{"report_id":"519e2c15-5800-443d-914d-4b9f4b5bbaba","version":6,"status":"done","tags":["suspicious"],"date":"2025-08-12T01:30:59Z","url":{"schema":"http","addr":"forge.speedtest.cn/api/v2/statistics/redirect?position=www-to-speed\u0026url=https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"forge.speedtest.cn","domain":"speedtest.cn","tld":"cn"},"ip":{"addr":"118.31.5.70","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"transmittedbankrecord.blob.core.windows.net","domain":"windows.net","tld":"net"},"title":"Adobe Document Cloud"},"submit":{"url":{"schema":"http","addr":"forge.speedtest.cn/api/v2/statistics/redirect?position=www-to-speed\u0026url=https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"forge.speedtest.cn","domain":"speedtest.cn","tld":"cn"},"ip":{"addr":"118.31.5.70","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-16T01:30:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":2,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-12T01:30:34Z","timestamp":1754962234,"ip_dst":{"addr":"151.101.2.132","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.3","port":38534,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Web Hosting Domain (cdn .glitch .global in TLS SNI)","source":"{\"timestamp\":\"2025-08-12T01:30:34.750838+0000\",\"flow_id\":2028154847425342,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":38534,\"dest_ip\":\"151.101.2.132\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063160,\"rev\":1,\"signature\":\"ET INFO Observed Web Hosting Domain (cdn .glitch .global in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_06_23\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2025_06_23\"]}},\"tls\":{\"sni\":\"cdn.glitch.global\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3469,\"start\":\"2025-08-12T01:30:34.717630+0000\"}}"}],"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"transmittedbankrecord.blob.core.windows.net","ip":{"addr":"57.150.154.65","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"1995-08-10","domain_rank":0,"first_seen":"2025-08-05T01:05:04.056885Z","last_seen":"2025-08-05T01:05:04.056885Z","alert_count":1,"request_count":1,"received_data":2613498,"sent_data":555,"comment":"","tags":null,"fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2025-08-06T17:54:00.05038Z","alert_count":0,"request_count":1,"received_data":161245,"sent_data":491,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-08-06T15:20:03.099982Z","alert_count":0,"request_count":2,"received_data":139578,"sent_data":1077,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-08-06T16:11:55.56616Z","alert_count":0,"request_count":1,"received_data":90137,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.glitch.global","ip":{"addr":"151.101.2.132","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2021-09-09","domain_rank":2823658,"first_seen":"2022-01-13T10:18:16Z","last_seen":"2025-08-06T09:56:42.893926Z","alert_count":0,"request_count":2,"received_data":18571,"sent_data":1039,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"forge.speedtest.cn","ip":{"addr":"118.31.5.70","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2007-03-10","domain_rank":4236394,"first_seen":"2018-11-21T02:31:01Z","last_seen":"2025-08-08T09:49:38.387487Z","alert_count":0,"request_count":1,"received_data":2613487,"sent_data":635,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.3.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-08-12T01:30:34Z","timestamp":1754962234,"ip_dst":{"addr":"151.101.2.132","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.3","port":38534,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Web Hosting Domain (cdn .glitch .global in TLS SNI)","source":"{\"timestamp\":\"2025-08-12T01:30:34.750838+0000\",\"flow_id\":2028154847425342,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":38534,\"dest_ip\":\"151.101.2.132\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063160,\"rev\":1,\"signature\":\"ET INFO Observed Web Hosting Domain (cdn .glitch .global