{"report_id":"1d095201-b414-4537-88d3-8fd0c95c6394","version":6,"status":"done","tags":[],"date":"2023-09-21T05:42:54Z","url":{"schema":"http","addr":"ldominey.expofranchise.com.br/3mail@slurpmail.net","fqdn":"ldominey.expofranchise.com.br","domain":"slurpmail.net","tld":"com.br"},"ip":{"addr":"162.241.203.46","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"title":"Capital One Sign In: Log in to access your account(s)"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T22:55:11Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ldominey.expofranchise.com.br","ip":{"addr":"162.241.203.46","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2023-05-26","domain_rank":0,"first_seen":"2023-09-20 10:51:06","last_seen":"2023-09-21 02:02:49","alert_count":0,"request_count":1,"received_data":490,"sent_data":505,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-09-20 22:02:45","alert_count":0,"request_count":2,"received_data":12174,"sent_data":909,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bucolic-mandazi-68151a.netlify.app","ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-05-08","domain_rank":0,"first_seen":"2023-08-08 17:04:14","last_seen":"2023-09-20 19:35:05","alert_count":19,"request_count":19,"received_data":64502,"sent_data":8478,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ecm.capitalone.com","ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"1995-03-13","domain_rank":13649,"first_seen":"2017-02-01 18:32:51","last_seen":"2023-09-20 12:16:44","alert_count":0,"request_count":11,"received_data":98256,"sent_data":5597,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.aspnetcdn.com","ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2010-10-12","domain_rank":693,"first_seen":"2012-05-24 15:35:31","last_seen":"2023-09-20 18:38:34","alert_count":0,"request_count":1,"received_data":30886,"sent_data":421,"comment":"","tags":null,"fingerprints":null},{"fqdn":"verified.capitalone.com","ip":{"addr":"23.32.89.161","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"domain_registered":"1995-03-13","domain_rank":24740,"first_seen":"2017-01-03 14:44:34","last_seen":"2023-09-20 09:36:19","alert_count":0,"request_count":1,"received_data":15995,"sent_data":432,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cazzim.com","ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2023-02-06","domain_rank":0,"first_seen":"2023-02-07 04:42:41","last_seen":"2023-09-20 18:45:50","alert_count":0,"request_count":1,"received_data":156220,"sent_data":557,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35911,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.600758+0000\",\"flow_id\":506483344091830,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":35911,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":51731,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-21T05:42:39.600758+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55912,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.601110+0000\",\"flow_id\":338301014715414,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":55912,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7552,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-21T05:42:39.601110+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":33396,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.687865+0000\",\"flow_id\":728700657042138,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":33396,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-21T05:42:39.623322+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":33386,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.690055+0000\",\"flow_id\":752559200371285,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":33386,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-21T05:42:39.623189+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":33378,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.692325+0000\",\"flow_id\":1194403960947203,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":33378,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:42:39.623107+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":33376,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.694989+0000\",\"flow_id\":1559746764046772,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":33376,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-21T05:42:39.623028+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":33370,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.697481+0000\",\"flow_id\":813998707540309,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":33370,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:42:39.622933+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":33368,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.702589+0000\",\"flow_id\":443974390087915,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":33368,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:42:39.622827+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:42:39Z","timestamp":1695274959