{"report_id":"c17a66cb-7ca9-44b9-9605-5d13e55be8c1","version":6,"status":"done","tags":[],"date":"2026-05-04T09:16:21Z","url":{"schema":"http","addr":"zoomapp.us","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":0,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"final":{"url":{"schema":"https","addr":"zoomapp.us/your-file-url.exe","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"title":"404 Not Found","dom":{"size":145,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"e529da592e39a42142521f33245916f5","sha1":"bd27ebde302c145d1daa493e009ad2faaf5764c2","sha256":"a3c0f45a8bcac8dbd58fc6e4c3bdc6fb2d9c054f9301a4848aeadd72edba770b","sha512":"a0118cbb74931a81331c02db02972a74df1e2294be498c7e66a1610a86460a08fae06e414c993101c275b6f62de2ec661382a3656a6c5066dd9ec59aa4f213f5","ssdeep":"","tlshash":"59c02b0d7463b548dd03119026c33280c488c33b649ac0104882448770cf2bac0cb3b9","dom_hash":"domhash18da208b3b39949e9ba09528a720f5c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zoomapp.us","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":0,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-08T09:16:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"zoomapp.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"zoomapp.us","ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"domain_registered":"2026-05-02","domain_rank":0,"first_seen":"2026-05-04T09:15:33.389885Z","last_seen":"2026-05-04T09:15:33.389886Z","alert_count":6,"request_count":6,"received_data":7600,"sent_data":2841,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.30.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img.freepik.com","ip":{"addr":"23.36.77.72","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2010-08-04","domain_rank":178885,"first_seen":"2013-11-27T18:27:47Z","last_seen":"2026-04-27T22:10:51.152924Z","alert_count":0,"request_count":1,"received_data":6784,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img.magnific.com","ip":{"addr":"23.214.96.78","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"domain_registered":"2010-04-10","domain_rank":0,"first_seen":"2026-04-29T10:41:32.478177Z","last_seen":"2026-04-29T10:41:32.478177Z","alert_count":0,"request_count":1,"received_data":6756,"sent_data":528,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zoomapp.us/","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"bdaece72126bc9d96cd61af0c527d9e7","sha1":"9287ca8a27b65262820614b057179f31bed804c7","sha256":"013a5a0891f6df0e1ae9bc59226f822d5508e15ad4fe501f237c45502fdfdbd6","sha512":"a78348453e337cfaf49bba7070923fd40677e4b2a762ffa50540e62e34d51a3c8362c0ac9ffa7bb455bc52a6aee4eba07de61431cf27b34b8127fe5d38165291","ssdeep":"","tlshash":"d8b012caa5eb408823d7e4bac57b700a703731bf148ccb44790645012f1135f3263bc9","size":107,"data":"","first_seen":"2026-05-04T09:15:37.826138Z","last_seen":"2026-05-04T09:16:23.275388Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoomapp.us/join.html","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"c94159d4cae6fb65fbaf2e7c56a371ce","sha1":"654bcacd8929e53a329511208384e22d2c384364","sha256":"360ea9b36df4f4fb43f7831bbb67c9937dd7e20bc1929f04a6fb99a6d524ec55","sha512":"c5b8f9db2221bc924c708f6b86c5bccd4b052a3af9fa50e2559bc48f124cbe35d44c638f4a610abc98493bfa39e773610253a8be5304443538fc117e707011d2","ssdeep":"","tlshash":"53f0a71d67b284512e6ba0679bc7630c3063100b644add053acf86886fb1b17c4da7d9","size":497,"data":"","first_seen":"2026-05-04T09:15:37.827986Z","last_seen":"2026-05-04T09:16:23.276219Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"zoomapp.us/your-file-url.exe","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T09:16:17.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoomapp.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 19:34:05 GMT","end":"Fri, 31 Jul 2026 19:34:04 GMT"},"fingerprint":{"sha1":"34:A7:AC:E0:8D:E2:92:4A:FC:BE:53:F6:BB:56:97:15:F3:5F:92:99","sha256":"B4:10:EA:E1:E7:F1:7F:76:1A:68:E3:88:85:F1:62:6C:39:5D:5E:B6:94:48:4A:50:FB:F7:3A:9E:C1:AD:CE:BF"}}},"request":{"raw":"GET /your-file-url.exe HTTP/1.1\r\nHost: zoomapp.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zoomapp.us/join.