{"report_id":"0c93857c-6947-4ba6-a26b-5f3c0bbb5f8e","version":6,"status":"done","tags":[],"date":"2023-09-21T00:42:14Z","url":{"schema":"https","addr":"21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","fqdn":"21onze.com.br","domain":"21onze.com.br","tld":"com.br"},"ip":{"addr":"162.241.203.46","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","fqdn":"21onze.com.br","domain":"21onze.com.br","tld":"com.br"},"title":"Capital One Sign In: Log in to access your account(s)"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T22:56:21Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"verified.capitalone.com","ip":{"addr":"2.16.174.101","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"domain_registered":"1995-03-13","domain_rank":24740,"first_seen":"2017-01-03 14:44:34","last_seen":"2023-09-20 09:36:19","alert_count":0,"request_count":1,"received_data":15995,"sent_data":435,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ecm.capitalone.com","ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"1995-03-13","domain_rank":13649,"first_seen":"2017-02-01 18:32:51","last_seen":"2023-09-20 12:16:44","alert_count":0,"request_count":11,"received_data":98256,"sent_data":5615,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-09-20 22:02:45","alert_count":0,"request_count":2,"received_data":12146,"sent_data":915,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bucolic-mandazi-68151a.netlify.app","ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-05-08","domain_rank":0,"first_seen":"2023-08-08 17:04:14","last_seen":"2023-09-20 19:35:05","alert_count":19,"request_count":19,"received_data":64483,"sent_data":8538,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.aspnetcdn.com","ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2010-10-12","domain_rank":693,"first_seen":"2012-05-24 15:35:31","last_seen":"2023-09-20 18:38:34","alert_count":0,"request_count":1,"received_data":30886,"sent_data":424,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38207,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.722665+0000\",\"flow_id\":379389784426217,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":38207,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18456,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-21T00:41:57.722665+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49130,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.722837+0000\",\"flow_id\":67399065077653,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":49130,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":45222,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-21T00:41:57.722837+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":58426,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.785059+0000\",\"flow_id\":929407591320754,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":58426,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":3185,\"start\":\"2023-09-21T00:41:57.724146+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":58438,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.787669+0000\",\"flow_id\":1596798264480536,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":58438,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-21T00:41:57.725784+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":58446,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.827341+0000\",\"flow_id\":503613123532433,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":58446,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3184,\"start\":\"2023-09-21T00:41:57.726673+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":58462,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.831317+0000\",\"flow_id\":2150745966452269,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":58462,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":936,\"bytes_toclient\":2728,\"start\":\"2023-09-21T00:41:57.728621+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":58450,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.831367+0000\",\"flow_id\":1055683924793871,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":58450,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-21T00:41:57.727567+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":58466,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.846570+0000\",\"flow_id\":55978747044991,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":58466,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-21T00:41:57.730239+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T00:41:57Z","timestamp":1695256917,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":58480,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