,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":33366,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:42:39.704886+0000\",\"flow_id\":1908412209135697,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.122\",\"src_port\":33366,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":936,\"bytes_toclient\":1434,\"start\":\"2023-09-21T05:42:39.622673+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"20a28d7f8c5d408d7c97581a400da2d0","sha1":"6ba85b91e1cbaa627505d82c2b5c7c14f250fb78","sha256":"0c108a6613c257b59fb478f79cfae51fcb460d9b8c45a5825995a0686d6340e5","sha512":"9d4e608d252955da2d63142cacfcd817295e328a79f1dd166d0dafbde6c981cbaa48432d4aa19f37bbd4a0fec84cac32bc94282a65277e3b1ac28005b1ac5c86","ssdeep":"","tlshash":"cf81dbadf7ac26aa15763039957b60883a3e3b771c416d023dbe4db43b55e0c7a12e05","size":4075,"data":"","first_seen":"2023-09-19T20:15:59Z","last_seen":"2024-08-21T06:18:43.938095Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a1bc03e6dfd24877410c06fae2f59504","sha1":"20cae06221c7108483e52c40a7a85278c801d9c8","sha256":"156f99ec569d25d9d8722518dda4d7e60b4b210ab2ce9202c8585606bad9c6af","sha512":"a56dfa1f46d7c20c3d3d99670b145e8e9b5dcbeae8d6040250dcecdc87b4aea465f4b2b184a1ee2a8cc83618af2f928c5ec649445af179b9cf43fa38faeafc80","ssdeep":"","tlshash":"60e0260ab3506d1ae0b39c8a08793009bb2973a593fcad0c3eb4ad901e7235ab004905","size":322,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2025-11-30T03:39:09.282916Z","times_seen":247,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","size":602,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"807000f0003000030003c30000333cf300000c0fc0ccc3ccfc0000c000c00000000c33","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-05-07T15:56:23.077368Z","times_seen":268555,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-07T15:51:06.613213Z","times_seen":126272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","size":20120,"data":"","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-05-07T14:30:04.690626Z","times_seen":2743,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"ldominey.expofranchise.com.br/3mail@slurpmail.net","fqdn":"ldominey.expofranchise.com.br","domain":"slurpmail.net","tld":"com.br"},"ip":{"addr":"162.241.203.46","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T05:42:38.892606136Z","timestamp":1695274958892,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /3mail@slurpmail.net HTTP/1.1\r\nHost: ldominey.expofranchise.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=0928aaf82893db88c6aceb44b2da9a57; path=/\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 120\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:42:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":120,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"fa7676f316ee9280ad1705b0c8343cd2","sha1":"1d30879d3c6a5fe12330a0a2a69d949b0bd25ac6","sha256":"f6756618de9b71c2e481da332033bd00fff0e0dc82ac28f441131265190e0b52","sha512":"773be74f5f3becd42de3f2de6357699b39560f2903ed8a2882076b1aede7755d6b229f065017d808defdff33dd53ed1173f013d00773f702abd0807d902fa060","ssdeep":"","tlshash":"2eb092c70db2d2050a4488a0a4a2b80e60aa60d80d95c85582d0dc79674a7df4a9ea8c","first_seen":"2023-09-21T01:15:17Z","last_seen":"2023-09-21T07:54:47Z","times_seen":95,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.648Z","timestamp":1695274959648,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5631\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5f-7918\"\r\nlast-modified: Mon, 04 May 2020 16:10:07 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 556972\r\nexpires: Tue, 10 Sep 2024 05:42:39 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=eFe%2BAy26Xq0elo3y4f5yDzzLJFMendktzavdWTRJ1efh94M7HxZDDYNEVuDVnc2lp%2BzocxevFI6xK5%2FSffK6HkEQ0dTsXvlXYqyFRlXBsb9n%2BuJAC%2BZStL3ebTo2Pm8l9A3qIPc4\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 809ffc712c69b50c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5631,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-05-07T15:58:31.993682Z","times_seen":263802,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":40,"connect":1,"send":0,"wait":8,"receive":3,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.745Z","timestamp":1695274959745,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4517\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec3-4e98\"\r\nlast-modified: Mon, 04 May 2020 16:11:47 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 29080074\r\nexpires: Tue, 10 Sep 2024 05:42:39 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Lc8DRK%2BopiRMSAwjSiJ9EHP%2F3Sp46VFoA%2BN6055bf57eAASref2Xd2diiDPF9va51vBXVrxEZMXfB3y%2BBgG1%2BMSnjsUhzqsf6JW8B6Tf664LPttQ%2BLQH8SXmp0VkQ2OZLd29EGRI\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 809ffc712c6bb50c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4517,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-05-07T14:30:04.690626Z","times_seen":2743,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/Bootstrap.