{"report_id":"c4c152b1-9b0b-4372-b72e-2051ce88e61a","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-03-04T22:20:50Z","url":{"schema":"http","addr":"zoomsecure.sbs","fqdn":"zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.zoomsecure.sbs/","fqdn":"www.zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"title":"Get Zoom Workplace - Microsoft Store","dom":{"size":15788,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2258fc7398bf10a52db3eef0b84ac723","sha1":"17d7f394ef6127a3556ad50e9034178eea7e2485","sha256":"cef18c089e59b6331a0f88311c81f879be390513f8a58d007eb9c23e1ada2700","sha512":"88b550d722e86c31b81f191c8a48612bcb40c05abba82a9f1abd5b37ba905d4dc48d4a87c692b20818898062dacaa23fdda8fe2da919ea1a0d805a8716a0a722","ssdeep":"192:xr4r0FOJlkDFXr0m7I+UWGvEBu6ca9idzEh93TFjufJksPJFeWe2uhfo378JEO40:6SFcgl9mPZe2uhM8uO4Wyvx+im","tlshash":"7b62968a96f300622913a4b67fbb67063761d107c60ece693eec53588fc999598737cc","dom_hash":"domhash22ba9add7b334b33dc4dca51ae009de3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zoomsecure.sbs","fqdn":"zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T22:20:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-04","alert":"Detects file containing Telegram Bot API","trigger":"www.zoomsecure.sbs/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"us01st-cf.zoom.us","ip":{"addr":"52.84.151.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2002-04-24","domain_rank":1389468,"first_seen":"2026-02-24T14:13:09.081341Z","last_seen":"2026-02-24T14:13:09.081341Z","alert_count":0,"request_count":1,"received_data":2791,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"st1.zoom.us","ip":{"addr":"170.114.46.1","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"domain_registered":"2002-04-24","domain_rank":32910,"first_seen":"2015-02-12T22:08:18Z","last_seen":"2026-02-25T23:04:08.787859Z","alert_count":0,"request_count":1,"received_data":205272,"sent_data":486,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"zoomsecure.sbs","ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":16561,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"www.zoomsecure.sbs","ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":17182,"sent_data":930,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"assets.zoom.us","ip":{"addr":"52.84.151.30","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2002-04-24","domain_rank":633281,"first_seen":"2019-06-05T18:15:14Z","last_seen":"2026-02-24T14:13:09.806803Z","alert_count":0,"request_count":2,"received_data":1056745,"sent_data":974,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"res.cloudinary.com","ip":{"addr":"151.101.65.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2011-05-24","domain_rank":21175,"first_seen":"2012-10-03T08:31:44Z","last_seen":"2026-03-02T07:33:19.610244Z","alert_count":0,"request_count":1,"received_data":123671,"sent_data":571,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"www.zoomsecure.sbs/","fqdn":"www.zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"md5":"e8e0a8456770a416f981390c6056d70d","sha1":"f1f6bcb0e4a031066769b4b5a2b840e41b4a6119","sha256":"171b2b0e27e6cddf63c94dd14192f590507ea444fb211f071d1643f3284017bf","sha512":"5e607793548c946a8e91f7a30c3a937e417e18e7daf4cc80e5aba161de49fbf4c085133e52ca1979c2036afe340ca461142c099cb10cfff11dda072af295a486","size":3447,"token":"8679740545:AAGT9Ds_xbLxVqb6feNPXSZkuHVAq1uXDok","is_revoked":false,"bot":{"token":"8679740545:AAGT9Ds_xbLxVqb6feNPXSZkuHVAq1uXDok","user_id":"8679740545","username":"Y3spammerBot","first_name":"Y3 bot","last_name":"","chat":{"chat_id":"8013015343","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":2}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"www.zoomsecure.sbs/","fqdn":"www.zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e8e0a8456770a416f981390c6056d70d","sha1":"f1f6bcb0e4a031066769b4b5a2b840e41b4a6119","sha256":"171b2b0e27e6cddf63c94dd14192f590507ea444fb211f071d1643f3284017bf","sha512":"5e607793548c946a8e91f7a30c3a937e417e18e7daf4cc80e5aba161de49fbf4c085133e52ca1979c2036afe340ca461142c099cb10cfff11dda072af295a486","ssdeep":"","tlshash":"e261524d26b759325a2b69b7636fb7043121800b3c09dd953eadc3405f65d3680be7de","size":3447,"data":"","first_seen":"2026-03-04T22:20:55.301422Z","last_seen":"2026-03-04T22:35:08.393011Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-04","alert":"Detects file containing Telegram Bot API","trigger":"www.zoomsecure.sbs/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"us01st-cf.zoom.us/homepage/publish/backup/assets/images/zoom-logo-white.png","fqdn":"us01st-cf.zoom.us","domain":"zoom.us","tld":"us"},"ip":{"addr":"52.84.151.24","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.zoomsecure.sbs/","date":"2026-03-04T22:20:29.