T00:41:57.848424+0000\",\"flow_id\":958329901104208,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":58480,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-21T00:41:57.736336+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","size":602,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"807000f0003000030003c30000333cf300000c0fc0ccc3ccfc0000c000c00000000c33","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-04-09T00:36:53.847419Z","times_seen":238104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","size":20120,"data":"","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-04-08T20:32:11.802946Z","times_seen":2673,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","fqdn":"21onze.com.br","domain":"21onze.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"20a28d7f8c5d408d7c97581a400da2d0","sha1":"6ba85b91e1cbaa627505d82c2b5c7c14f250fb78","sha256":"0c108a6613c257b59fb478f79cfae51fcb460d9b8c45a5825995a0686d6340e5","sha512":"9d4e608d252955da2d63142cacfcd817295e328a79f1dd166d0dafbde6c981cbaa48432d4aa19f37bbd4a0fec84cac32bc94282a65277e3b1ac28005b1ac5c86","ssdeep":"","tlshash":"cf81dbadf7ac26aa15763039957b60883a3e3b771c416d023dbe4db43b55e0c7a12e05","size":4075,"data":"","first_seen":"2023-09-19T20:15:59Z","last_seen":"2024-08-21T06:18:43.938095Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-09T00:28:41.294522Z","times_seen":119700,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","fqdn":"21onze.com.br","domain":"21onze.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"a1bc03e6dfd24877410c06fae2f59504","sha1":"20cae06221c7108483e52c40a7a85278c801d9c8","sha256":"156f99ec569d25d9d8722518dda4d7e60b4b210ab2ce9202c8585606bad9c6af","sha512":"a56dfa1f46d7c20c3d3d99670b145e8e9b5dcbeae8d6040250dcecdc87b4aea465f4b2b184a1ee2a8cc83618af2f928c5ec649445af179b9cf43fa38faeafc80","ssdeep":"","tlshash":"60e0260ab3506d1ae0b39c8a08793009bb2973a593fcad0c3eb4ad901e7235ab004905","size":322,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2025-11-30T03:39:09.282916Z","times_seen":247,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.758Z","timestamp":1695256917758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://21onze.com.br/\r\nOrigin: https://21onze.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 27852\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"cb37fa55f3dfdd26d61901032a53644f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 96b2Bo9YFlYTrfFcQX2Rvo9AmSOQP47Hz8QmnzNMKIjIs5vNDDwCTw==\r\ncache-control: max-age=1252176\r\nexpires: Thu, 05 Oct 2023 12:31:33 GMT\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27852,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\\012- data","md5":"cb37fa55f3dfdd26d61901032a53644f","sha1":"1115e8d43a08c1f74ec1f6a886d1cb530bb9da97","sha256":"902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9","sha512":"1a3176551c4f26069e24102fc72e407737b17121e39277b86f8130f10270cc81aefab8b11f7c38d8726ecaa1f3a24b2313a8f364442bc85dc8e41513b1d6e242","ssdeep":"768:DwcUL/u/dKOTCsjdD+GLF49dhKzulthYtOtGNl+34:DwcE2/BWeVB49d0CltheO8Z","tlshash":"e0c2e1ad1b73b17bdbe24b79db8951997d24b2e00775cfa712a411b0a003a951f382c6","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-04-09T00:21:40.162477Z","times_seen":649,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":3,"connect":2,"send":0,"wait":4,"receive":1,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.792Z","timestamp":1695256917792,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://21onze.com.br/\r\nOrigin: https://21onze.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28388\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"f4e1fbca28c954a486a90828b2ee7543\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: UKrbxnA6XvXEgVu-TXphVPrBB0iMQxkeEdB_hKRsr382fqfwzgdFHA==\r\ncache-control: max-age=2152036\r\nexpires: Sun, 15 Oct 2023 22:29:13 GMT\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28388,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\\012- data","md5":"f4e1fbca28c954a486a90828b2ee7543","sha1":"7750f00fe0337120e16632ea7fff2a78b11c874a","sha256":"9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd","sha512":"637dcf053eef0e7d769863f91d229dbc8f53b1f5162628634b6849f2f947d002e4a8c69266db9376d8e52bb3eefe53c98ebefb584013a048020d35876daa88e6","ssdeep":"384:CZbzQs8AWvFV+CwE53CmqKETLKcdJTA8A9z12SkQDBkDNeDHrMR6ZWocMT12Ms0J:CZRVWvFzwK9KKwTALJn2eDrMR3ckfq","tlshash":"15d2f26c508ca59ddda7e0f2b9a45ff86ca4a11d9001578743fb67c0e3fed680980be2","first_seen":"2023-04-18T09:28:11Z","last_seen":"2026-04-09T00:21:40.171355Z","times_seen":688,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":2,"connect":2,"send":0,"wait":11,"receive":1,"ssl":92},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.795Z","timestamp":1695256917795,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_SBd.