{"report_id":"eccdfecd-f068-4f05-91a3-c1ad656855c0","version":6,"status":"done","tags":[],"date":"2026-05-31T11:41:39Z","url":{"schema":"http","addr":"clickzooms.com","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"clickzooms.com/","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"title":"Click Zooms – clickzooms","dom":{"size":69208,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20709)","md5":"2415607d5228705f1e3fbea0d5a3e2dd","sha1":"dfeecb894985eb73c1d1a6713e26e077d67d1c52","sha256":"a58c5ce2e9fe0330b1c679d983228744be4835442cbe12cd2cafca065d9df366","sha512":"5a7a6dacce6fe4a9f8a34fb38cf382eeb9f3ff852ab71f07f341d483e7343c8ee4a0223577545f2dc2d774e6f418e62aeae3c3f5c5c129a3fa6af26d249948d3","ssdeep":"1536:Cq1cmRiBmgT0cTrnbO27kI5ypDz1nT8bZobXemlUVuXwamDArj8:Cq1cmRiBmgT0cTrnbO27kI0IZobXemli","tlshash":"056397a157b048f5797f833b5e44a2146627e912ca0977d5f0f3e294758cfa20ae3b0b","dom_hash":"domhashbf9745fd9b2e3a33a326c9402bf08e3b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"clickzooms.com","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-05T11:41:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-31","alert":"Detects SocGholish obfuscated variant first observed in July 2022","trigger":"clickzooms.com/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=efaa5193bbad9c60ffd1","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"Ankit Anubhav -ankitanubhav.info","date":"2022-07-19","description":"Detects SocGholish obfuscated variant first observed in July 2022","malpedia_family":"js.fakeupdates","rule":"SocGholish_Variant_B","yarahub_author_email":"ankit.yara@inbox.ru","yarahub_author_twitter":"@ankit_anubhav","yarahub_license":"CC0 1.0","yarahub_reference_link":"https://twitter.com/ankit_anubhav/status/1549246034831781888","yarahub_reference_md5":"4fcc9569ca63cb2f5777954ac4c9290f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"df3d194a-c6bc-4440-bad9-461e0e7962fd"}}],"urlquery":null},"summary":[{"fqdn":"clickzooms.com","ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":6,"received_data":191797,"sent_data":2984,"comment":"","tags":null,"fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"clickzooms.com/wp-includes/js/wp-emoji-loader.min.js","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9747a24a6f83ebcfad9ee8a34345142","sha1":"82e03005de5a84bda21e5c6d3f0ac10436d733ad","sha256":"6095b8b44fdcdf5e8d91f12a93261f1c13516fd152947e0486fee2b3a215a489","sha512":"6184c72ec0ede48fcc949f4b03d734bd31df11f47129b348d8cc84cc0d3ce1c6de39734a2e387d199939f9decb1150df6a076e07fa38e4f82ff57926acc71b9e","ssdeep":"","tlshash":"6f61869ae77638dbb2f900f2697a0d47eb614435d6c8d438c9bea3141cb5893c274b46","size":3253,"data":"","first_seen":"2026-05-31T11:41:45.161303Z","last_seen":"2026-05-31T12:19:36.670674Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=efaa5193bbad9c60ffd1","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"f0866401d2e6bf0b38495c9f278cf96a","sha1":"78a648d27819f61c8b8678d64632d2c35ac6801f","sha256":"726ac59577c8aeeec94c61bfb7791a709e401b5d871d35c39a65cd948f6124e3","sha512":"7889b5b5b511b2d7af4752fb4d4ae4edcf96b18351224867e39c5dbff54fb6fadf3e18a40bfa35cd803d34426e95623768e64a132282f1813525a7d1844f101f","ssdeep":"768:oqEYJ8Mc56JH6u0HpQPu3iU7bwUCD2XZjVV300FKKh:YYJC0cHWujsIl39KKh","tlshash":"37031af8b2a8703183ef50b5503f040bf3366968588d8068ba65d4eb68f454a51f7fbd","size":40106,"data":"","first_seen":"2026-05-21T20:58:39.683163Z","last_seen":"2026-06-13T10:25:09.731099Z","times_seen":1707,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-31","alert":"Detects SocGholish obfuscated variant first observed in July 2022","trigger":"clickzooms.com/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=efaa5193bbad9c60ffd1","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"Ankit Anubhav -ankitanubhav.info","date":"2022-07-19","description":"Detects SocGholish obfuscated variant first observed in July 2022","malpedia_family":"js.fakeupdates","rule":"SocGholish_Variant_B","yarahub_author_email":"ankit.yara@inbox.ru","yarahub_author_twitter":"@ankit_anubhav","yarahub_license":"CC0 1.0","yarahub_reference_link":"https://twitter.com/ankit_anubhav/status/1549246034831781888","yarahub_reference_md5":"4fcc9569ca63cb2f5777954ac4c9290f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"df3d194a-c6bc-4440-bad9-461e0e7962fd"}}],"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-13T10:32:52.982764Z","times_seen":268220,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=96a846e1d7b789c39ab9","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"be31fdf0c1b991d4ae62d43750c29004","sha1":"2741b37b0171acf8ea67d90ab0927259adf9d66d","sha256":"caf7ad56bd767d2bb8c5b78dfd3c2c4e005e7d01abca7314fbaffed99c7df69d","sha512":"6bc44dd8afdcb3d01143df983b3a5c20300b0a1e9e5cf7d24d04544b2a186d8b1d0d684164489fb0eba865c4d0247001a0e37b1af65b432f03b6e3d02999f71d","ssdeep":"","tlshash":"bc517578336075b5caff4384f224d538b365dec1440b28017d2926df26aefa181e1f6a","size":3053,"data":"","first_seen":"2026-04-07T19:24:43.304892Z","last_seen":"2026-06-13T10:25:09.749078Z","times_seen":1749,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"clickzooms.com/","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-31T11:41:18.