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zoom.us","organization":"Zoom Communications, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 29 Dec 2025 00:00:00 GMT","end":"Tue, 29 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"43:41:3B:D9:50:C4:C8:1E:B1:C4:DA:67:B5:EB:96:BF:4A:EC:7B:AF","sha256":"09:4E:8C:85:30:0C:A1:52:37:D6:7C:A5:0A:B0:44:7D:B9:AB:37:7B:B3:E5:E5:A3:18:2C:20:9E:DC:2B:0F:D1"}}},"request":{"raw":"GET /homepage/publish/backup/assets/images/zoom-logo-white.png HTTP/1.1\r\nHost: us01st-cf.zoom.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.zoomsecure.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 2021\r\ndate: Wed, 31 Dec 2025 09:06:22 GMT\r\nlast-modified: Mon, 15 Dec 2025 20:41:06 GMT\r\netag: \"f3af5d80586845ceee67e93ea1425708\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nvia: 1.1 3c40a0775e2798dc9f20a237d0225e44.cloudfront.net (CloudFront)\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 5490848\r\naccess-control-allow-methods: GET, PUT, POST, DELETE, HEAD\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000;\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains;\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: K-eb1k7IlpjvTGOyR5DfSM9TwDemqIPAbMZnVuLHm1YF08Jvi7UWFg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":2021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 188 x 43, 8-bit/color RGBA, non-interlaced","md5":"f3af5d80586845ceee67e93ea1425708","sha1":"c58c2913de925b6dfbe3ffdcd233beabc55e1c2a","sha256":"dbf86c72c1e35a279d8cc973bc42473e46229844f62cc772ff73fe40de9e48fc","sha512":"ffa656f462c593e68f42e7b2de6402f6797157f785f6189faa81ea718e9355d78fd1f5308ee7f9465161803c9f876669a63c934ec91c91af25d744c3a7dec45a","ssdeep":"","tlshash":"5a414ce94ee7514b40bbc63873d6917fb362500a1e77d7419c0e34f5ec24882c68cb20","first_seen":"2025-12-10T21:02:28.469897Z","last_seen":"2026-06-05T20:01:20.483398Z","times_seen":80,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":243,"dns":23,"connect":99,"send":0,"wait":100,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st1.zoom.us/homepage/publish/primary/assets/img/platform/collaboration.png","fqdn":"st1.zoom.us","domain":"zoom.us","tld":"us"},"ip":{"addr":"170.114.46.1","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.zoomsecure.sbs/","date":"2026-03-04T22:20:29.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zoom.us","organization":"Zoom Communications, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 29 Dec 2025 00:00:00 GMT","end":"Tue, 29 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"43:41:3B:D9:50:C4:C8:1E:B1:C4:DA:67:B5:EB:96:BF:4A:EC:7B:AF","sha256":"09:4E:8C:85:30:0C:A1:52:37:D6:7C:A5:0A:B0:44:7D:B9:AB:37:7B:B3:E5:E5:A3:18:2C:20:9E:DC:2B:0F:D1"}}},"request":{"raw":"GET /homepage/publish/primary/assets/img/platform/collaboration.png HTTP/1.1\r\nHost: st1.zoom.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.zoomsecure.