{"report_id":"aac89d5d-47da-41a0-abec-a6fb922b4e36","version":6,"status":"done","tags":[],"date":"2026-05-28T07:41:25Z","url":{"schema":"http","addr":"rb-zoom.com.cn","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":0,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rb-zoom.com.cn/","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"title":"ZOOM应用共享 - ZOOM最新版下载 | 在线会议屏幕实时同步","dom":{"size":16631,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (797)","md5":"4a2971d11c9320548bc93619fd51fea4","sha1":"7662081fe7ffe2b7a5d9d93905ca4a17a3d77dd8","sha256":"29a35398088c6e1ce10ba09b2e5a06e0511e6e053827ee61a9e0a925643678ef","sha512":"c11026d307ad7204c1406e19c2784bbf9f66cb88540ffb9a5ee102ca7afe69798ae25fccaebf0aa44332cddfd1e170a5ed2fbcad94215780f7936da3b7011495","ssdeep":"384:yWhmNza1xZ2bBsA206sr58VNeFGLqB95ltYz:fCVsA2xVNOGLqB95ltYz","tlshash":"787218b726007dbf632350e375657a8d70259937e0fa8ab899d4612b46d07ea0d2338f","dom_hash":"domhash14f8495e1d491dd8a79f04b0cf355ccb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rb-zoom.com.cn","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":0,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-02T07:41:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"rb-zoom.com.cn","ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"domain_registered":"2026-05-24","domain_rank":0,"first_seen":"2026-05-28T07:41:27.198834Z","last_seen":"2026-05-28T07:41:27.198834Z","alert_count":8,"request_count":8,"received_data":1445728,"sent_data":4680,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-06T23:16:57.988363Z","times_seen":98187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9441f01516fdb48a0abb95f60495b8de","sha1":"f046929b3c04dbec880a07c53d93806a80ca300f","sha256":"052fd89ddc2d6b63782716f8e116946f6f62ff8dfc4c3ec61de8d20cdb9bff04","sha512":"ce75e5dc908fde4ae33e5b47768b13b16f81413c4db285589048b9ef052e2fe8b152be2a5efc251687f9d025d7dc872fe56ffd4f0e4a6fe53b9fe03ba82c66ff","ssdeep":"","tlshash":"f390028684e2040b4a14a9970bd081cb0653884014346004248d7a4018e2e2a693d331","size":54,"data":"","first_seen":"2026-05-28T07:41:26.933125Z","last_seen":"2026-05-28T07:42:41.438205Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rb-zoom.com.cn/logo.png","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rb-zoom.com.cn/","date":"2026-05-28T07:41:02.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rb-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=255d5067f949de9712e4e254ceb106d9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 24 May 2026 11:07:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a12dbfa-24df\"\r\nexpires: Sat, 27 Jun 2026 07:41:03 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"fb3e9005e1b0acb0a4eac3c423447f6f","sha1":"7a80395f078ba6c806e7e1bcc8ecdab707691e03","sha256":"40a8a4df3859ee01f662437e3d9fd05a9d798826ac85c2af69e12e2f4a1c7261","sha512":"fdbc88b415462a6def02c2b71d892d2d391c67c9ae0591dd97b6a7ae94ea7c71b1ca88baeb83d49e7d32c481bb2af3e58cfd1b72a1f3ff5f6d509e72c835486b","ssdeep":"192:7hk88Lr3HEBCLNrtbtXpLEnGY9nTl81HRInGCRFBuRB7:StH3uobnLEH9Ty1HRIG2FBmB7","tlshash":"2f12b071b2825b15e56f10e76794b2a38a451c720c49d9c9d16e357507be02f8fa0c4b","first_seen":"2025-08-18T08:56:27.682172Z","last_seen":"2026-06-05T20:03:11.054432Z","times_seen":218,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/22.webp","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rb-zoom.com.cn/","date":"2026-05-28T07:41:02.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET /22.webp HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rb-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=255d5067f949de9712e4e254ceb106d9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 587827\r\nlast-modified: Sun, 24 May 2026 11:12:16 GMT\r\netag: \"6a12dd10-8f833\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":587827,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 1891 x 793, 8-bit/color RGB, non-interlaced","md5":"5393337cfd345dd533914fa8f6650676","sha1":"24e7925fd58a80c92dbc9405b127d579bbe9df78","sha256":"f96656db509910ca760e4445cd4810703e2174684eb10a75c864a1c93cf9078f","sha512":"ef97dc802e65e458ae5dc3bbf9690a616d12151ef4d9723eb56dca97c252abe9298e3e82b7d8593393b50b0a656ca4b8ac7fc0af42b396468f29b44cdf8eac45","ssdeep":"12288:PmuYjlJgPTs/tGabl4jbqPi4CiCwXL1W+o1kVYIQmw/:PmuYjlJgbM5R4jb22471W+ooYILw/","tlshash":"d2c4234a8174e125c33aa418d24107d751b23dede87860d66dbcdbe1056bfcaf894bf2","first_seen":"2026-05-28T07:41:26.909895Z","last_seen":"2026-05-28T07:41:30.894582Z","times_seen":2,"resource_available":false,"data":null}},"time_used":900,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":604,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/images/7.webp","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rb-zoom.com.cn/","date":"2026-05-28T07:41:02.