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.643Z","timestamp":1695274959643,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/Bootstrap.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 55624\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460SDMGQ8KG6GK1TE5BJT\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":13,"connect":36,"send":0,"wait":27,"receive":1,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.616Z","timestamp":1695274959616,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 55377\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460SHWWNR91JRE2AJKRJR\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":239,"dns":19,"connect":36,"send":0,"wait":31,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c0d84295063dcdfcd1cc1f640130de02.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.630Z","timestamp":1695274959630,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c0d84295063dcdfcd1cc1f640130de02.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 35212\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460SJ2HGWH97FYTZW99BF\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":227,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.640Z","timestamp":1695274959640,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cazzim.com/\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28388\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"f4e1fbca28c954a486a90828b2ee7543\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: UKrbxnA6XvXEgVu-TXphVPrBB0iMQxkeEdB_hKRsr382fqfwzgdFHA==\r\ncache-control: max-age=2133994\r\nexpires: Sun, 15 Oct 2023 22:29:13 GMT\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28388,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\\012- data","md5":"f4e1fbca28c954a486a90828b2ee7543","sha1":"7750f00fe0337120e16632ea7fff2a78b11c874a","sha256":"9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd","sha512":"637dcf053eef0e7d769863f91d229dbc8f53b1f5162628634b6849f2f947d002e4a8c69266db9376d8e52bb3eefe53c98ebefb584013a048020d35876daa88e6","ssdeep":"384:CZbzQs8AWvFV+CwE53CmqKETLKcdJTA8A9z12SkQDBkDNeDHrMR6ZWocMT12Ms0J:CZRVWvFzwK9KKwTALJn2eDrMR3ckfq","tlshash":"15d2f26c508ca59ddda7e0f2b9a45ff86ca4a11d9001578743fb67c0e3fed680980be2","first_seen":"2023-04-18T09:28:11Z","last_seen":"2026-05-04T17:19:35.527377Z","times_seen":700,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":91,"connect":1,"send":0,"wait":2,"receive":2,"ssl":165},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.642Z","timestamp":1695274959642,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_SBd.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cazzim.com/\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28188\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"d647937062406e5cc182de0cc77947d8\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: QmX7yv6RJT4hT4UTSJmqyU0reaonF3KP\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: O3lBoAqLkZUcPBtTZb4ozX77cfZvmlXBezAzB7kGcH79gTWk8WZMuQ==\r\ncache-control: max-age=2203696\r\nexpires: Mon, 16 Oct 2023 17:50:55 GMT\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28188,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28188, version 1.0\\012- data","md5":"d647937062406e5cc182de0cc77947d8","sha1":"9d4c283a4fca43ae95019091bbd0a9e1b77b97bc","sha256":"48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056","sha512":"05aa4e12f95b749c2e772e9f596ed11dc2d4d40da637e4aafbe7a2a2b97b8398fb318f180b48711cdd89de8e92ddded32b066a7ef370f6245de4cad73b21e744","ssdeep":"768:HH1az7BcIW5H7g3+Ma2ZqcHOrCG7jCzVjNbEjfO:nA+h5bE0ISMVjNwjfO","tlshash":"a1c2e1cdc8206d85be52db386469edbb0220d4b5dc341d0938a9733c075847fe2ea9fa","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-05-04T17:19:35.522065Z","times_seen":685,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":91,"connect":1,"send":0,"wait":3,"receive":15,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.633Z","timestamp":1695274959633,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/serverComponent.php HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 8978\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: application/x-php\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: \"03cf249d51598e9e317827a045e53b8e-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HAV460SJ9SWWXY94XRT7JWGA\r\ncontent-length: 602\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":602,"size_decoded":0,"mime_type":"application/x-php","magic":"ASCII text, with very long lines (601)","md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":224,"dns":0,"connect":0,"send":0,"wait":35,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c344d59e90","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.631Z","timestamp":1695274959631,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c344d59e90 HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 58514\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460SJQWVFN2CKG1QVK18V\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":225,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/browserDecom.