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://21onze.com.br/\r\nOrigin: https://21onze.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28188\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"d647937062406e5cc182de0cc77947d8\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: QmX7yv6RJT4hT4UTSJmqyU0reaonF3KP\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: O3lBoAqLkZUcPBtTZb4ozX77cfZvmlXBezAzB7kGcH79gTWk8WZMuQ==\r\ncache-control: max-age=2221738\r\nexpires: Mon, 16 Oct 2023 17:50:55 GMT\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28188,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28188, version 1.0\\012- data","md5":"d647937062406e5cc182de0cc77947d8","sha1":"9d4c283a4fca43ae95019091bbd0a9e1b77b97bc","sha256":"48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056","sha512":"05aa4e12f95b749c2e772e9f596ed11dc2d4d40da637e4aafbe7a2a2b97b8398fb318f180b48711cdd89de8e92ddded32b066a7ef370f6245de4cad73b21e744","ssdeep":"768:HH1az7BcIW5H7g3+Ma2ZqcHOrCG7jCzVjNbEjfO:nA+h5bE0ISMVjNwjfO","tlshash":"a1c2e1cdc8206d85be52db386469edbb0220d4b5dc341d0938a9733c075847fe2ea9fa","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-04-09T00:21:40.163167Z","times_seen":674,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":2,"connect":4,"send":0,"wait":11,"receive":1,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.799Z","timestamp":1695256917799,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5631\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5f-7918\"\r\nlast-modified: Mon, 04 May 2020 16:10:07 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 538930\r\nexpires: Tue, 10 Sep 2024 00:41:57 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=INOVZvo4IrZTUeP%2FJlFfRM%2BFoJ0CG4GvbMqK2O8QZgQiqXgWOgddPJvG8tCjZwzMouiv561goW2JdRdLMROI3RpzgtO%2FlRiUJ46UrGWDqRoOsRZsRR0%2FczZKKTIujlIycWUxp4rn\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 809e43f75c655687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5631,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-09T00:40:55.300176Z","times_seen":239582,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":11,"send":0,"wait":9,"receive":1,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/cp_common.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.797Z","timestamp":1695256917797,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/cp_common.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 204990\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDSDYHAKDX5YB7T77WDM\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":499,"timings":{"blocked":199,"dns":1,"connect":32,"send":0,"wait":26,"receive":1,"ssl":236},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/914a4a6f3a23a11a51feb0d6f6a68751.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.751Z","timestamp":1695256917751,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/914a4a6f3a23a11a51feb0d6f6a68751.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 41892\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDSD5WMFYTJ7RX0Q2FVE\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/Bootstrap.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.796Z","timestamp":1695256917796,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/Bootstrap.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://21onze.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 25544\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDSVPRFRDZYCDQSFNTFP\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":1,"connect":76,"send":0,"wait":26,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c0d84295063dcdfcd1cc1f640130de02.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.752Z","timestamp":1695256917752,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c0d84295063dcdfcd1cc1f640130de02.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 208470\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDSD56CFAEBMEAPHG7A4\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":27,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/browserDecom.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.061293546Z","timestamp":1695256918061,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/browserDecom.