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET /images/7.webp HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rb-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=255d5067f949de9712e4e254ceb106d9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 246062\r\nlast-modified: Sun, 24 May 2026 11:04:16 GMT\r\netag: \"6a12db30-3c12e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":246062,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 800 x 400, 8-bit/color RGB, non-interlaced","md5":"6f9423a20745266071bab73eefbac479","sha1":"3a78f09a65cfc33836af929358279bf7ce89e9f7","sha256":"32f722c3f9aa760c15d9ae606da8f555296a455f25ed481355fb0c0b6824a03a","sha512":"d5b4c26c193177baa9fd9e5847af18347dfa7e5037066fd4799fc625c5a3fc372e59a5a650193865c42aa4d90c4b918fcf763e38838c9d9daf55285541def251","ssdeep":"6144:nTa1P03Zvkies2DIY25ktRrer2ZtjdbJL9ydhOupd:nTuOZt2F25ktpeYtjdl9kOupd","tlshash":"123423aa0375e2d5b138ec59c937481cb7291186e0c30d7876fda16a397a12f168e7e8","first_seen":"2026-05-28T07:41:30.90432Z","last_seen":"2026-05-28T07:41:30.90432Z","times_seen":1,"resource_available":false,"data":null}},"time_used":883,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":441,"receive":442,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/logo.png","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rb-zoom.com.cn/","date":"2026-05-28T07:41:04.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rb-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=255d5067f949de9712e4e254ceb106d9; __vtins__3Q2GYoJ1hUyLRrBy=%7B%22sid%22%3A%20%22d2c1d94e-a4da-5870-9f07-6d7b2f1404c8%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201779955864355%2C%20%22ct%22%3A%201779954064355%7D; __51uvsct__3Q2GYoJ1hUyLRrBy=1; __51vcke__3Q2GYoJ1hUyLRrBy=9a47d2a1-7400-52cc-8245-9261bab5531d; __51vuft__3Q2GYoJ1hUyLRrBy=1779954064360\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:04 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 24 May 2026 11:07:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a12dbfa-24df\"\r\nexpires: Sat, 27 Jun 2026 07:41:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"fb3e9005e1b0acb0a4eac3c423447f6f","sha1":"7a80395f078ba6c806e7e1bcc8ecdab707691e03","sha256":"40a8a4df3859ee01f662437e3d9fd05a9d798826ac85c2af69e12e2f4a1c7261","sha512":"fdbc88b415462a6def02c2b71d892d2d391c67c9ae0591dd97b6a7ae94ea7c71b1ca88baeb83d49e7d32c481bb2af3e58cfd1b72a1f3ff5f6d509e72c835486b","ssdeep":"192:7hk88Lr3HEBCLNrtbtXpLEnGY9nTl81HRInGCRFBuRB7:StH3uobnLEH9Ty1HRIG2FBmB7","tlshash":"2f12b071b2825b15e56f10e76794b2a38a451c720c49d9c9d16e357507be02f8fa0c4b","first_seen":"2025-08-18T08:56:27.682172Z","last_seen":"2026-06-05T20:03:11.054432Z","times_seen":218,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-28T07:41:02.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:02 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 24 May 2026 11:58:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a12e7d5-4105\"\r\nset-cookie: server_name_session=255d5067f949de9712e4e254ceb106d9; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (797)","md5":"3d177bd9e9413655648b502699bba83b","sha1":"13aafbbd414935887d2a628df41c47c24e031f4e","sha256":"4775b37809bf4ead42a3ee33e1ebe7cfdf776763b8a3b2c6cec587fa512a61a1","sha512":"4ce8fa28dccbd07c6fd28abb0575d449614a534a13564f6e880ff980f2ca4f750231378cf31bb456a957fee87fc00698cf9b18d0a99390b57132cd2c089cbc51","ssdeep":"384:khmNza1xZ2bBsA206sv58VNeFGLqB95ltYX:aCVsA2LVNOGLqB95ltYX","tlshash":"707208b726007dbf632350e375657a8d70259d37e0fa8ab899d4612b46d07ea0d2334f","first_seen":"2026-05-28T07:41:30.907Z","last_seen":"2026-05-28T07:41:30.907Z","times_seen":1,"resource_available":true,"data":null}},"time_used":874,"timings":{"blocked":359,"dns":62,"connect":146,"send":0,"wait":154,"receive":0,"ssl":150},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/images/8.webp","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rb-zoom.com.cn/","date":"2026-05-28T07:41:02.