{"report_id":"338fa8f5-769d-43a1-b106-c7e49c46d0ff","version":0,"status":"done","tags":[],"date":"2026-07-04T10:48:14Z","url":{"schema":"http","addr":"bankcomposite.com/Docusign","fqdn":"bankcomposite.com","domain":"bankcomposite.com","tld":"com"},"ip":{"addr":"5.9.101.49","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"bankcomposite.com/Docusign/","fqdn":"bankcomposite.com","domain":"bankcomposite.com","tld":"com"},"title":"Document Access Portal","dom":{"size":18289,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"17260c4e2df478ab8b996dcd1824af3f","sha1":"b01a0591598ae854d01f8a74ac1424e2a976e707","sha256":"9065fbc129031595fa288d38e7b7c875bfd0fc2e33bd53cefd6c3fee2eb757ed","sha512":"c7666405fd3f7e31ca9e41c6353a4ead1986cca9994c73a6bdcc6f8120ae1d66ce1da7d4dea72c5fc23b8e3b18de4adc57fa372736bbab293357c6b1df61c9db","ssdeep":"192:BrY90U/zAS+4YH1XIHMOKPFy+plwahjZpTf72yDR7FbawU8LEGLGDLrf3Ma4epJu:BrY9v/ED4WRO+FFFbBt9uSkvfYOo/E+","tlshash":"8882536a69b310416943e0b87ff7574a7a61e403940acd693fdc534ccfc2e89ad927ac","dom_hash":"domhash5b2bd36a063b56fef7d78b20e2f33f98","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bankcomposite.com/Docusign","fqdn":"bankcomposite.com","domain":"bankcomposite.com","tld":"com"},"ip":{"addr":"5.9.101.49","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-08T10:48:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"bankcomposite.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"bankcomposite.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"bankcomposite.com","ip":{"addr":"5.9.101.49","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-11-15","domain_rank":0,"first_seen":"2026-07-04T10:48:14.628249Z","last_seen":"2026-07-04T10:48:14.628249Z","alert_count":6,"request_count":3,"received_data":20027,"sent_data":1508,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-28T22:41:44.776353Z","alert_count":0,"request_count":2,"received_data":254095,"sent_data":1143,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bankcomposite.com/Docusign/","fqdn":"bankcomposite.com","domain":"bankcomposite.com","tld":"com"},"ip":{"addr":"5.9.101.49","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"82fec97499921dc86ffc9896a05597e6","sha1":"d3b9411a44a0be91187b7dbea2cbdce8e79530bb","sha256":"e86cc16ad1ca4c188fbf78d4e8222fd226db3e3abbb78a6b229c33afd3a6c332","sha512":"21aeb5062ff66511b03b862f0535f9f6d2dc82bdc6e9fa516157862e4ccdcbcaa72d1cb765c7d6f28ad7463dc6e30651ca8038bcae38ea1e0aafec9a9f59f3d7","ssdeep":"192:lldEknm14lb+UXxZnTbG4OCPStJkf3Ma4ep0:rOo/En","tlshash":"20d1a13828b324540d53917e37df524c76a6602b2808ce2abe6d43194fc2f497de2bf8","size":6455,"data":"","first_seen":"2026-07-04T06:03:02.148286Z","last_seen":"2026-07-04T10:48:15.674201Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bankcomposite.com/Docusign/","fqdn":"bankcomposite.com","domain":"bankcomposite.com","tld":"com"},"ip":{"addr":"5.9.101.49","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-04T10:47:48.183Z","timestamp":1783162068183,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankcomposite.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 13:43:47 GMT","end":"Sat, 15 Aug 2026 13:43:46 GMT"},"fingerprint":{"sha1":"01:E9:C7:8F:6F:02:20:2F:6A:0A:77:8F:75:C3:FF:41:08:3E:E0:D6","sha256":"BA:B4:00:97:8C:F0:2F:E7:88:88:49:93:27:56:C2:F7:56:EC:35:46:39:EE:C0:B8:25:63:A6:42:06:5D:FA:EC"}}},"request":{"raw":"GET /Docusign/ HTTP/1.1\r\nHost: bankcomposite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Fri, 03 Jul 2026 18:15:03 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4281\r\ndate: Sat, 04 Jul 2026 10:47:48 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":18290,"size_decoded":4513,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"0722524d3c4f93f60409766266f58673","sha1":"42e733eb2e16a54a10d7be50ee72f865bfd9a793","sha256":"f962ccc11b52306a6793e237a920053007cd50a61bfa5df472c30ea59c3ea4f8","sha512":"8169cb8fd761e0e3028eac46bbd1f65172b4b61c3d0bca8651500fd8851fb4af0bc70ba97e62e4ecfcba3e7b68c60ed84e2608806a0dc3e5adb5993ef514da5d","ssdeep":"192:r9RuPW9MMWDoZMV02lY6w5FlabFq0lkdnoRC83tDv5pM5tmdIEXl6iFftG2JlRMj:r9MPyfYtDBzIE3zu5Cf4","tlshash":"3b823029a54110426573e3b9bfb34b4afb925053860386697fdc534a4ff2809da63fec","first_seen":"2026-07-04T06:03:02.146999Z","last_seen":"2026-07-04T10:48:15.668758Z","times_seen":3,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"bankcomposite.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"bankcomposite.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bankcomposite.com/Docusign/","date":"2026-07-04T10:47:48.661Z","timestamp":1783162068661,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bankcomposite.