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 21179\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: \"af121a0c15b5dee5f7becf597ed57352-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HATJZDSDSRBV79E9YPZNG61J\r\ncontent-length: 907\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":907,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"21b219c6d0855bd870704aca6149a386","sha1":"f3a3e71129678ac2364ca565ef5cdcdff6c6be0b","sha256":"5e93965b3f8db2834e8e22ebf73a538bad7ba99fdc443a38942bf69f55c299a3","sha512":"fd26746f9665e68b8213f25c464334a5c118c250fa5d1587c344a784e56b4a469ab8bb29df042251434994c991b9c52241c5a3eb78ec9ccb55041c9f3fc444c4","ssdeep":"","tlshash":"b4117dc29b664a88360ec1a6785763686339d141cd2bde3c76b039f8bd552805013776","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T21:28:33.449625Z","times_seen":314,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.065758815Z","timestamp":1695256918065,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/serverComponent.php HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 23504\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: application/x-php\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: \"03cf249d51598e9e317827a045e53b8e-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HATJZDSDYRWPPXXVKRTZ5W3T\r\ncontent-length: 602\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":602,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (601)","md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.d7eeec1c93eef5e61473.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.081502034Z","timestamp":1695256918081,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.d7eeec1c93eef5e61473.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 208475\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: \"f699d301c9a785fdace5efdc9151313f-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDSDQ5HNHZJT118DW48T\r\ncontent-length: 9356\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":9356,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"01aed6b25e0eb3d74a5f15f51752a6a9","sha1":"c2d806ad5b0ff7c82beca75d2c8f7f1bcc6936b5","sha256":"0c4f7f58335b6375e7a4500ab43f4057d09ac3017fd5f2f408259fc762b7ab15","sha512":"27239c439e1fe9178e2b59e828966c5a3bc059a436d36f5ab761e443e2cdb6b39ad4022ebdf577ab1446edfdf06ff76ddae7edd023cc850009bb0f6414af4305","ssdeep":"384:wy2DsacMwIXZT+SRbFcWSZe5xkoodWHoon/tVp:r2DsaUOSZsp","tlshash":"8ea3a0a7f6c6016ac097cf6590b639fce63a8c00d7c7666b5d03b7b89785fc60532889","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T22:51:16.260566Z","times_seen":387,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.538Z","timestamp":1695256918538,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.17a600ea31802b45.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 105701\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDSDZ0T59W0QXKJHT2NK\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/css.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.803Z","timestamp":1695256917803,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/css.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 16142\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: \"78759fbc18d6dd8af298534fcf858866-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDSEB4S83BS4GYRC3KZP\r\ncontent-length: 27359\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27359,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (31118), with CRLF line terminators","md5":"dbfc2de4f7c9f7c851b60b41139ba060","sha1":"b4157c33443884cc743adfd5abc1763cbe6f5785","sha256":"20bb6bf4004dac223173ba5b41449186d983e80050dcfddbbc1975ae566a3e47","sha512":"3a5210282202e25093967a9261704066782054e0fad511d45a5d3b37fb6d4932f656cce3d7b640e00cfe7877a66e93a9f13201fc54ce8b2f97252bb68c4e44b6","ssdeep":"1536:ACQLzUxDgkEgGDgkEgDDgkEgEDgkEgbDgkEgNxVIjDgkEgXDgkEggHADgkEgCDgO:ACQLzba","tlshash":"bfa410b2f2c2011d33b38e7e2062a788d514d86bd1b627ed25c3b9a8b5c57bb01b751d","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T21:28:32.990818Z","times_seen":314,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":194,"dns":0,"connect":0,"send":0,"wait":52,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/web_properties.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.798Z","timestamp":1695256917798,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/web_properties.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 112033\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDT5AHA4EBVSR93CTYW4\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":206,"dns":2,"connect":30,"send":0,"wait":70,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/smartBanner.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.804Z","timestamp":1695256917804,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/smartBanner.