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.635Z","timestamp":1695274959635,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/browserDecom.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 32341\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: \"af121a0c15b5dee5f7becf597ed57352-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HAV460SKMKK16M873E8QWJ68\r\ncontent-length: 907\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":907,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"21b219c6d0855bd870704aca6149a386","sha1":"f3a3e71129678ac2364ca565ef5cdcdff6c6be0b","sha256":"5e93965b3f8db2834e8e22ebf73a538bad7ba99fdc443a38942bf69f55c299a3","sha512":"fd26746f9665e68b8213f25c464334a5c118c250fa5d1587c344a784e56b4a469ab8bb29df042251434994c991b9c52241c5a3eb78ec9ccb55041c9f3fc444c4","ssdeep":"","tlshash":"b4117dc29b664a88360ec1a6785763686339d141cd2bde3c76b039f8bd552805013776","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T21:28:33.449625Z","times_seen":314,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.632Z","timestamp":1695274960632,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.17a600ea31802b45.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 44051\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460SKD4HHQ76EZ8GZXX8F\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.d7eeec1c93eef5e61473.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.649Z","timestamp":1695274959649,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.d7eeec1c93eef5e61473.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 60698\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: \"f699d301c9a785fdace5efdc9151313f-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460SKAE21F1Y76WR58VJ3\r\ncontent-length: 9356\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9356,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"01aed6b25e0eb3d74a5f15f51752a6a9","sha1":"c2d806ad5b0ff7c82beca75d2c8f7f1bcc6936b5","sha256":"0c4f7f58335b6375e7a4500ab43f4057d09ac3017fd5f2f408259fc762b7ab15","sha512":"27239c439e1fe9178e2b59e828966c5a3bc059a436d36f5ab761e443e2cdb6b39ad4022ebdf577ab1446edfdf06ff76ddae7edd023cc850009bb0f6414af4305","ssdeep":"384:wy2DsacMwIXZT+SRbFcWSZe5xkoodWHoon/tVp:r2DsaUOSZsp","tlshash":"8ea3a0a7f6c6016ac097cf6590b639fce63a8c00d7c7666b5d03b7b89785fc60532889","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T22:51:16.260566Z","times_seen":387,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":209,"dns":0,"connect":0,"send":0,"wait":62,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.637Z","timestamp":1695274959637,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cazzim.com/\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 27852\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"cb37fa55f3dfdd26d61901032a53644f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 96b2Bo9YFlYTrfFcQX2Rvo9AmSOQP47Hz8QmnzNMKIjIs5vNDDwCTw==\r\ncache-control: max-age=1234134\r\nexpires: Thu, 05 Oct 2023 12:31:33 GMT\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27852,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\\012- data","md5":"cb37fa55f3dfdd26d61901032a53644f","sha1":"1115e8d43a08c1f74ec1f6a886d1cb530bb9da97","sha256":"902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9","sha512":"1a3176551c4f26069e24102fc72e407737b17121e39277b86f8130f10270cc81aefab8b11f7c38d8726ecaa1f3a24b2313a8f364442bc85dc8e41513b1d6e242","ssdeep":"768:DwcUL/u/dKOTCsjdD+GLF49dhKzulthYtOtGNl+34:DwcE2/BWeVB49d0CltheO8Z","tlshash":"e0c2e1ad1b73b17bdbe24b79db8951997d24b2e00775cfa712a411b0a003a951f382c6","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-05-04T17:19:35.525133Z","times_seen":658,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":92,"connect":2,"send":0,"wait":2,"receive":1,"ssl":171},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/css.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.651Z","timestamp":1695274959651,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/css.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 46956\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: \"78759fbc18d6dd8af298534fcf858866-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460SMYX1MGNJ1CMJRWZG2\r\ncontent-length: 27359\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27359,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (31118), with CRLF line terminators","md5":"dbfc2de4f7c9f7c851b60b41139ba060","sha1":"b4157c33443884cc743adfd5abc1763cbe6f5785","sha256":"20bb6bf4004dac223173ba5b41449186d983e80050dcfddbbc1975ae566a3e47","sha512":"3a5210282202e25093967a9261704066782054e0fad511d45a5d3b37fb6d4932f656cce3d7b640e00cfe7877a66e93a9f13201fc54ce8b2f97252bb68c4e44b6","ssdeep":"1536:ACQLzUxDgkEgGDgkEgDDgkEgEDgkEgbDgkEgNxVIjDgkEgXDgkEggHADgkEgCDgO:ACQLzba","tlshash":"bfa410b2f2c2011d33b38e7e2062a788d514d86bd1b627ed25c3b9a8b5c57bb01b751d","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T21:28:32.990818Z","times_seen":314,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":208,"dns":0,"connect":0,"send":0,"wait":61,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/smartBanner.