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 22:20:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 204556\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 498327\r\ncache-control: public, max-age=31536000\r\netag: \"917ff8e5c16f72de8ecbdc6001b8ddb2\"\r\nexpires: Thu, 04 Mar 2027 22:20:29 GMT\r\nlast-modified: Fri, 19 Sep 2025 23:40:49 GMT\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\naccess-control-request-method: GET\r\ncross-origin-resource-policy: cross-origin\r\nx-amz-server-side-encryption: AES256\r\nx-amz-storage-class: INTELLIGENT_TIERING\r\nserver: cloudflare\r\ncf-ray: 9d7444ba0f9532fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":204556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1121 x 840, 8-bit colormap, non-interlaced","md5":"917ff8e5c16f72de8ecbdc6001b8ddb2","sha1":"aed756402f4813991a7e60f53b2941b849806801","sha256":"fd5f01f71820b14dccedeeb386bea2226d254105962df3b4d4294e1f24a1beb8","sha512":"4b3c67d4d95e049270c1f2534a2cfac35319de4b967abb00f604970cff2b85430d19b9e222bd2438c4242b17d546f40ca456a57242519b1500ff42ed8fc251e6","ssdeep":"6144:tzOtZrmmOOMBr3EMsOEnZMVPCUslcIBgd1:5OzrKpNsCVPBslfo1","tlshash":"d21413144718f217a4ee6a25ee9d34ca13c3c807658af4abdf63f9b42c5835ccc5d0a9","first_seen":"2025-09-25T06:46:12.403325Z","last_seen":"2026-03-23T09:24:43.071316Z","times_seen":68,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":35,"dns":20,"connect":1,"send":0,"wait":94,"receive":17,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zoomsecure.sbs/","fqdn":"zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T22:20:28.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zoomsecure.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 17:51:57 GMT","end":"Tue, 02 Jun 2026 17:51:56 GMT"},"fingerprint":{"sha1":"99:B3:9A:2E:D8:FB:30:02:55:80:95:23:F5:B5:27:67:87:DF:D5:80","sha256":"31:41:A1:B4:DD:74:27:2B:F3:CD:6A:4F:0E:7E:1E:25:C8:D3:35:AF:3A:E5:A5:A4:68:43:64:C9:1E:F4:FB:76"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zoomsecure.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Wed, 04 Mar 2026 22:20:28 GMT\r\nlocation: https://www.zoomsecure.sbs/\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::br9vf-1772662828710-af75962a67f2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":16242,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":111,"dns":79,"connect":1,"send":0,"wait":10,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.zoomsecure.sbs/","fqdn":"www.zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T22:20:28.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zoomsecure.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 17:52:01 GMT","end":"Tue, 02 Jun 2026 17:52:00 GMT"},"fingerprint":{"sha1":"E7:60:41:5E:E9:82:AF:AB:AC:F5:A7:66:1C:E2:07:EB:53:28:7F:6F","sha256":"A3:DD:6B:73:65:1E:A2:FB:68:13:19:D4:F8:66:A2:45:56:1D:42:93:94:9D:E5:A7:3B:92:5B:40:B4:70:C6:E2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.zoomsecure.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 12108\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 04 Mar 2026 22:20:28 GMT\r\netag: \"f311264b0d9b43004a75b7f1dc9140b4\"\r\nlast-modified: Wed, 04 Mar 2026 18:58:40 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::2j74h-1772662828904-fa59f5169e82\r\ncontent-length: 5065\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":16242,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"f311264b0d9b43004a75b7f1dc9140b4","sha1":"9a4ee302e928da0365dbfd88b96ef197654c4215","sha256":"994a0633e72df7e264ad982e3dfa67487999a824625eeaade99393e4828e3f76","sha512":"73fb71fe280fc9ae7d2621af0d7c20508093a348083635cc7822546941fd2c2ec1295a0b70024b030555bc2403584fc808cdfcbc13d60d76779d11811ae4c596","ssdeep":"192:Nr4r0FOJlkDFXr0m7I+UWGvEBu6ca9idzEh93TFjufJeqsZAJ6q3VdFtSfs978JL:2SFcgl99AsOVdFtSs8uO4Wyvx+i+","tlshash":"c272958aa6f30062291764b66fb767063761d107c60dcead3eec53588fca99198733cc","first_seen":"2026-03-04T22:20:55.287317Z","last_seen":"2026-03-04T22:35:08.388942Z","times_seen":2,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":170,"dns":140,"connect":1,"send":0,"wait":10,"receive":13,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-04","alert":"Detects file containing Telegram Bot API","trigger":"www.zoomsecure.sbs/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"assets.zoom.us/preview/meetings/multi-speaker-layout.png","fqdn":"assets.zoom.us","domain":"zoom.us","tld":"us"},"ip":{"addr":"52.84.151.30","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.zoomsecure.sbs/","date":"2026-03-04T22:20:29.