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 04 Jul 2026 10:47:48 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 3754\r\nexpires: Thu, 24 Jun 2027 10:47:48 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0%2Br6fgXejELTrrsxXxejqa5pf9QKa1nrdh5d%2B6QZ31uw6Rb5qRecvxqlEbox9WwyjD3POASdKjfBcUL%2F62n6E7IUYwynrYSjzzeXfAQ7XqenBDrVZ%2B0A05mqV9cOwxfu5ra8%2BfxT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a15d8dd13f1fb4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":19728,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-07-18T00:56:09.048413Z","times_seen":54863,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":3,"connect":13,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bankcomposite.com/Docusign/","date":"2026-07-04T10:47:48.766Z","timestamp":1783162068766,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://bankcomposite.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 04 Jul 2026 10:47:48 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 5243\r\nexpires: Thu, 24 Jun 2027 10:47:48 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H0lAZtW1%2BAAicrjq2%2BhqoW5bTXlTOtCroHOEdjXX8Y%2B%2FI4qHpwS7trgoz2YCPi4Y1PcoBoppTixl8DKPCkzMy0aiM4IqkwywYqT2%2Fyd4EHoaapxjulhGQqBRCh2w1XksditHlsys\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a15d8dd1d8d8568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":150124,"size_decoded":151094,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-07-18T00:56:09.035085Z","times_seen":40675,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":7,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bankcomposite.com/favicon.ico","fqdn":"bankcomposite.com","domain":"bankcomposite.com","tld":"com"},"ip":{"addr":"5.9.101.49","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bankcomposite.com/Docusign/","date":"2026-07-04T10:47:48.805Z","timestamp":1783162068805,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankcomposite.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 13:43:47 GMT","end":"Sat, 15 Aug 2026 13:43:46 GMT"},"fingerprint":{"sha1":"01:E9:C7:8F:6F:02:20:2F:6A:0A:77:8F:75:C3:FF:41:08:3E:E0:D6","sha256":"BA:B4:00:97:8C:F0:2F:E7:88:88:49:93:27:56:C2:F7:56:EC:35:46:39:EE:C0:B8:25:63:A6:42:06:5D:FA:EC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bankcomposite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bankcomposite.com/Docusign/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 796\r\ndate: Sat, 04 Jul 2026 10:47:48 GMT\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":796,"size_decoded":1162,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"265e51037981a14ed99a5fc8c5ec1b51","sha1":"d12ac588953298fdaf46dd5b4af8eb4cf6b06f0a","sha256":"c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400","sha512":"b18aa610811c5f9bc1dd829ad90a95568e81a41e1fd1472983dc00147f65045fd91fbc498b5263ce4f4c88b041be21f186ed2ce357d3bcf86c0429ca18991151","ssdeep":"","tlshash":"1101f12ac182a80fe0231070fa91e37451594212629b4f647b9ff676f6ce1ab56b22cc","first_seen":"2024-02-05T05:35:22Z","last_seen":"2026-07-18T00:12:41.972411Z","times_seen":51915,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"bankcomposite.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"bankcomposite.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bankcomposite.com/Docusign","fqdn":"bankcomposite.com","domain":"bankcomposite.com","tld":"com"},"ip":{"addr":"5.9.101.49","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-04T10:47:47.907Z","timestamp":1783162067907,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankcomposite.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 13:43:47 GMT","end":"Sat, 15 Aug 2026 13:43:46 GMT"},"fingerprint":{"sha1":"01:E9:C7:8F:6F:02:20:2F:6A:0A:77:8F:75:C3:FF:41:08:3E:E0:D6","sha256":"BA:B4:00:97:8C:F0:2F:E7:88:88:49:93:27:56:C2:F7:56:EC:35:46:39:EE:C0:B8:25:63:A6:42:06:5D:FA:EC"}}},"request":{"raw":"GET /Docusign HTTP/1.1\r\nHost: bankcomposite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\ncontent-type: text/html\r\ncontent-length: 795\r\ndate: Sat, 04 Jul 2026 10:47:48 GMT\r\nlocation: https://bankcomposite.com/Docusign/\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-18T01:40:23.105447Z","times_seen":17326528,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":128,"connect":33,"send":0,"wait":33,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"bankcomposite.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"bankcomposite.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