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.641Z","timestamp":1695274960641,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/smartBanner.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 115507\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460T8275V8P29RARP39AH\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/web_properties.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.647Z","timestamp":1695274959647,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/web_properties.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 55378\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460T8QABHD4ZJ8T1SGFRY\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":214,"dns":18,"connect":36,"send":0,"wait":79,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/cp_common.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.645Z","timestamp":1695274959645,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/cp_common.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 55377\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460T8ZQVH63WP6WQ9PJ4V\r\ncontent-length: 1274\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1274,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":216,"dns":18,"connect":36,"send":0,"wait":79,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/icon-user.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.654Z","timestamp":1695274959654,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/icon-user.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 32338\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: image/svg+xml\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: \"2cb7bd60088678dedf1ed85bfa45d2cc-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HAV460T8R4MXRCZB2YZDPFSK\r\ncontent-length: 584\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":584,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (584), with no line terminators","md5":"1f46c36bca03354edd25a3e35b7977db","sha1":"c002468fca8f3910fccba86c6d67602191eaeaed","sha256":"32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6","sha512":"75d96be277e58c397f846c80ed1154a910b824c349ccafa3de277dcbdbd227cfc98b7848fca0906654d80be81b4b5248d7e907fe0b843c36c43047c26e7b22c0","ssdeep":"","tlshash":"fef002e9577458fcd943ca3ad72924c62a3a70fd9a248998709864256d140ce4008888","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.182874Z","times_seen":284,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":206,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/2d6b9362638574d196874650cdb28cd6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.621Z","timestamp":1695274959621,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/2d6b9362638574d196874650cdb28cd6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 115507\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460TAD70SCKEJ3Q5FGPTT\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":258,"dns":21,"connect":36,"send":0,"wait":62,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/capital-one-logo.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.653Z","timestamp":1695274959653,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/capital-one-logo.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 61009\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: \"5551fd44a62268b80906011d6516a2c9-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460T8CQVKTWMM4J0GZMX5\r\ncontent-length: 1664\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1664,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3967), with CRLF line terminators","md5":"f0b7ad81821effc52540e39cafda48f9","sha1":"33d64bc7001f414f12bd92e740a45e5ced239add","sha256":"57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed","sha512":"ada921382d19becb6bb1efe43c7024f1bb995c84fb8c91e245731de68ab23e7959df759dc53fab8459b91eb3004334a6bd96194eb11c956a81a99b486252b727","ssdeep":"","tlshash":"a3819c79c390d3b9eed69bbc9f3260b4d08fd1ae90e5d35482a4c56035d20d8b25ecd9","first_seen":"2023-05-05T00:40:48Z","last_seen":"2026-05-04T17:19:35.518143Z","times_seen":491,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":206,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/914a4a6f3a23a11a51feb0d6f6a68751.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.627Z","timestamp":1695274959627,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/914a4a6f3a23a11a51feb0d6f6a68751.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 33254\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460TNVB8SRWXGW0DWBKPD\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":266,"dns":21,"connect":36,"send":0,"wait":50,"receive":1,"ssl":198},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/712ff787f143e2fedc740cf96cd0f80b.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.619Z","timestamp":1695274959619,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/712ff787f143e2fedc740cf96cd0f80b.