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 140079\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDT5WTRN4CBHPZ2H9J9Q\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":192,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c344d59e90","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.754Z","timestamp":1695256917754,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c344d59e90 HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 103760\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDT5HNMGR0Q75N5WEGV4\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":1,"connect":82,"send":0,"wait":65,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/712ff787f143e2fedc740cf96cd0f80b.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.137930482Z","timestamp":1695256918137,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/712ff787f143e2fedc740cf96cd0f80b.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 162842\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDT54ZNS9W123MZ1G6WB\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.743Z","timestamp":1695256917743,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 21497\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDT5B46EQY0VFWH6ENCE\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":261,"dns":1,"connect":29,"send":0,"wait":70,"receive":0,"ssl":202},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/capital-one-logo.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.805Z","timestamp":1695256917805,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/capital-one-logo.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 41862\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: \"5551fd44a62268b80906011d6516a2c9-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDT56AK4B76W9EYAQ0TJ\r\ncontent-length: 1664\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1664,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3967), with CRLF line terminators","md5":"f0b7ad81821effc52540e39cafda48f9","sha1":"33d64bc7001f414f12bd92e740a45e5ced239add","sha256":"57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed","sha512":"ada921382d19becb6bb1efe43c7024f1bb995c84fb8c91e245731de68ab23e7959df759dc53fab8459b91eb3004334a6bd96194eb11c956a81a99b486252b727","ssdeep":"","tlshash":"a3819c79c390d3b9eed69bbc9f3260b4d08fd1ae90e5d35482a4c56035d20d8b25ecd9","first_seen":"2023-05-05T00:40:48Z","last_seen":"2026-03-31T11:41:10.334419Z","times_seen":490,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":193,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/2d6b9362638574d196874650cdb28cd6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.159146048Z","timestamp":1695256918159,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/2d6b9362638574d196874650cdb28cd6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 213375\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZDT5RR39MQX03WJ7WPB2\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/icon-user.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.16239499Z","timestamp":1695256918162,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/icon-user.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 25026\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: image/svg+xml\r\ndate: Thu, 21 Sep 2023 00:41:57 GMT\r\netag: \"2cb7bd60088678dedf1ed85bfa45d2cc-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HATJZDT5MHNHB63J24P2951S\r\ncontent-length: 584\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":584,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (584), with no line terminators","md5":"1f46c36bca03354edd25a3e35b7977db","sha1":"c002468fca8f3910fccba86c6d67602191eaeaed","sha256":"32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6","sha512":"75d96be277e58c397f846c80ed1154a910b824c349ccafa3de277dcbdbd227cfc98b7848fca0906654d80be81b4b5248d7e907fe0b843c36c43047c26e7b22c0","ssdeep":"","tlshash":"fef002e9577458fcd943ca3ad72924c62a3a70fd9a248998709864256d140ce4008888","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.182874Z","times_seen":284,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.509Z","timestamp":1695256918509,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4517\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec3-4e98\"\r\nlast-modified: Mon, 04 May 2020 16:11:47 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 29062033\r\nexpires: Tue, 10 Sep 2024 00:41:58 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=9gXP3AV%2FnBCK1exLHFLZqgx15viz5sFl10G6knjpn49Fn%2FSS3iyn9fDDAs%2Bt3gbLLFYUtTXi9RZriN8XkxdWqzocMAFL5gAiCnPRUvevsvuytihyc6JK7sg4kflHhP7GVnTqpGg7\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 809e43fb6c4656c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4517,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-04-08T20:32:11.802946Z","times_seen":2673,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.508Z","timestamp":1695256918508,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vo.msecnd.