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.30.0\r\nDate: Mon, 04 May 2026 09:16:17 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.30.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"59e8c498535a81a0139fe86efeca36fc","sha1":"46775ac9b08ddf059b78b5be7d0772c1666a533c","sha256":"da3c7423803ca5e8aa001512407bc02ee79651c24481c47550a3c59c84af8435","sha512":"7552c3360575c992b34502d582b928ad5d7286607b88aca5ff9684ee0dade924105f5e530160755a568769013b49584866b43823654a6ff29df6f2c48136be77","ssdeep":"","tlshash":"c5c02b2d35137c4cc963317432c37180c0c6833764ba41114480800331cf2998ac73ab","first_seen":"2026-04-15T10:09:12.626166Z","last_seen":"2026-06-28T10:21:30.56112Z","times_seen":2416,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"zoomapp.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zoomapp.us/","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T09:16:00.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoomapp.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 19:34:05 GMT","end":"Fri, 31 Jul 2026 19:34:04 GMT"},"fingerprint":{"sha1":"34:A7:AC:E0:8D:E2:92:4A:FC:BE:53:F6:BB:56:97:15:F3:5F:92:99","sha256":"B4:10:EA:E1:E7:F1:7F:76:1A:68:E3:88:85:F1:62:6C:39:5D:5E:B6:94:48:4A:50:FB:F7:3A:9E:C1:AD:CE:BF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zoomapp.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.30.0\r\nDate: Mon, 04 May 2026 09:16:00 GMT\r\nContent-Type: text/html; charset=utf-8\r\nLast-Modified: Sat, 02 May 2026 20:57:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f6653c-8ed\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.30.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2285,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"b3203ffe6d983be0ff43f640a6170c73","sha1":"fca3104e1f88a0bbc4013a35ec21d479dc85161c","sha256":"6d9c25f150442860b407d279d9faa42a545c312066110fcb113af9740f2fef95","sha512":"58a9c66e303527b59518002c4713bf3a290c4e63f6dfe9bbf87b3857ef612159e6b8b63efdb76e91fc3c9519f2dd539f38f5308b95a6474c337bf312f63e6163","ssdeep":"","tlshash":"9541218ba9971857b443e1a01bf727093296d007c14ecd693fdd61a8df80b884ab3788","first_seen":"2026-05-04T09:15:37.824897Z","last_seen":"2026-05-04T09:16:23.271864Z","times_seen":2,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":248,"dns":37,"connect":102,"send":0,"wait":103,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"zoomapp.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zoomapp.us/favicon.ico","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zoomapp.us/join.html","date":"2026-05-04T09:16:11.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoomapp.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 19:34:05 GMT","end":"Fri, 31 Jul 2026 19:34:04 GMT"},"fingerprint":{"sha1":"34:A7:AC:E0:8D:E2:92:4A:FC:BE:53:F6:BB:56:97:15:F3:5F:92:99","sha256":"B4:10:EA:E1:E7:F1:7F:76:1A:68:E3:88:85:F1:62:6C:39:5D:5E:B6:94:48:4A:50:FB:F7:3A:9E:C1:AD:CE:BF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zoomapp.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zoomapp.us/join.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.30.0\r\nDate: Mon, 04 May 2026 09:16:11 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.30.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"59e8c498535a81a0139fe86efeca36fc","sha1":"46775ac9b08ddf059b78b5be7d0772c1666a533c","sha256":"da3c7423803ca5e8aa001512407bc02ee79651c24481c47550a3c59c84af8435","sha512":"7552c3360575c992b34502d582b928ad5d7286607b88aca5ff9684ee0dade924105f5e530160755a568769013b49584866b43823654a6ff29df6f2c48136be77","ssdeep":"","tlshash":"c5c02b2d35137c4cc963317432c37180c0c6833764ba41114480800331cf2998ac73ab","first_seen":"2026-04-15T10:09:12.626166Z","last_seen":"2026-06-28T10:21:30.56112Z","times_seen":2416,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"zoomapp.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zoomapp.us/favicon.ico","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zoomapp.us/your-file-url.exe","date":"2026-05-04T09:16:17.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoomapp.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 19:34:05 GMT","end":"Fri, 31 Jul 2026 19:34:04 GMT"},"fingerprint":{"sha1":"34:A7:AC:E0:8D:E2:92:4A:FC:BE:53:F6:BB:56:97:15:F3:5F:92:99","sha256":"B4:10:EA:E1:E7:F1:7F:76:1A:68:E3:88:85:F1:62:6C:39:5D:5E:B6:94:48:4A:50:FB:F7:3A:9E:C1:AD:CE:BF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zoomapp.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zoomapp.us/your-file-url.exe\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.30.0\r\nDate: Mon, 04 May 2026 09:16:17 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.30.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"59e8c498535a81a0139fe86efeca36fc","sha1":"46775ac9b08ddf059b78b5be7d0772c1666a533c","sha256":"da3c7423803ca5e8aa001512407bc02ee79651c24481c47550a3c59c84af8435","sha512":"7552c3360575c992b34502d582b928ad5d7286607b88aca5ff9684ee0dade924105f5e530160755a568769013b49584866b43823654a6ff29df6f2c48136be77","ssdeep":"","tlshash":"c5c02b2d35137c4cc963317432c37180c0c6833764ba41114480800331cf2998ac73ab","first_seen":"2026-04-15T10:09:12.626166Z","last_seen":"2026-06-28T10:21:30.56112Z","times_seen":2416,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"zoomapp.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.freepik.com/premium-vector/zoom-icon-popular-messenger-app-communications-platform_277909-457.jpg?semt=ais_hybrid\u0026w=740","fqdn":"img.freepik.com","domain":"freepik.com","tld":"com"},"ip":{"addr":"23.36.77.72","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zoomapp.us/","date":"2026-05-04T09:16:00.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.freepik.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 02:03:12 GMT","end":"Sun, 28 Jun 2026 02:03:11 GMT"},"fingerprint":{"sha1":"80:45:6C:61:47:8D:DE:98:C2:24:3B:76:1D:DF:15:AC:F6:EC:CE:CD","sha256":"0E:5B:3B:4F:0F:D8:28:3A:77:77:4C:DE:15:B5:A0:11:D7:FA:54:A7:82:D6:F8:C8:20:1A:29:25:75:A6:DD:74"}}},"request":{"raw":"GET /premium-vector/zoom-icon-popular-messenger-app-communications-platform_277909-457.jpg?semt=ais_hybrid\u0026w=740 HTTP/1.1\r\nHost: img.freepik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zoomapp.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-length: 0\r\nlocation: https://img.magnific.com/premium-vector/zoom-icon-popular-messenger-app-communications-platform_277909-457.jpg?semt=ais_hybrid\u0026w=740\r\ncache-control: max-age=604800\r\nexpires: Mon, 11 May 2026 09:16:01 GMT\r\ndate: Mon, 04 May 2026 09:16:01 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nstrict-transport-security: max-age=63072000\r\nvary: Origin\r\nx-robots-tag: noimageai\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6324,"size_decoded":0,"mime_type":"image/avif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-29T04:31:11.099576Z","times_seen":16814267,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":52,"dns":34,"connect":1,"send":0,"wait":5,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.magnific.com/premium-vector/zoom-icon-popular-messenger-app-communications-platform_277909-457.jpg?semt=ais_hybrid\u0026w=740","fqdn":"img.magnific.com","domain":"magnific.com","tld":"com"},"ip":{"addr":"23.214.96.78","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zoomapp.us/","date":"2026-05-04T09:16:01.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.magnific.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Apr 2026 20:37:56 GMT","end":"Tue, 07 Jul 2026 20:37:55 GMT"},"fingerprint":{"sha1":"1F:0B:73:9F:64:71:D7:10:44:E5:8E:B8:D3:30:A8:66:5C:9F:E7:EA","sha256":"39:63:4B:35:1F:90:28:36:54:11:41:D7:3C:07:9F:17:25:CB:CC:18:04:0F:50:95:04:F8:0D:EE:3E:45:8E:54"}}},"request":{"raw":"GET /premium-vector/zoom-icon-popular-messenger-app-communications-platform_277909-457.jpg?semt=ais_hybrid\u0026w=740 HTTP/1.1\r\nHost: img.magnific.