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 121111\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV460TR8334G47MV9QZ9A9P\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":623,"timings":{"blocked":275,"dns":20,"connect":36,"send":0,"wait":48,"receive":8,"ssl":217},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:39.743Z","timestamp":1695274959743,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vo.msecnd.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 05 May 2023 00:00:00 GMT","end":"Sun, 28 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80","sha256":"BF:60:70:23:0A:9B:F0:F9:BC:EE:56:40:4B:F6:C3:4B:F6:BE:14:87:14:29:CF:BD:47:5C:31:E8:85:A5:7F:C3"}}},"request":{"raw":"GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1\r\nHost: ajax.aspnetcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 14208395\r\ncache-control: public,max-age=31536000\r\ncontent-type: application/javascript\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\netag: \"80288516b793d31:0\"\r\nlast-modified: Mon, 22 Jan 2018 19:27:49 GMT\r\nserver: ECAcc (ska/F6AE)\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 30394\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30394,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-07T15:51:06.613213Z","times_seen":126272,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":175,"dns":35,"connect":7,"send":0,"wait":34,"receive":1,"ssl":125},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.632Z","timestamp":1695274960632,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.17a600ea31802b45.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 44052\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV461HN9BGGJ4DVAESMSH69\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/smartBanner.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.641Z","timestamp":1695274960641,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/smartBanner.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 115508\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV461HSMKNP9ZFZYKYG64ES\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-05-06T18:32:16.52052Z","times_seen":3241,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.820Z","timestamp":1695274960820,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/twitter-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"c2f1acf6f29c52f793f66b65ba91d49f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: WY8VBzDyq7FctDDX8MrQBW0rTz7Flw8l\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: YlG8YqnDOa_P8VAf9WonpQ5skgLUvinbaxHQSNVgLOzUDc_p05KEJA==\r\ncontent-length: 734\r\ncache-control: max-age=2286351\r\nexpires: Tue, 17 Oct 2023 16:48:31 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":734,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- XML 1.0 document text\\012- XML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"c2f1acf6f29c52f793f66b65ba91d49f","sha1":"d045195486c4bfdbefd3e812e7297db69615484d","sha256":"d1b4860dcce83c4c73736dedeafe3b09403b267d087ef721a35dbffd5e564c68","sha512":"fc865996cb25ece0d63aea5801204de3642283dbddc174c87b0dccd5aba0f017fe03cfea081930ca3cdba4bca2359a22e140f567d6f9611fc18653095d2db197","ssdeep":"","tlshash":"d0213f55c395d8fabe258204d3b175c872f4589bb5b0d2d4bbaf0827f21c8e4454c2dd","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-05-06T09:59:19.687848Z","times_seen":397,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.825Z","timestamp":1695274960825,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/facebook-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"e43c5a7e7fb8c3c12579162a4986b1ad\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: sp5rcJ_CixBIFs_Kbc9AtTIkRc82cd4R\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: J59KxPSyrzwh1_-pHbiRvwFMM3nt_ufA6PAQOEVJZIkZALIksvAUkg==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 282\r\ncache-control: max-age=2179040\r\nexpires: Mon, 16 Oct 2023 11:00:00 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":282,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (431), with no line terminators","md5":"e43c5a7e7fb8c3c12579162a4986b1ad","sha1":"7a7c6a4ce7d8fe81778e3407bb710372ac3ea3f9","sha256":"b312fb49b19387ededa2729f0c384686ce7c83811b0ea0367ef63767e612da03","sha512":"949e0cfd60a6c3bd0f427b074e411e6891d76d67e0bc40d31fc14aabe54bed79fe15b8bf5fec39e9b504f297fd597e2b72ebf157b33a414be6e971e5cf083eba","ssdeep":"","tlshash":"d3e0a3dfb7492114a11fa9d6dbbc3e24781ce0ed64cd05c91f53b628509718cd417c50","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.187943Z","times_seen":388,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.830Z","timestamp":1695274960830,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/you-tube-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"0a9ec1ae291522dcb84befe6a44c3830\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 5PqSeWnBhEvAtcPgf2XAbVZCtyvnbUxM\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 