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zoom.us","organization":"Zoom Communications, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 29 Dec 2025 00:00:00 GMT","end":"Tue, 29 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"43:41:3B:D9:50:C4:C8:1E:B1:C4:DA:67:B5:EB:96:BF:4A:EC:7B:AF","sha256":"09:4E:8C:85:30:0C:A1:52:37:D6:7C:A5:0A:B0:44:7D:B9:AB:37:7B:B3:E5:E5:A3:18:2C:20:9E:DC:2B:0F:D1"}}},"request":{"raw":"GET /preview/meetings/multi-speaker-layout.png HTTP/1.1\r\nHost: assets.zoom.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.zoomsecure.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 609431\r\ndate: Wed, 04 Mar 2026 11:12:32 GMT\r\nlast-modified: Wed, 28 Feb 2024 21:23:16 GMT\r\netag: \"5d97814748eca3e2b2f46475ad13bf70\"\r\nx-amz-storage-class: INTELLIGENT_TIERING\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Yujbbb16fXsSAY7Way68OB8E_YseDSfo\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f73d71dfa047571774d2c0460e5108ec.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: 7-HZzAmabjxGhF8SMk5OVqziZcJnRoUVIcDVwP5lp14gG2YzdoH5Cw==\r\nage: 40078\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":609431,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 820 x 615, 8-bit/color RGBA, non-interlaced","md5":"5d97814748eca3e2b2f46475ad13bf70","sha1":"0115bee203ef28bda0e203d7a096d577387ae482","sha256":"e2c874adfc8550e1398ba7fbe16834e5aa55e7fceef613ae67e6c6c75068d04c","sha512":"fa6e8c7ccf8d9e41764a34013d5f15f989ae0d4be1642f70ae2969c739d36b4ff98e50b9b8828a4fb37f573fa54b88ae522676970e2f9ccdf9d496f2497a8fa4","ssdeep":"12288:Snb4T6mjaX8YC2fIulTFMWjI4TCYx0jOLKAXjklR+4hc2qrpWEADo4yoW:kn4aXa2fdlTVx0jOLKAXj4R+4hWrpSDC","tlshash":"61d423c54403458e26ff226e262b9a96355033c1281d907f81986a173e37f77ff7ac6a","first_seen":"2026-02-24T14:13:13.096049Z","last_seen":"2026-03-04T22:37:05.325353Z","times_seen":5,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":82,"dns":28,"connect":23,"send":0,"wait":30,"receive":111,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.zoomsecure.sbs/favicon.ico","fqdn":"www.zoomsecure.sbs","domain":"zoomsecure.sbs","tld":"sbs"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.zoomsecure.sbs/","date":"2026-03-04T22:20:29.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.zoomsecure.sbs","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 17:52:01 GMT","end":"Tue, 02 Jun 2026 17:52:00 GMT"},"fingerprint":{"sha1":"E7:60:41:5E:E9:82:AF:AB:AC:F5:A7:66:1C:E2:07:EB:53:28:7F:6F","sha256":"A3:DD:6B:73:65:1E:A2:FB:68:13:19:D4:F8:66:A2:45:56:1D:42:93:94:9D:E5:A7:3B:92:5B:40:B4:70:C6:E2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.zoomsecure.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.zoomsecure.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Wed, 04 Mar 2026 22:20:29 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-error: NOT_FOUND\r\nx-vercel-id: arn1::ht557-1772662829541-e9848aebcbe6\r\ncontent-length: 79\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":79,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"2e09a6809f634443dea45639e51f46c3","sha1":"398a1693e94b09cb59c51a9a3109c6e78ffc363b","sha256":"3cf0be5b12d36dc1ae1b3337e8a53355668d9cc34647e2be68e82054ac43f0b7","sha512":"2f45f86644ff31d525f5615031e0d90e35e7be6bb753d38a18d5e0f5f1b6587649fc873fe4fd92128da428b820ae75793418e28e04e63188b67b670e37937424","ssdeep":"","tlshash":"14a0121d06540d4e33c00800115211b8045401129ef1a70060cdb704510148d6340485","first_seen":"2026-03-04T22:20:55.293867Z","last_seen":"2026-03-04T22:20:55.293867Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.zoom.us/images/en-us/desktop/generic/in-meeting/50-participant-gallery-view-example.png","fqdn":"assets.zoom.us","domain":"zoom.us","tld":"us"},"ip":{"addr":"52.84.151.30","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.zoomsecure.sbs/","date":"2026-03-04T22:20:29.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.zoom.us","organization":"Zoom Communications, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 29 Dec 2025 00:00:00 GMT","end":"Tue, 29 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"43:41:3B:D9:50:C4:C8:1E:B1:C4:DA:67:B5:EB:96:BF:4A:EC:7B:AF","sha256":"09:4E:8C:85:30:0C:A1:52:37:D6:7C:A5:0A:B0:44:7D:B9:AB:37:7B:B3:E5:E5:A3:18:2C:20:9E:DC:2B:0F:D1"}}},"request":{"raw":"GET /images/en-us/desktop/generic/in-meeting/50-participant-gallery-view-example.png HTTP/1.1\r\nHost: assets.zoom.