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickzooms.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 29 May 2026 00:00:00 GMT","end":"Sun, 13 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:8F:3E:08:3A:EB:0C:87:9D:47:01:09:88:A8:B9:B5:D3:38:97:38","sha256":"3B:E8:54:CD:DE:76:79:40:8E:A8:70:64:7B:E3:D9:83:4C:09:F8:3C:10:8B:A3:7E:F9:5A:18:65:0D:47:B5:5E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: clickzooms.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nlink: \u003chttps://clickzooms.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\netag: \"2327-1780227160;br\"\r\nx-litespeed-cache: hit\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12358\r\ndate: Sun, 31 May 2026 11:41:18 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]}],"data":{"size":69216,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (20709)","md5":"6d5f6599b6ed2841bb27a266061db7a5","sha1":"d8d7a3be726cb36d713e1c1770b5b8775ce2be1a","sha256":"d6637f0e54e5c4e147addce1390cb34fada3d1c412ddddd8ff764e1e3367be5e","sha512":"f9fb3e181b9f4979a67bdbf493cfbbcf0ee1c8181c41b2da385e1345f869558d61570cc04d607596f70bcc81796b3f6955b552f8502628c9bc352be20ba258eb","ssdeep":"1536:I31cmRiBmgT0cTrnbO27kI5ypDz1nT87ZMpm4wvSAIXuTVGArjF:I31cmRiBmgT0cTrnbO27kI0kZMpm4wvz","tlshash":"756397a157b048f5797f833b5e44a2186627e912ca0977d5f0f3d294758cfa20ae3b0b","first_seen":"2026-05-31T11:41:45.152412Z","last_seen":"2026-05-31T12:19:36.669757Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1128,"timings":{"blocked":403,"dns":4,"connect":161,"send":0,"wait":161,"receive":161,"ssl":235},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=96a846e1d7b789c39ab9","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickzooms.com/","date":"2026-05-31T11:41:19.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickzooms.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 29 May 2026 00:00:00 GMT","end":"Sun, 13 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:8F:3E:08:3A:EB:0C:87:9D:47:01:09:88:A8:B9:B5:D3:38:97:38","sha256":"3B:E8:54:CD:DE:76:79:40:8E:A8:70:64:7B:E3:D9:83:4C:09:F8:3C:10:8B:A3:7E:F9:5A:18:65:0D:47:B5:5E"}}},"request":{"raw":"GET /wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=96a846e1d7b789c39ab9 HTTP/1.1\r\nHost: clickzooms.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickzooms.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 10 Mar 2026 15:29:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 999\r\ndate: Sun, 31 May 2026 11:41:19 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3053,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3052)","md5":"be31fdf0c1b991d4ae62d43750c29004","sha1":"2741b37b0171acf8ea67d90ab0927259adf9d66d","sha256":"caf7ad56bd767d2bb8c5b78dfd3c2c4e005e7d01abca7314fbaffed99c7df69d","sha512":"6bc44dd8afdcb3d01143df983b3a5c20300b0a1e9e5cf7d24d04544b2a186d8b1d0d684164489fb0eba865c4d0247001a0e37b1af65b432f03b6e3d02999f71d","ssdeep":"","tlshash":"bc517578336075b5caff4384f224d538b365dec1440b28017d2926df26aefa181e1f6a","first_seen":"2026-04-07T19:24:43.304892Z","last_seen":"2026-06-13T10:25:09.749078Z","times_seen":1749,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/wp-content/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://clickzooms.com/","date":"2026-05-31T11:41:19.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickzooms.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 29 May 2026 00:00:00 GMT","end":"Sun, 13 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:8F:3E:08:3A:EB:0C:87:9D:47:01:09:88:A8:B9:B5:D3:38:97:38","sha256":"3B:E8:54:CD:DE:76:79:40:8E:A8:70:64:7B:E3:D9:83:4C:09:F8:3C:10:8B:A3:7E:F9:5A:18:65:0D:47:B5:5E"}}},"request":{"raw":"GET /wp-content/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2 HTTP/1.1\r\nHost: clickzooms.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickzooms.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 07 Jun 2026 11:41:19 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Tue, 29 Oct 2024 04:02:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 53600\r\ndate: Sun, 31 May 2026 11:41:19 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":53600,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 53600, version 1.0","md5":"a8ebc7eb54efacfda66d0a2531058ecd","sha1":"5b56dbe3d3eabe178719988f4fee76d9d4ad7079","sha256":"ce340d48531930f3f2c8b7c47d149f82c9f4413548dd216e0f4d9af94a87c374","sha512":"bde7ef9fa476ae2bf7220afadc1285dec21f1a51718f3633a82cd4d08ac0adafd02acf01db82b3c263ab8a87e2cb18a03830f302d664f4441629ec24678bf2ac","ssdeep":"1536:GcCtX6JRTj6XLzm1OSRKt9Vo3IGC9pT/UTQ+z/y:qX6DWXPmwSRIVPGC9pTREy","tlshash":"203302d1f44038206c75e3fbddecfb9434ea81aaf53945d384a658bc0f8056addb0264","first_seen":"2023-11-30T06:19:19Z","last_seen":"2026-06-13T09:49:32.027084Z","times_seen":9322,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":324,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=efaa5193bbad9c60ffd1","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickzooms.com/","date":"2026-05-31T11:41:19.