{"report_id":"a6d8b2bc-a676-482a-a9a6-933ef6730394","version":6,"status":"done","tags":[],"date":"2026-05-28T07:41:26Z","url":{"schema":"http","addr":"hk-zoom.com.cn","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":0,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hk-zoom.com.cn/","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"title":"ZOOM桌面共享 - ZOOM电脑版下载 | 多端屏幕协作高清云视频","dom":{"size":15933,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (866)","md5":"3c61c88dafc7403cf18d54a8b151b2f5","sha1":"5b553d1049443b549871d06279de277182b94ac4","sha256":"c4a0602eefa72941c3e22d8b2d25e78a8233f92dd6b182a16d4bd37bd1084e24","sha512":"71e10fdf66252880114772868981cd776c803f5169f0578c20ca32fd3f6553659c8f07eac5ca16feb982dcae22fe507a580d92cf384d0385b603daaf009cdc1c","ssdeep":"192:v8WwyhLv4bZkKZHqhFw20BdGKWCubT0U0vjGLscr/QzNHE6uyXGPeCz9G7JnFMT:otZHP20BdiqvjGLxrGVDGPhzU5FMT","tlshash":"2762faa31200ac6e232652d3bde9b2cdb0659a33e1b58af8a5d0753e57d07f5092734f","dom_hash":"domhash14f8495e1d491dd8a79f04b0cf355ccb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hk-zoom.com.cn","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":0,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-02T07:41:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hk-zoom.com.cn","ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"domain_registered":"2026-05-24","domain_rank":0,"first_seen":"2026-05-28T07:41:28.304225Z","last_seen":"2026-05-28T07:41:28.304225Z","alert_count":8,"request_count":8,"received_data":1799715,"sent_data":4680,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hk-zoom.com.cn/","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9441f01516fdb48a0abb95f60495b8de","sha1":"f046929b3c04dbec880a07c53d93806a80ca300f","sha256":"052fd89ddc2d6b63782716f8e116946f6f62ff8dfc4c3ec61de8d20cdb9bff04","sha512":"ce75e5dc908fde4ae33e5b47768b13b16f81413c4db285589048b9ef052e2fe8b152be2a5efc251687f9d025d7dc872fe56ffd4f0e4a6fe53b9fe03ba82c66ff","ssdeep":"","tlshash":"f390028684e2040b4a14a9970bd081cb0653884014346004248d7a4018e2e2a693d331","size":54,"data":"","first_seen":"2026-05-28T07:41:26.933125Z","last_seen":"2026-05-28T07:42:41.438205Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-06T23:16:57.988363Z","times_seen":98187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"hk-zoom.com.cn/","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-28T07:41:03.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:03 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 24 May 2026 11:56:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a12e785-3e3d\"\r\nset-cookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15933,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (866)","md5":"1aba9c11842d9bcb9e3d37c2c79f8741","sha1":"6b0cbd18c0fcb03cbbfde0d2a51c41ecf3248177","sha256":"d012b0e6a4ec3221b0ec78571c29be4b9c5ddee68565be4b52735a2bdc9dad08","sha512":"f29103d2a24f8b405b349eb30c3229d83cf379e7817cc0ebe262564c2deb33609100fd0e57bd20f15e1b76989c86023d092393f3659daac6a8b5ac9005a7f181","ssdeep":"192:D8WsyhLv4bZkKZHqhFw20BdPzWrh+OwQBT0U0vjGLscr/QzNHE6uyXGPeCz9G7J+:YtZHP20BdiqvjGLxrGVDGPhzU5FM3","tlshash":"1f62fa930200ac6e232752d3bde9b28db0669a33e1b58af8a5d0753e57d07f5092734f","first_seen":"2026-05-28T07:41:34.698994Z","last_seen":"2026-05-28T07:41:34.698994Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1019,"timings":{"blocked":435,"dns":105,"connect":172,"send":0,"wait":150,"receive":0,"ssl":153},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hk-zoom.com.cn/33.webp","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hk-zoom.com.cn/","date":"2026-05-28T07:41:04.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET /33.webp HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hk-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:04 GMT\r\ncontent-type: image/webp\r\ncontent-length: 568236\r\nlast-modified: Sun, 24 May 2026 11:12:20 GMT\r\netag: \"6a12dd14-8abac\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":568236,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 1885 x 502, 8-bit/color RGB, non-interlaced","md5":"fe4c2631f2620a7ebecbc51df60a1eee","sha1":"19d067b760abc3cb709b8535efd3583aeb7ffe74","sha256":"d125b4b1c147092e5a8b57718b278d5fde4852cab5853462eaaedaf7f32ef8e3","sha512":"725de4a15b9e42c08c3a3610a5a28de3a79f1a7b7553636c958231c0feea4d26d35d99e78a6017801655c1574992ad67d4022d6c342ea1493d94b5015bedf156","ssdeep":"12288:qiotux1Gl47Hhcr3EZDdGoShesmvg/9zD7RXhw2icNA:qP0T7ghbH9VXPi5","tlshash":"85c423a6e0404557ffa810b8729d6f0be44195f1858ec4de6237c3e879ee3510eeabc2","first_seen":"2026-05-28T07:41:26.924668Z","last_seen":"2026-05-28T07:42:41.431272Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":446,"receive":778,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hk-zoom.com.cn/images/2.webp","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hk-zoom.com.cn/","date":"2026-05-28T07:41:04.