\ndate: Sat, 28 Feb 2026 12:04:37 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":55723,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1925)","md5":"2660a8ebc859343b5601ea0c4efb4080","sha1":"11c036c362f180bfcf18b50fee371f57064fc3e1","sha256":"bfc57b4e450a74a8af8f6a8ea3c808b49dd134e40f0e9f18f3cbdde780c245d8","sha512":"d072ea53273adfd79ae246c259c2ccda9f452753be48c33c4af31982bc4db4a21a8de6d3a1fbc25a4c936222e067b83d0f927dfb2c688b1ae05aa7b1de4a7b53","ssdeep":"1536:UCsFPIIFPJVQataxu7Jp5nl3Jzxvl1xBvV34VeZ1DT9Y3HJf5joPWiyf2o6JXVCT:6Pw","tlshash":"8843c66921f6203d595b80fbabaf135a21f38117900ec074ba4c824d2fd6f45a9fb6dd","first_seen":"2026-02-28T12:05:04.207996Z","last_seen":"2026-02-28T12:31:45.660678Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1141,"timings":{"blocked":440,"dns":170,"connect":130,"send":0,"wait":260,"receive":1,"ssl":137},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"zoommeets.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zoommeets.us/","date":"2026-02-28T12:04:38.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 08:26:32 GMT","end":"Tue, 21 Apr 2026 09:26:27 GMT"},"fingerprint":{"sha1":"90:9B:CE:CB:FE:F2:C6:A9:53:13:5D:52:B6:07:F4:B4:84:28:97:60","sha256":"61:49:94:E8:FB:D1:24:14:DF:C9:92:BE:60:84:A8:D8:37:E3:89:DC:42:7B:0A:64:D3:F2:32:FD:D0:93:4C:4B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zoommeets.us/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 28 Feb 2026 12:04:38 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::8bvsp-1772279533308-7a613d34e4d1\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 744\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HWhCsU694Bci45jXcRJJuJrAjP%2BY%2BRWm88Kv4RQ3PVDSfGRkB1FJnCWApAL4zqeXoB9w1GaeVu2lfPNdB9KEY%2FXplO1rEAHhrbBCkN8qZa0hDw%3D%3D\"}]}\r\ncf-ray: 9d4fc91a3cc1aa08-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T20:34:21.112536Z","times_seen":16220865,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":68,"dns":35,"connect":8,"send":0,"wait":14,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zoommeets.us/","date":"2026-02-28T12:04:38.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 08:26:32 GMT","end":"Tue, 21 Apr 2026 09:26:27 GMT"},"fingerprint":{"sha1":"90:9B:CE:CB:FE:F2:C6:A9:53:13:5D:52:B6:07:F4:B4:84:28:97:60","sha256":"61:49:94:E8:FB:D1:24:14:DF:C9:92:BE:60:84:A8:D8:37:E3:89:DC:42:7B:0A:64:D3:F2:32:FD:D0:93:4C:4B"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zoommeets.us/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Feb 2026 12:04:38 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::crrwr-1770516958843-e8a5a5e1e05a\r\nlast-modified: Sun, 08 Feb 2026 02:15:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 1763318\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DiwWFJA%2B0yLQwj9QWJ3Iyylu1S9BmmkPiq9ZtqAeuXTMeUIufFK%2FgJ4o7I4mw%2FSe08FYjkJooMYFGsE5ns1hvPpf0jaAbKuZmz%2BkW3SJr629IQ%3D%3D\"}]}\r\ncf-ray: 9d4fc91a5d03aa08-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-07T20:33:26.129689Z","times_seen":39725,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoommeets.us/open.php","fqdn":"zoommeets.us","domain":"zoommeets.us","tld":"us"},"ip":{"addr":"104.225.130.131","port":443,"asn":395092,"as":"SHOCK-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zoommeets.us/","date":"2026-02-28T12:04:38.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoommeets.us","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 05:58:30 GMT","end":"Tue, 05 May 2026 05:58:29 GMT"},"fingerprint":{"sha1":"3A:36:6A:EF:7B:B7:88:1C:12:93:34:B7:87:8F:A2:D4:A5:0E:A9:16","sha256":"FB:2C:D3:CC:50:13:37:7B:43:E8:AA:06:89:65:D5:BE:87:93:F5:68:85:A2:37:34:36:49:1A:9B:A7:75:1D:DE"}}},"request":{"raw":"POST /open.php HTTP/1.1\r\nHost: zoommeets.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zoommeets.us/\r\nContent-Type: application/json\r\nContent-Length: 63\r\nOrigin: https://zoommeets.us\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":63,"data":"{\"meetingId\":\"meeting-1764987494729\",\"timestamp\":1772280278685}"}},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: Content-Type\r\ncontent-length: 46\r\ndate: Sat, 28 Feb 2026 12:04:39 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":46,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"713fec8ee90097db2fdcf7f72d5b4e92","sha1":"4d3728769263818fe1f7382b87234443a530b200","sha256":"81c3a18ec602cb13d57db853d3ced10d531eaf4b0d6f10a00454b472a58a5b51","sha512":"2724d1750389928825416474a31fd24488973d133ba05e101e789ae22e511d7d6ca769b8a6c89f93110572d52263ed5e9a3fef08be7b3481f5f0a12b4d75e30e","ssdeep":"","tlshash":"ee900286114028e5974391b2302d2d8014ab005685415015514e401886145196283106","first_seen":"2025-02-06T06:19:28.737446Z","last_seen":"2026-02-28T12:31:45.662749Z","times_seen":9,"resource_available":false,"data":null}},"time_used":863,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":863,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"zoommeets.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}