61GrgK63n8h_lGzo-6PZlw-FzSgEAbs-J-4o0C9LPZwcXeaYMS7VwA==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 295\r\ncache-control: max-age=2085202\r\nexpires: Sun, 15 Oct 2023 08:56:02 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":295,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (491), with no line terminators","md5":"0a9ec1ae291522dcb84befe6a44c3830","sha1":"3236900d0d9801eb93d355a7b9be38b16ea51604","sha256":"bb29a96bd1b20b9dedd8197ce7f9a29fc742aa6555df924453b5561c6ef3564f","sha512":"ce5259558d6f047262edbedd14001d0a14da8e818048d6b2c22690ba540508b9e4b9da2353be8827996a352701f8fad6dc8f6a92ee13f6cb309a6ad2693c96f7","ssdeep":"","tlshash":"80f059e28f281c29d88fcfa8de7835a5754d05f422ed498c62e6ae2422e5f8ad544d81","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.20206Z","times_seen":388,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.833Z","timestamp":1695274960833,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/linkedin-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"4135a3d131493d86e0db3c8ad0420602\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: V4.R2G9M5ytZINKkEHFYF7hbdLSExGPo\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 4ynpoRODdMy0NFqZlQXq01IXubwYlzd97AREFp__7QRwOBOU0ttfVw==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 349\r\ncache-control: max-age=2017599\r\nexpires: Sat, 14 Oct 2023 14:09:19 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":349,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (605), with no line terminators","md5":"4135a3d131493d86e0db3c8ad0420602","sha1":"4849488ce3d7aff2ec83435520a70627144cff6a","sha256":"bb0c33cd3e05dfff3f5fe39c013a2afc5ddd457d3b76b0bc7ee231cf5d0f01f7","sha512":"2a4d52b445fd456acaff27b49d6dd7bed97c88a6dc0bdf725b3e96efc82431c468e808f167f121d069675b51dff60062ff7358d90146fe7fb76e352762a463aa","ssdeep":"","tlshash":"82f002af81064944e6068f22ce4c3c2ca71d14d5796980bcd003e63c7f8fa81bc15e72","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.178544Z","times_seen":384,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.845Z","timestamp":1695274960845,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/instagram-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"7ff5bca5e93664bc612cc91ae53ac496\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: FUfIizReL1r02BrKB1G0_CUQXIQQ79Tx\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: coB_AF0E8m8ED78Dtvm4EGB0n-8P_tmMBd8KBvpxdKedH9QJyXEhzg==\r\ncontent-length: 768\r\ncache-control: max-age=349351\r\nexpires: Mon, 25 Sep 2023 06:45:11 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":768,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1670), with no line terminators","md5":"7ff5bca5e93664bc612cc91ae53ac496","sha1":"6a078cc08d3f7fe2b9f06a6f20cd3b953748f45f","sha256":"bb4babc75eb6ef45fd42a6fb5f50b059473aaf36c607bef28a4aedb514e238fc","sha512":"21fbea944b4ed600bf269a8f8079364c63583700ad56ac65165775a56b953467825f177fb4d46c0d08b29019f4a70a287bf1a2ee54311b6162cb85f006195f97","ssdeep":"","tlshash":"7731d0c16670d74415ca9c59cbf2eb204563f02f14eab8d1daff8b09a54ecc9fb80844","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.191198Z","times_seen":389,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.847Z","timestamp":1695274960847,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/logos/capital-one-logo.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 20 Jan 2021 18:06:43 GMT\r\netag: W/\"f0b7ad81821effc52540e39cafda48f9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8LzbBBEj8zCeatCBoYuv1q1dFFpTcVNl\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: HdJaUvrAj5VEG9DzlICGcJdU50sF2rvFp9FpZhYE6tYcovP5XqgQKQ==\r\ncontent-length: 1732\r\ncache-control: max-age=2163173\r\nexpires: Mon, 16 Oct 2023 06:35:33 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1732,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3967), with CRLF line terminators","md5":"f0b7ad81821effc52540e39cafda48f9","sha1":"33d64bc7001f414f12bd92e740a45e5ced239add","sha256":"57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed","sha512":"ada921382d19becb6bb1efe43c7024f1bb995c84fb8c91e245731de68ab23e7959df759dc53fab8459b91eb3004334a6bd96194eb11c956a81a99b486252b727","ssdeep":"","tlshash":"a3819c79c390d3b9eed69bbc9f3260b4d08fd1ae90e5d35482a4c56035d20d8b25ecd9","first_seen":"2023-05-05T00:40:48Z","last_seen":"2026-05-04T17:19:35.518143Z","times_seen":491,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.852Z","timestamp":1695274960852,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-fdic.