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 05 May 2023 00:00:00 GMT","end":"Sun, 28 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80","sha256":"BF:60:70:23:0A:9B:F0:F9:BC:EE:56:40:4B:F6:C3:4B:F6:BE:14:87:14:29:CF:BD:47:5C:31:E8:85:A5:7F:C3"}}},"request":{"raw":"GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1\r\nHost: ajax.aspnetcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 14190354\r\ncache-control: public,max-age=31536000\r\ncontent-type: application/javascript\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\netag: \"80288516b793d31:0\"\r\nlast-modified: Mon, 22 Jan 2018 19:27:49 GMT\r\nserver: ECAcc (ska/F6AE)\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 30394\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30394,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-09T00:28:41.294522Z","times_seen":119700,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":22,"dns":1,"connect":7,"send":0,"wait":11,"receive":4,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.538Z","timestamp":1695256918538,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.17a600ea31802b45.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 105702\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZEA1KZCC528XPDGQ3FY2\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/smartBanner.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:57.804Z","timestamp":1695256917804,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/smartBanner.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 140080\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HATJZEAA4J0Z34TF6TYBC3SR\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":192,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.782134071Z","timestamp":1695256918782,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/twitter-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"c2f1acf6f29c52f793f66b65ba91d49f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: WY8VBzDyq7FctDDX8MrQBW0rTz7Flw8l\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: YlG8YqnDOa_P8VAf9WonpQ5skgLUvinbaxHQSNVgLOzUDc_p05KEJA==\r\ncontent-length: 734\r\ncache-control: max-age=2304393\r\nexpires: Tue, 17 Oct 2023 16:48:31 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":734,"size_decoded":0,"mime_type":"text/xml; charset=utf-8","magic":"SVG Scalable Vector Graphics image\\012- XML 1.0 document text\\012- XML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"c2f1acf6f29c52f793f66b65ba91d49f","sha1":"d045195486c4bfdbefd3e812e7297db69615484d","sha256":"d1b4860dcce83c4c73736dedeafe3b09403b267d087ef721a35dbffd5e564c68","sha512":"fc865996cb25ece0d63aea5801204de3642283dbddc174c87b0dccd5aba0f017fe03cfea081930ca3cdba4bca2359a22e140f567d6f9611fc18653095d2db197","ssdeep":"","tlshash":"d0213f55c395d8fabe258204d3b175c872f4589bb5b0d2d4bbaf0827f21c8e4454c2dd","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.186981Z","times_seen":396,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.799215353Z","timestamp":1695256918799,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/facebook-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"e43c5a7e7fb8c3c12579162a4986b1ad\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: sp5rcJ_CixBIFs_Kbc9AtTIkRc82cd4R\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: J59KxPSyrzwh1_-pHbiRvwFMM3nt_ufA6PAQOEVJZIkZALIksvAUkg==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 282\r\ncache-control: max-age=2197082\r\nexpires: Mon, 16 Oct 2023 11:00:00 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":282,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (431), with no line terminators","md5":"e43c5a7e7fb8c3c12579162a4986b1ad","sha1":"7a7c6a4ce7d8fe81778e3407bb710372ac3ea3f9","sha256":"b312fb49b19387ededa2729f0c384686ce7c83811b0ea0367ef63767e612da03","sha512":"949e0cfd60a6c3bd0f427b074e411e6891d76d67e0bc40d31fc14aabe54bed79fe15b8bf5fec39e9b504f297fd597e2b72ebf157b33a414be6e971e5cf083eba","ssdeep":"","tlshash":"d3e0a3dfb7492114a11fa9d6dbbc3e24781ce0ed64cd05c91f53b628509718cd417c50","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.187943Z","times_seen":388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.779Z","timestamp":1695256918779,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/instagram-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"7ff5bca5e93664bc612cc91ae53ac496\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: FUfIizReL1r02BrKB1G0_CUQXIQQ79Tx\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: coB_AF0E8m8ED78Dtvm4EGB0n-8P_tmMBd8KBvpxdKedH9QJyXEhzg==\r\ncontent-length: 768\r\ncache-control: max-age=367393\r\nexpires: Mon, 25 Sep 2023 06:45:11 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":768,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1670), with no line terminators","md5":"7ff5bca5e93664bc612cc91ae53ac496","sha1":"6a078cc08d3f7fe2b9f06a6f20cd3b953748f45f","sha256":"bb4babc75eb6ef45fd42a6fb5f50b059473aaf36c607bef28a4aedb514e238fc","sha512":"21fbea944b4ed600bf269a8f8079364c63583700ad56ac65165775a56b953467825f177fb4d46c0d08b29019f4a70a287bf1a2ee54311b6162cb85f006195f97","ssdeep":"","tlshash":"7731d0c16670d74415ca9c59cbf2eb204563f02f14eab8d1daff8b09a54ecc9fb80844","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.191198Z","times_seen":389,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.810952578Z","timestamp":1695256918810,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/you-tube-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"0a9ec1ae291522dcb84befe6a44c3830\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 5PqSeWnBhEvAtcPgf2XAbVZCtyvnbUxM\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 61GrgK63n8h_lGzo-6PZlw-FzSgEAbs-J-4o0C9LPZwcXeaYMS7VwA==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 295\r\ncache-control: max-age=2103244\r\nexpires: Sun, 15 Oct 2023 08:56:02 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":295,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (491), with no line terminators","md5":"0a9ec1ae291522dcb84befe6a44c3830","sha1":"3236900d0d9801eb93d355a7b9be38b16ea51604","sha256":"bb29a96bd1b20b9dedd8197ce7f9a29fc742aa6555df924453b5561c6ef3564f","sha512":"ce5259558d6f047262edbedd14001d0a14da8e818048d6b2c22690ba540508b9e4b9da2353be8827996a352701f8fad6dc8f6a92ee13f6cb309a6ad2693c96f7","ssdeep":"","tlshash":"80f059e28f281c29d88fcfa8de7835a5754d05f422ed498c62e6ae2422e5f8ad544d81","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.20206Z","times_seen":388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.781Z","timestamp":1695256918781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/logos/capital-one-logo.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 20 Jan 2021 18:06:43 GMT\r\netag: W/\"f0b7ad81821effc52540e39cafda48f9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8LzbBBEj8zCeatCBoYuv1q1dFFpTcVNl\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: HdJaUvrAj5VEG9DzlICGcJdU50sF2rvFp9FpZhYE6tYcovP5XqgQKQ==\r\ncontent-length: 1732\r\ncache-control: max-age=2181215\r\nexpires: Mon, 16 Oct 2023 06:35:33 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1732,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3967), with CRLF line terminators","md5":"f0b7ad81821effc52540e39cafda48f9","sha1":"33d64bc7001f414f12bd92e740a45e5ced239add","sha256":"57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed","sha512":"ada921382d19becb6bb1efe43c7024f1bb995c84fb8c91e245731de68ab23e7959df759dc53fab8459b91eb3004334a6bd96194eb11c956a81a99b486252b727","ssdeep":"","tlshash":"a3819c79c390d3b9eed69bbc9f3260b4d08fd1ae90e5d35482a4c56035d20d8b25ecd9","first_seen":"2023-05-05T00:40:48Z","last_seen":"2026-03-31T11:41:10.334419Z","times_seen":490,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.827529002Z","timestamp":1695256918827,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/linkedin-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"4135a3d131493d86e0db3c8ad0420602\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: V4.R2G9M5ytZINKkEHFYF7hbdLSExGPo\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 4ynpoRODdMy0NFqZlQXq01IXubwYlzd97AREFp__7QRwOBOU0ttfVw==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 349\r\ncache-control: max-age=2035641\r\nexpires: Sat, 14 Oct 2023 14:09:19 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":349,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (605), with no line terminators","md5":"4135a3d131493d86e0db3c8ad0420602","sha1":"4849488ce3d7aff2ec83435520a70627144cff6a","sha256":"bb0c33cd3e05dfff3f5fe39c013a2afc5ddd457d3b76b0bc7ee231cf5d0f01f7","sha512":"2a4d52b445fd456acaff27b49d6dd7bed97c88a6dc0bdf725b3e96efc82431c468e808f167f121d069675b51dff60062ff7358d90146fe7fb76e352762a463aa","ssdeep":"","tlshash":"82f002af81064944e6068f22ce4c3c2ca71d14d5796980bcd003e63c7f8fa81bc15e72","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.178544Z","times_seen":384,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T00:41:58.83768126Z","timestamp":1695256918837,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-fdic.