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.zoomsecure.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 446160\r\nlast-modified: Wed, 23 Sep 2020 17:01:36 GMT\r\nx-amz-storage-class: INTELLIGENT_TIERING\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Wed, 04 Mar 2026 06:33:05 GMT\r\netag: \"026e2b1d867ee2e0fd19645084bdf065\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f73d71dfa047571774d2c0460e5108ec.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: sqeubUO4r346dHSPvMLoqfx7cqtHxoLthGmvhDnoCLVQk749g0GFvw==\r\nage: 57548\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":446160,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 640 x 400, 8-bit/color RGBA, non-interlaced","md5":"026e2b1d867ee2e0fd19645084bdf065","sha1":"96bc068bad41db022b63b4569ed3d037fac19971","sha256":"bec920b73bc21518e535b1b2f02c80bdeedd697b40e585de3d5da01686fe4085","sha512":"b0447c37e708a8ba6020e38c119750d74b56c554da2c0beb38e25329b304d494c269fd6e2ce9b382778e19e159189feb361aad2a97f7590c29b181df7357cdbc","ssdeep":"12288:cxDyJAzPiDVpYDqbpTI6WLvvBcAxhKiTDN:c5yJAzPiDVpYumJLvvBcALKiTx","tlshash":"9e942352a4df09e095d3933a8001a058a6fecc06fdde8190fd2f78396e52b77056b5fa","first_seen":"2026-02-24T14:13:13.095232Z","last_seen":"2026-03-04T22:37:05.334912Z","times_seen":5,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":89,"dns":27,"connect":31,"send":0,"wait":131,"receive":15,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"res.cloudinary.com/doxg5aia1/image/upload/v1771769777/vecteezy_zoom-logo-in-blue-colors-meetings-app-logotype-illustration_12871376-removebg-preview_adhbzk.png","fqdn":"res.cloudinary.com","domain":"cloudinary.com","tld":"com"},"ip":{"addr":"151.101.65.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.zoomsecure.sbs/","date":"2026-03-04T22:20:29.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudinary.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 23 Sep 2025 16:30:27 GMT","end":"Sun, 25 Oct 2026 16:30:26 GMT"},"fingerprint":{"sha1":"77:6B:7C:56:E5:E7:51:42:ED:61:04:B9:D9:26:38:05:21:1C:F9:06","sha256":"F7:5C:28:39:1D:C1:7D:92:F0:E1:D7:3B:EF:A5:AD:B3:36:CD:F3:E5:AA:BE:EF:53:D9:F3:D5:47:D1:F3:4D:75"}}},"request":{"raw":"GET /doxg5aia1/image/upload/v1771769777/vecteezy_zoom-logo-in-blue-colors-meetings-app-logotype-illustration_12871376-removebg-preview_adhbzk.png HTTP/1.1\r\nHost: res.cloudinary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.zoomsecure.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\netag: \"456e70e616f1a838d2e0b16ca40f14f4\"\r\nlast-modified: Sun, 22 Feb 2026 14:16:19 GMT\r\ndate: Wed, 04 Mar 2026 22:20:29 GMT\r\nstrict-transport-security: max-age=604800\r\ncache-control: public, no-transform, immutable, max-age=2592000\r\nserver-timing: cld-fastly;dur=435;cpu=162;start=2026-03-04T22:20:29.179Z;desc=miss,rtt;dur=28,content-info;desc=\"width=500,height=500,bytes=122843,format=\\\"png\\\",o=1,crt=1771769777,ef=(17)\",cloudinary;dur=148;start=2026-03-04T22:20:29.390Z\r\nserver: Cloudinary\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\naccess-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options\r\nx-request-id: b6debc6a683a2c3cd6a4ce487fd4159f\r\ncontent-length: 122843\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":122843,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"456e70e616f1a838d2e0b16ca40f14f4","sha1":"97a6f0016543e19eca333e70423f700d570f465c","sha256":"943ab002a722c962c29f47f506ff83cd81d6ba02a7771a1621c962624fe4d4a5","sha512":"eaadb1c3e4fd98bb4b8217f9a6e3ea5ea825e6d5f4194270cc90ae80ef8803477d9dc730d6eeebddee169dee79109b6348106b348a51716ac6cbc5d2b3a3d582","ssdeep":"3072:qkv3/F50+K3vQXdrEKJQ+kjHXb3Enc/R2MNz0:qAczebDQ3b3Enm2/","tlshash":"4ac312ca82c777a1051f43d782996d857618af84acd4fe7e12ebd09ea212f4f3c1d5a0","first_seen":"2026-02-24T14:13:13.093898Z","last_seen":"2026-03-04T22:37:05.333983Z","times_seen":5,"resource_available":false,"data":null}},"time_used":665,"timings":{"blocked":70,"dns":1,"connect":26,"send":0,"wait":462,"receive":59,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}