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: W/\"a5b2f8771a99c2670dd5183853596b4f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8xRP0pbuqhkFsGgLYTsgGzSHlkx4pEGg\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: H-Np6_9eZQP1ng_FN2ju7A_gz1t7ss5LHM5EInETUpJpRN5SPOGvkw==\r\ncontent-length: 955\r\ncache-control: max-age=268249\r\nexpires: Sun, 24 Sep 2023 08:13:29 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (1959), with no line terminators","md5":"a5b2f8771a99c2670dd5183853596b4f","sha1":"31d62e53c4839860683ff79e3866278f5ea35616","sha256":"017d9cf1015d4388c0069e8f2e147d998616605a8fdbb461cd964ff5cda545e3","sha512":"c456c0f4bed3264c85fb0336f334fd7be44ffd373230d0c5617e66ecebcaeb5faaccd815215e8ea788e6000330e5f7b2288c3c9cc66e2843f10dc00e839960c2","ssdeep":"","tlshash":"2a41adbd8754d1adeec48aec6e27e0a4e05fa259c0d1c3519266c6b111d24c9e34f8e4","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.193272Z","times_seen":390,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.859Z","timestamp":1695274960859,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-ehl.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: \"30d0ea03dfc7173265c5896affca1ad9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Cfpp_Ya_3POEKViDatTY.UH0GBjWHzjx\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: VUds1SokOgb9rdD7QoElH2jw_GpSlScadYoEUDVMVKsc8pGsgE3Y4A==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 299\r\ncache-control: max-age=727106\r\nexpires: Fri, 29 Sep 2023 15:41:06 GMT\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":299,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (437), with no line terminators","md5":"30d0ea03dfc7173265c5896affca1ad9","sha1":"3eb9550c148d3e49d67c6531a9aa6cf8acd356d0","sha256":"2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af","sha512":"5a460a10695b605ac05b4f21881751ea3a87c65245b0b3ae6a45b42bafb42f85f3df0f710afcd55a1c5ab6f0b9044a9c032dba888de3e18a5e4291b464a6f4fe","ssdeep":"","tlshash":"bde0555e87ba3a1468a087f8f3997e5253e602c9c298d2ec54f12537606d9e8819ce44","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.195536Z","times_seen":385,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verified.capitalone.com/auth/favicon.ico","fqdn":"verified.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.32.89.161","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:42:40.897Z","timestamp":1695274960897,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"verified.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Mon, 06 Feb 2023 00:00:00 GMT","end":"Mon, 05 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:E2:45:6A:F1:39:E9:0C:AE:A5:CD:55:BE:10:72:0E:7D:B9:D5:BC","sha256":"9B:15:C9:E4:1C:60:57:83:AA:C0:E3:81:DD:7B:2F:1C:3A:33:0C:53:B1:A5:69:F0:DD:5E:A5:F9:0E:80:DE:46"}}},"request":{"raw":"GET /auth/favicon.ico HTTP/1.1\r\nHost: verified.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15086\r\nlast-modified: Tue, 12 Sep 2023 19:03:44 GMT\r\netag: \"d27e1739c7477b10ec6917546ae61f1d\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: c_DMsHz6KnKZy3qO7ga3vWdToiGZuAy_\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ncontent-security-policy: frame-ancestors 'none'\r\nstrict-transport-security: max-age=31622400; includeSubdomains\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-amz-cf-pop: MXP64-C2\r\nx-amz-cf-id: ZsB8wpwO-NEil9hNhNfhsh3eKKeEuXc4_Qo4YXwQWGONbw3S-iVMNw==\r\ndate: Thu, 21 Sep 2023 05:42:40 GMT\r\nset-cookie: akacd_phased_release_site_down=1695275020~rv=77~id=e91907a7f49c04927c85c7f7401af96c; path=/; Expires=Thu, 21 Sep 2023 05:43:40 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nx-frame-options: DENY, deny\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\\012- data","md5":"d27e1739c7477b10ec6917546ae61f1d","sha1":"bb36ab8bce726ce72a2d74a8529526bca0fa515d","sha256":"5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec","sha512":"f8905a386f0d492e37d086fefd9e0eca1ef915551242554b70803f3fe89d4d7173565820f391f14f392d71861c8c43f3f8ecb4c5569491db9a2006f80bd0f64d","ssdeep":"96:WnvwwlPwSVOJilFV9HNya8arOd9e9DAthhrXTF14/sKFVNe4WiInwjr:Mf9DNF2e9DALhrjFeUmNlWz4","tlshash":"2e6262a362824eb4d8671530e9569b2dc272efea8df4fd042d387a2b4b352c5500b7c1","first_seen":"2023-04-18T09:27:51Z","last_seen":"2026-05-06T08:20:39.633833Z","times_seen":666,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":121,"connect":7,"send":0,"wait":37,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-21T05:42:39.089Z","timestamp":1695274959089,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cazzim.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Sep 2023 09:00:59 GMT","end":"Mon, 04 Dec 2023 09:00:58 GMT"},"fingerprint":{"sha1":"E3:CE:7E:44:B8:D4:B6:73:61:6D:E2:A6:5F:D9:E8:0F:08:B4:A9:FE","sha256":"97:C7:34:EE:57:64:7A:F9:07:46:8C:56:29:E8:B5:C1:41:AA:3B:BD:B9:24:C3:E4:5D:DA:A8:BD:FF:F0:99:DA"}}},"request":{"raw":"GET //tmp/capitalone.com.axpwas/indexnw.html HTTP/1.1\r\nHost: cazzim.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ldominey.expofranchise.com.br/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 20 Sep 2023 17:36:39 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Thu, 21 Sep 2023 05:42:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":155990,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-07T15:57:26.609448Z","times_seen":14794715,"resource_available":true,"data":null}},"time_used":655,"timings":{"blocked":255,"dns":2,"connect":121,"send":0,"wait":139,"receive":0,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}