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickzooms.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 29 May 2026 00:00:00 GMT","end":"Sun, 13 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:8F:3E:08:3A:EB:0C:87:9D:47:01:09:88:A8:B9:B5:D3:38:97:38","sha256":"3B:E8:54:CD:DE:76:79:40:8E:A8:70:64:7B:E3:D9:83:4C:09:F8:3C:10:8B:A3:7E:F9:5A:18:65:0D:47:B5:5E"}}},"request":{"raw":"GET /wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=efaa5193bbad9c60ffd1 HTTP/1.1\r\nHost: clickzooms.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickzooms.com/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=96a846e1d7b789c39ab9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 19 May 2026 18:30:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 14887\r\ndate: Sun, 31 May 2026 11:41:19 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":40106,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (40105)","md5":"f0866401d2e6bf0b38495c9f278cf96a","sha1":"78a648d27819f61c8b8678d64632d2c35ac6801f","sha256":"726ac59577c8aeeec94c61bfb7791a709e401b5d871d35c39a65cd948f6124e3","sha512":"7889b5b5b511b2d7af4752fb4d4ae4edcf96b18351224867e39c5dbff54fb6fadf3e18a40bfa35cd803d34426e95623768e64a132282f1813525a7d1844f101f","ssdeep":"768:oqEYJ8Mc56JH6u0HpQPu3iU7bwUCD2XZjVV300FKKh:YYJC0cHWujsIl39KKh","tlshash":"37031af8b2a8703183ef50b5503f040bf3366968588d8068ba65d4eb68f454a51f7fbd","first_seen":"2026-05-21T20:58:39.683163Z","last_seen":"2026-06-13T10:25:09.731099Z","times_seen":1707,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":332,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-31","alert":"Detects SocGholish obfuscated variant first observed in July 2022","trigger":"clickzooms.com/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=efaa5193bbad9c60ffd1","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"Ankit Anubhav -ankitanubhav.info","date":"2022-07-19","description":"Detects SocGholish obfuscated variant first observed in July 2022","malpedia_family":"js.fakeupdates","rule":"SocGholish_Variant_B","yarahub_author_email":"ankit.yara@inbox.ru","yarahub_author_twitter":"@ankit_anubhav","yarahub_license":"CC0 1.0","yarahub_reference_link":"https://twitter.com/ankit_anubhav/status/1549246034831781888","yarahub_reference_md5":"4fcc9569ca63cb2f5777954ac4c9290f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"df3d194a-c6bc-4440-bad9-461e0e7962fd"}}],"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/favicon.ico","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickzooms.com/","date":"2026-05-31T11:41:19.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickzooms.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 29 May 2026 00:00:00 GMT","end":"Sun, 13 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:8F:3E:08:3A:EB:0C:87:9D:47:01:09:88:A8:B9:B5:D3:38:97:38","sha256":"3B:E8:54:CD:DE:76:79:40:8E:A8:70:64:7B:E3:D9:83:4C:09:F8:3C:10:8B:A3:7E:F9:5A:18:65:0D:47:B5:5E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: clickzooms.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickzooms.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Sun, 31 May 2026 11:41:19 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-06-13T10:25:34.434878Z","times_seen":133493,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickzooms.com/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"clickzooms.com","domain":"clickzooms.com","tld":"com"},"ip":{"addr":"162.0.229.127","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickzooms.com/","date":"2026-05-31T11:41:19.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickzooms.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 29 May 2026 00:00:00 GMT","end":"Sun, 13 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:8F:3E:08:3A:EB:0C:87:9D:47:01:09:88:A8:B9:B5:D3:38:97:38","sha256":"3B:E8:54:CD:DE:76:79:40:8E:A8:70:64:7B:E3:D9:83:4C:09:F8:3C:10:8B:A3:7E:F9:5A:18:65:0D:47:B5:5E"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=7.0 HTTP/1.1\r\nHost: clickzooms.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickzooms.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 07 Nov 2025 19:44:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4949\r\ndate: Sun, 31 May 2026 11:41:19 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-13T10:32:52.982764Z","times_seen":268220,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}