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET /images/2.webp HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hk-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:04 GMT\r\ncontent-type: image/webp\r\ncontent-length: 94061\r\nlast-modified: Sun, 24 May 2026 11:04:56 GMT\r\netag: \"6a12db58-16f6d\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94061,"size_decoded":0,"mime_type":"image/webp","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82\", baseline, precision 8, 1536x714, components 3","md5":"ed26d2baa8282622c468976d0b87c4aa","sha1":"c00446741a444b4626f6a6e402483f0313d133b8","sha256":"6cf39c0006d1749b5338b29e97291c233fa8cb0581a4d5587428fb707458a76b","sha512":"8e38d492de988a5064c72561404b6b2f11e243586ee1562e07e91890c15970e6f5a7199798433cef59c7d1ac937fa22458bba6915b4f0a0ddb27838bdb70d986","ssdeep":"1536:hNaWjjtQNkerl3fbUhVDUJ/MSdWLI1T91bhwzbHVaS/Mi1LrOZP2ssFLF5pVvm6F:OWjjtQSerJcWJUSdaI1T9Fhwb8iRrOZk","tlshash":"7e939e4b9c199b43a04c47f8fe168db92f16634de8933bfe44364edb6f552211d8e02a","first_seen":"2026-05-28T07:41:34.704246Z","last_seen":"2026-05-28T07:41:34.704246Z","times_seen":1,"resource_available":false,"data":null}},"time_used":748,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":445,"receive":303,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hk-zoom.com.cn/11.webp","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hk-zoom.com.cn/","date":"2026-05-28T07:41:04.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET /11.webp HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hk-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:04 GMT\r\ncontent-type: image/webp\r\ncontent-length: 826397\r\nlast-modified: Sun, 24 May 2026 11:12:00 GMT\r\netag: \"6a12dd00-c9c1d\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":826397,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 1888 x 822, 8-bit/color RGB, non-interlaced","md5":"8ef5aa52ac1e8b0a9beaf3837098ad02","sha1":"d09dab5b4e4612feb410f5a30c53cc558c3f893d","sha256":"2001fd725a69576c9df97d0d080b821f57a5fb037f01e1c62525514107e36f7a","sha512":"e3461a016604a5be31be21c8c74570c5a678bd62f61e16fe4e93ecf545649bbb20ff7ae8ebe356e18f2bd19086a563fb15a4078564ad463b95798f304b5b17a9","ssdeep":"12288:IEj2Z0zB8KN2a86wmDK/QvegXersd91SZF9ykTCkhyispubNAQ9JjI/K+qw+VEP2:IEyZiY67DKUtXMG91S5Vvl5aKDVt","tlshash":"2c0533c3ab262b27fb4b4d67530b948c9ec1d9b3f2b41020c969d685672cd6cde41f26","first_seen":"2026-05-28T07:41:34.707456Z","last_seen":"2026-05-28T07:42:41.428963Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":910,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hk-zoom.com.cn/logo.png","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hk-zoom.com.cn/","date":"2026-05-28T07:41:05.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hk-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0; __vtins__3Q2GYoJ1hUyLRrBy=%7B%22sid%22%3A%20%228a424efc-ac28-5359-82e0-7f959d468e30%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201779955864963%2C%20%22ct%22%3A%201779954064963%7D; __51uvsct__3Q2GYoJ1hUyLRrBy=1; __51vcke__3Q2GYoJ1hUyLRrBy=d844cd62-3ef4-542d-8f6a-01de06369da8; __51vuft__3Q2GYoJ1hUyLRrBy=1779954064968\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:05 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 24 May 2026 11:07:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a12dbfa-24df\"\r\nexpires: Sat, 27 Jun 2026 07:41:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"fb3e9005e1b0acb0a4eac3c423447f6f","sha1":"7a80395f078ba6c806e7e1bcc8ecdab707691e03","sha256":"40a8a4df3859ee01f662437e3d9fd05a9d798826ac85c2af69e12e2f4a1c7261","sha512":"fdbc88b415462a6def02c2b71d892d2d391c67c9ae0591dd97b6a7ae94ea7c71b1ca88baeb83d49e7d32c481bb2af3e58cfd1b72a1f3ff5f6d509e72c835486b","ssdeep":"192:7hk88Lr3HEBCLNrtbtXpLEnGY9nTl81HRInGCRFBuRB7:StH3uobnLEH9Ty1HRIG2FBmB7","tlshash":"2f12b071b2825b15e56f10e76794b2a38a451c720c49d9c9d16e357507be02f8fa0c4b","first_seen":"2025-08-18T08:56:27.682172Z","last_seen":"2026-06-05T20:03:11.054432Z","times_seen":218,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hk-zoom.com.cn/logo.png","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hk-zoom.com.cn/","date":"2026-05-28T07:41:04.