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: W/\"a5b2f8771a99c2670dd5183853596b4f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8xRP0pbuqhkFsGgLYTsgGzSHlkx4pEGg\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: H-Np6_9eZQP1ng_FN2ju7A_gz1t7ss5LHM5EInETUpJpRN5SPOGvkw==\r\ncontent-length: 955\r\ncache-control: max-age=286291\r\nexpires: Sun, 24 Sep 2023 08:13:29 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":955,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (1959), with no line terminators","md5":"a5b2f8771a99c2670dd5183853596b4f","sha1":"31d62e53c4839860683ff79e3866278f5ea35616","sha256":"017d9cf1015d4388c0069e8f2e147d998616605a8fdbb461cd964ff5cda545e3","sha512":"c456c0f4bed3264c85fb0336f334fd7be44ffd373230d0c5617e66ecebcaeb5faaccd815215e8ea788e6000330e5f7b2288c3c9cc66e2843f10dc00e839960c2","ssdeep":"","tlshash":"2a41adbd8754d1adeec48aec6e27e0a4e05fa259c0d1c3519266c6b111d24c9e34f8e4","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.193272Z","times_seen":390,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.799Z","timestamp":1695256918799,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-ehl.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: \"30d0ea03dfc7173265c5896affca1ad9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Cfpp_Ya_3POEKViDatTY.UH0GBjWHzjx\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: VUds1SokOgb9rdD7QoElH2jw_GpSlScadYoEUDVMVKsc8pGsgE3Y4A==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 299\r\ncache-control: max-age=745148\r\nexpires: Fri, 29 Sep 2023 15:41:06 GMT\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":299,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (437), with no line terminators","md5":"30d0ea03dfc7173265c5896affca1ad9","sha1":"3eb9550c148d3e49d67c6531a9aa6cf8acd356d0","sha256":"2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af","sha512":"5a460a10695b605ac05b4f21881751ea3a87c65245b0b3ae6a45b42bafb42f85f3df0f710afcd55a1c5ab6f0b9044a9c032dba888de3e18a5e4291b464a6f4fe","ssdeep":"","tlshash":"bde0555e87ba3a1468a087f8f3997e5253e602c9c298d2ec54f12537606d9e8819ce44","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.195536Z","times_seen":385,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verified.capitalone.com/auth/favicon.ico","fqdn":"verified.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"2.16.174.101","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://21onze.com.br/wp-includes/blocks/capitalone.com.axp/indexnew.html","date":"2023-09-21T00:41:58.854Z","timestamp":1695256918854,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"verified.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Mon, 06 Feb 2023 00:00:00 GMT","end":"Mon, 05 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:E2:45:6A:F1:39:E9:0C:AE:A5:CD:55:BE:10:72:0E:7D:B9:D5:BC","sha256":"9B:15:C9:E4:1C:60:57:83:AA:C0:E3:81:DD:7B:2F:1C:3A:33:0C:53:B1:A5:69:F0:DD:5E:A5:F9:0E:80:DE:46"}}},"request":{"raw":"GET /auth/favicon.ico HTTP/1.1\r\nHost: verified.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://21onze.com.br/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15086\r\nlast-modified: Tue, 12 Sep 2023 19:03:44 GMT\r\netag: \"d27e1739c7477b10ec6917546ae61f1d\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: c_DMsHz6KnKZy3qO7ga3vWdToiGZuAy_\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ncontent-security-policy: frame-ancestors 'none'\r\nstrict-transport-security: max-age=31622400; includeSubdomains\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-amz-cf-pop: EWR50-C1\r\nx-amz-cf-id: DAhC8iqc4r6rWxRevvVfPb8GKRmUEKF6jePjSEcRUNZ_FAzHiKtUVQ==\r\ndate: Thu, 21 Sep 2023 00:41:58 GMT\r\nset-cookie: akacd_phased_release_site_down=1695256978~rv=11~id=913f3e23d4f4f6e599904062c9e1776b; path=/; Expires=Thu, 21 Sep 2023 00:42:58 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nx-frame-options: DENY, deny\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\\012- data","md5":"d27e1739c7477b10ec6917546ae61f1d","sha1":"bb36ab8bce726ce72a2d74a8529526bca0fa515d","sha256":"5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec","sha512":"f8905a386f0d492e37d086fefd9e0eca1ef915551242554b70803f3fe89d4d7173565820f391f14f392d71861c8c43f3f8ecb4c5569491db9a2006f80bd0f64d","ssdeep":"96:WnvwwlPwSVOJilFV9HNya8arOd9e9DAthhrXTF14/sKFVNe4WiInwjr:Mf9DNF2e9DALhrjFeUmNlWz4","tlshash":"2e6262a362824eb4d8671530e9569b2dc272efea8df4fd042d387a2b4b352c5500b7c1","first_seen":"2023-04-18T09:27:51Z","last_seen":"2026-04-09T00:21:40.070992Z","times_seen":661,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":1,"connect":11,"send":0,"wait":25,"receive":1,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}