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zoomapp.us/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"c83ad720ddf796394d1e0c4d0c1478b4\"\r\nlast-modified: Tue, 28 Apr 2026 21:34:34 GMT\r\ncontent-length: 6324\r\ncache-control: no-transform, max-age=604800\r\nexpires: Mon, 11 May 2026 09:16:01 GMT\r\ndate: Mon, 04 May 2026 09:16:01 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nstrict-transport-security: max-age=63072000\r\ncontent-type: image/avif\r\nvary: Origin\r\nx-robots-tag: noimageai\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6324,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"1fd91a27ed5902293e45b6282c5e7620","sha1":"44966e90f66526a0099db059d3794ede2efa943c","sha256":"304cb56266236c68cd327a7719ebc1c4ff5f932868f44f23cb029cbcc6d116bb","sha512":"87e8f51cee5589120b5784b972e55b19533df9eae0360f223443d2a2d15c883dc36c28efb852262139044368c110088decda352e79743e9c9c127261fd36ff14","ssdeep":"96:rGbHiS4HdD8lDWQZBGodkoNOhBJPA7EwyMtG2t//hsCXa/7+cZQpjk+3HB8cT:rGLD49mDWIBGCkIOXhqqM5GSe7r2Bx","tlshash":"2dd19f7036535e36f430b2f06428573a87bcf71ba14053278a62be921f125394eecbca","first_seen":"2026-05-04T09:15:37.822719Z","last_seen":"2026-05-04T09:16:23.27341Z","times_seen":2,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":42,"dns":12,"connect":1,"send":0,"wait":31,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoomapp.us/favicon.ico","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zoomapp.us/","date":"2026-05-04T09:16:01.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoomapp.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 19:34:05 GMT","end":"Fri, 31 Jul 2026 19:34:04 GMT"},"fingerprint":{"sha1":"34:A7:AC:E0:8D:E2:92:4A:FC:BE:53:F6:BB:56:97:15:F3:5F:92:99","sha256":"B4:10:EA:E1:E7:F1:7F:76:1A:68:E3:88:85:F1:62:6C:39:5D:5E:B6:94:48:4A:50:FB:F7:3A:9E:C1:AD:CE:BF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zoomapp.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zoomapp.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.30.0\r\nDate: Mon, 04 May 2026 09:16:01 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.30.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"59e8c498535a81a0139fe86efeca36fc","sha1":"46775ac9b08ddf059b78b5be7d0772c1666a533c","sha256":"da3c7423803ca5e8aa001512407bc02ee79651c24481c47550a3c59c84af8435","sha512":"7552c3360575c992b34502d582b928ad5d7286607b88aca5ff9684ee0dade924105f5e530160755a568769013b49584866b43823654a6ff29df6f2c48136be77","ssdeep":"","tlshash":"c5c02b2d35137c4cc963317432c37180c0c6833764ba41114480800331cf2998ac73ab","first_seen":"2026-04-15T10:09:12.626166Z","last_seen":"2026-06-28T10:21:30.56112Z","times_seen":2416,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"zoomapp.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zoomapp.us/join.html","fqdn":"zoomapp.us","domain":"zoomapp.us","tld":"us"},"ip":{"addr":"177.7.58.202","port":443,"asn":8167,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T09:16:10.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoomapp.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 19:34:05 GMT","end":"Fri, 31 Jul 2026 19:34:04 GMT"},"fingerprint":{"sha1":"34:A7:AC:E0:8D:E2:92:4A:FC:BE:53:F6:BB:56:97:15:F3:5F:92:99","sha256":"B4:10:EA:E1:E7:F1:7F:76:1A:68:E3:88:85:F1:62:6C:39:5D:5E:B6:94:48:4A:50:FB:F7:3A:9E:C1:AD:CE:BF"}}},"request":{"raw":"GET /join.html HTTP/1.1\r\nHost: zoomapp.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zoomapp.us/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.30.0\r\nDate: Mon, 04 May 2026 09:16:11 GMT\r\nContent-Type: text/html; charset=utf-8\r\nLast-Modified: Sat, 02 May 2026 20:52:25 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f66409-da7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.30.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3495,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1689), with CRLF line terminators","md5":"cdc0e02a723cb07a85e0dd1c079b47fb","sha1":"e686724aacc4395a07451869262933622db87aba","sha256":"06fd0e07295fac2dcd0d07048a77f77954cde2f53d8206b345e44e133eb152f4","sha512":"6c5031235809d3ad7006bbdf87b399aa307dea1b74c02b776fbbf3526971498012f1ff908289051c7e7771ac7f4907f23ec18bb52ae8dd816584a9640769b957","ssdeep":"","tlshash":"ee7162db43a1046629334fa1de06f394bda3584723216a1433ee93337bf12d5c187ac5","first_seen":"2026-05-04T09:15:37.82378Z","last_seen":"2026-05-04T09:16:23.274251Z","times_seen":2,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"zoomapp.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}