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET /images/8.webp HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rb-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=255d5067f949de9712e4e254ceb106d9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3186\r\nlast-modified: Sun, 24 May 2026 11:01:24 GMT\r\netag: \"6a12da84-c72\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3186,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 474x315, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"62effadb673b63875e45da0bb4282e77","sha1":"5391c12573c77a2e99b1cb193ac6ac99a1a51458","sha256":"cedf3dd22c332e7356cd74e561c76d636568b0e2b0953b34dd57f43ff94bc666","sha512":"3a1c5f69db804bae4c5f5bc939565fae036debde75b5bb3b2614b553880064a3f142c04437a0ebe09910a60e43de15fa70e901c893f45f2f25e22a8442c4d943","ssdeep":"","tlshash":"27616bb51b72e8593bd2b34812a029d1c262a4ecba6a7285bd458f41fcac4d87c0230e","first_seen":"2026-05-28T07:41:30.909471Z","last_seen":"2026-05-28T07:41:30.909471Z","times_seen":1,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":441,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/33.webp","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rb-zoom.com.cn/","date":"2026-05-28T07:41:02.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET /33.webp HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rb-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=255d5067f949de9712e4e254ceb106d9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:03 GMT\r\ncontent-type: image/webp\r\ncontent-length: 568236\r\nlast-modified: Sun, 24 May 2026 11:12:20 GMT\r\netag: \"6a12dd14-8abac\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":568236,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 1885 x 502, 8-bit/color RGB, non-interlaced","md5":"fe4c2631f2620a7ebecbc51df60a1eee","sha1":"19d067b760abc3cb709b8535efd3583aeb7ffe74","sha256":"d125b4b1c147092e5a8b57718b278d5fde4852cab5853462eaaedaf7f32ef8e3","sha512":"725de4a15b9e42c08c3a3610a5a28de3a79f1a7b7553636c958231c0feea4d26d35d99e78a6017801655c1574992ad67d4022d6c342ea1493d94b5015bedf156","ssdeep":"12288:qiotux1Gl47Hhcr3EZDdGoShesmvg/9zD7RXhw2icNA:qP0T7ghbH9VXPi5","tlshash":"85c423a6e0404557ffa810b8729d6f0be44195f1858ec4de6237c3e879ee3510eeabc2","first_seen":"2026-05-28T07:41:26.924668Z","last_seen":"2026-05-28T07:42:41.431272Z","times_seen":4,"resource_available":false,"data":null}},"time_used":912,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":441,"receive":471,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rb-zoom.com.cn/favicon.ico","fqdn":"rb-zoom.com.cn","domain":"rb-zoom.com.cn","tld":"com.cn"},"ip":{"addr":"154.26.224.195","port":443,"asn":8796,"as":"FD-298-8796","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rb-zoom.com.cn/","date":"2026-05-28T07:41:04.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.rb-zoom.com.cn","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 10:32:42 GMT","end":"Sat, 22 Aug 2026 10:32:41 GMT"},"fingerprint":{"sha1":"72:3A:95:CA:FF:F2:B8:C1:72:4D:CD:B0:15:DF:68:E2:6D:FB:8E:CE","sha256":"64:90:B7:BA:15:C5:3C:DA:86:03:40:3E:62:83:6F:E6:3F:DC:51:CD:F4:A6:63:E9:07:13:A1:15:C4:3B:EB:75"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rb-zoom.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rb-zoom.com.cn/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=255d5067f949de9712e4e254ceb106d9; __vtins__3Q2GYoJ1hUyLRrBy=%7B%22sid%22%3A%20%22d2c1d94e-a4da-5870-9f07-6d7b2f1404c8%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201779955864355%2C%20%22ct%22%3A%201779954064355%7D; __51uvsct__3Q2GYoJ1hUyLRrBy=1; __51vcke__3Q2GYoJ1hUyLRrBy=9a47d2a1-7400-52cc-8245-9261bab5531d; __51vuft__3Q2GYoJ1hUyLRrBy=1779954064360\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 28 May 2026 07:41:04 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1102\r\nlast-modified: Sun, 24 May 2026 11:08:06 GMT\r\netag: \"6a12dc16-44e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1102,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"6f036a374842114eb04e4d009d141ea4","sha1":"6028dd364841f3de5bbac55fe662d43875c6a89b","sha256":"33ed517a99e295f916e6ec426dcf7656f4de56be1bd30d02a35a3978265c2490","sha512":"f0d7f0f13472db660d117326b4c026f0369d1095ccf3a030d5957f1384e98588ccd2e0af08f9ec3502c0ec02677fcdec265d05058cee89a76cca996656dcb219","ssdeep":"","tlshash":"c411e992ae49bf8b8d4e214a8ec85d23f33b8238073e2018d002f16457c3f4e4dc560b","first_seen":"2026-05-28T07:41:26.918069Z","last_seen":"2026-05-28T07:42:41.42235Z","times_seen":4,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"rb-zoom.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}