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hk-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:04 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 24 May 2026 11:07:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a12dbfa-24df\"\r\nexpires: Sat, 27 Jun 2026 07:41:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"fb3e9005e1b0acb0a4eac3c423447f6f","sha1":"7a80395f078ba6c806e7e1bcc8ecdab707691e03","sha256":"40a8a4df3859ee01f662437e3d9fd05a9d798826ac85c2af69e12e2f4a1c7261","sha512":"fdbc88b415462a6def02c2b71d892d2d391c67c9ae0591dd97b6a7ae94ea7c71b1ca88baeb83d49e7d32c481bb2af3e58cfd1b72a1f3ff5f6d509e72c835486b","ssdeep":"192:7hk88Lr3HEBCLNrtbtXpLEnGY9nTl81HRInGCRFBuRB7:StH3uobnLEH9Ty1HRIG2FBmB7","tlshash":"2f12b071b2825b15e56f10e76794b2a38a451c720c49d9c9d16e357507be02f8fa0c4b","first_seen":"2025-08-18T08:56:27.682172Z","last_seen":"2026-06-05T20:03:11.054432Z","times_seen":218,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hk-zoom.com.cn/images/1.webp","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hk-zoom.com.cn/","date":"2026-05-28T07:41:04.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET /images/1.webp HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hk-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:04 GMT\r\ncontent-type: image/webp\r\ncontent-length: 271313\r\nlast-modified: Sun, 24 May 2026 11:01:58 GMT\r\netag: \"6a12daa6-423d1\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":271313,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 800 x 400, 8-bit/color RGB, non-interlaced","md5":"f3d2acc786ec7109a84d585c8f552ae5","sha1":"96a91e16cecbdcde9efdb723a20e8812567a0d55","sha256":"ac1c9bcc9bffdc18f2ba432c14bd6db79f0583dec6cc0cc4826d5aa5c5e78753","sha512":"752537a3495dd35f538e349bb78a113882a9b8d064c04ff2ca6850570ac9cab76ea493192e171476203a81934b4714a7426bd1296ee704647a07d7bb8eece0ca","ssdeep":"6144:sURdSyM09ftR6uhMwUmmmqBAciQGAs2mT/3JwPTE6n847sq:bRgyM091gUU7Ies2C/ZIoyoq","tlshash":"9d4413b318871e6eb9f7025c7b4be13d6531c6b265e286f4c0b35719ae14b962f0b1b0","first_seen":"2026-05-28T07:41:34.715304Z","last_seen":"2026-05-28T07:41:34.715304Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":446,"receive":766,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hk-zoom.com.cn/favicon.ico","fqdn":"hk-zoom.com.cn","domain":"hk-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hk-zoom.com.cn/","date":"2026-05-28T07:41:05.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-zoom.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:28:30 GMT","end":"Sat, 22 Aug 2026 10:28:29 GMT"},"fingerprint":{"sha1":"91:1E:52:68:41:A1:B6:9D:FD:50:52:2D:AA:BA:04:EF:2C:0A:BD:E5","sha256":"31:44:20:A5:61:3B:DA:97:CD:2C:28:62:03:58:A1:C9:B6:B5:54:A2:D3:93:9C:E0:4B:6E:C6:09:E8:8D:FA:0B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hk-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hk-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=bdae09cb9f2a5ed75e415b62e532e6f0; __vtins__3Q2GYoJ1hUyLRrBy=%7B%22sid%22%3A%20%228a424efc-ac28-5359-82e0-7f959d468e30%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201779955864963%2C%20%22ct%22%3A%201779954064963%7D; __51uvsct__3Q2GYoJ1hUyLRrBy=1; __51vcke__3Q2GYoJ1hUyLRrBy=d844cd62-3ef4-542d-8f6a-01de06369da8; __51vuft__3Q2GYoJ1hUyLRrBy=1779954064968\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:05 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1102\r\nlast-modified: Sun, 24 May 2026 11:08:06 GMT\r\netag: \"6a12dc16-44e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1102,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"6f036a374842114eb04e4d009d141ea4","sha1":"6028dd364841f3de5bbac55fe662d43875c6a89b","sha256":"33ed517a99e295f916e6ec426dcf7656f4de56be1bd30d02a35a3978265c2490","sha512":"f0d7f0f13472db660d117326b4c026f0369d1095ccf3a030d5957f1384e98588ccd2e0af08f9ec3502c0ec02677fcdec265d05058cee89a76cca996656dcb219","ssdeep":"","tlshash":"c411e992ae49bf8b8d4e214a8ec85d23f33b8238073e2018d002f16457c3f4e4dc560b","first_seen":"2026-05-28T07:41:26.918069Z","last_seen":"2026-05-28T07:42:41.42235Z","times_seen":4,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"hk-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}