in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_06_23\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2025_06_23\"]}},\"tls\":{\"sni\":\"cdn.glitch.global\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3469,\"start\":\"2025-08-12T01:30:34.717630+0000\"}}"}]}],"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T04:41:25.448678Z","times_seen":444697,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"transmittedbankrecord.blob.core.windows.net","domain":"windows.net","tld":"net"},"ip":{"addr":"57.150.154.65","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d3a850864a4054bba5b236bec735670d","sha1":"c63e4cbdd9f571eb926c6007a6c94ed62d23d85a","sha256":"a7e85371ef7b18f173e813631b866e4c03cc118f632d0c4e5a9f002364720335","sha512":"0f5196ceebd42079c83e2d3b480fddc5ef30de194b3379c2d3704c0a6953e704e3ac2e1a8debd4d59689c0af30be8b3ce050e6ccb37cbbaed844fcbdb0baaba1","ssdeep":"96:mahit05j8INZuTDrp+E1KTMw2HG9tlyJpD1ANNmjRtOXpyDp2yOXpyDp2yOXpyDL:mahi+V0","tlshash":"f3058d04f817c60f7a6678fb7c9417c59cc1ba2de2ce6997c0ac4b1c58e148726fa4e6","size":870970,"data":"","first_seen":"2025-07-30T01:35:36.538368Z","last_seen":"2025-10-22T11:05:04.97269Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"transmittedbankrecord.blob.core.windows.net","domain":"windows.net","tld":"net"},"ip":{"addr":"57.150.154.65","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4543291a5aeadc9e6ac9876895d89299","sha1":"fe3fda6ffa18827c866edb321c54a2c93645485b","sha256":"363af9163bc90dc6bd6f69d488a2738515a32e5b4e5c5b139b9b62c9a6076047","sha512":"5ce778d7a531370e05349ad5cd72b6a06701989b6f97b6ae4d38f88d8d10804ba96198b6dece0a6c7df4eab57f150db70142bda1e71f3dffa1ef39ffee0aeace","ssdeep":"3072:75su56TQW8NP5v0qcQv02yFuiMSSpQq2cZo2NdNH:7Q0D","tlshash":"c654a7d96286fd0f578d1e93bf51aafd51697263a4cc7247c2a8fb8c08a8147c99ccc1","size":290297,"data":"","first_seen":"2025-07-30T01:35:36.535179Z","last_seen":"2025-10-22T11:05:04.975369Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"transmittedbankrecord.blob.core.windows.net","domain":"windows.net","tld":"net"},"ip":{"addr":"57.150.154.65","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b5f30931671e8a004db9096274dd28c5","sha1":"eb46a8d8d509d9c4505ff118dc02ed28d7df7e05","sha256":"5757dfd23184feccef14fd4f06f4a0dc52ba07e394cf18ac0832d1e1beec9e4f","sha512":"2b4302512ac4daa08716a280fc40d8480493c11f64996ee245f2157a48dcc295df012d609f4a4936f204fba6bf3341c650f04ff79c5ca27790cbe370f972d5b5","ssdeep":"768:zZZwfRgpudjfYoGDfY36ODumGnbSCIMdbPFSzdFnyT7GzdGRL9E0i3hUGL9f4EhJ:m","tlshash":"acc50587cb8fd538b2c6eebfe19c5a2a6143dc12bddd4a07065c1a5009c158bbd6ece4","size":2613052,"data":"","first_seen":"2025-07-30T01:35:36.537014Z","last_seen":"2025-10-22T11:05:04.978426Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"transmittedbankrecord.blob.core.windows.net","domain":"windows.net","tld":"net"},"ip":{"addr":"57.150.154.65","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5bb1a500636055bf0f266a953a3852eb","sha1":"89f1d6f0c34485d5407f585a8d45e8112fd3c48c","sha256":"8037cf158d13a1f110aa7e300d39eeeb7adea9df04e3b4f4c0b88ee0b647c473","sha512":"e70721fd108c8ce4dd4a66c194e2409b62ab2de1160a40dc23261687043f200b417be92380f1cfcc5a691e3fdc2d29f8788b8efb0072aa22a65138fa4a059d78","ssdeep":"","tlshash":"90813147f5b51fa22523613f72bf61402b66812bef02a907b5cd82984f41c277e637c2","size":3887,"data":"","first_seen":"2025-07-30T01:35:36.53977Z","last_seen":"2025-10-22T11:05:04.980433Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5898b963d0b50d837d583774f8f03507","sha1":"00d96219d06d0ed5058c132e452d8a48464f66d6","sha256":"0659ec0ae3edd171a5cc67e130228d155df51c49d7f1fdb3b651448aaac1d50e","sha512":"7bf464d2f44f042975ac677cd4edbf059e59f5d54baacbe7e36c100746716be0793a454314e9c1e556017ddeac0a10e9f32ad97ee16eca0a9bd7b2c7fcee0544","ssdeep":"96:Zahit05j8INZuTDrp+E1KTMw2HG9tlyJpD1ANNmjRtOXpyDp2yOXpyDp2yOXpyDV:Zahi+Vu","tlshash":"63058d04f817c60f7a6678fb7c9417c59cc1ba2de2ce6997c0ac4b1c58e148726fa4e6","size":871008,"data":"","first_seen":"2025-07-30T01:35:36.540895Z","last_seen":"2025-10-22T11:05:04.983097Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"58afb601a0989b712d2b24f485f43f03","sha1":"1a645d819e1c950e1597f409dea6894752b550a2","sha256":"8a9c18d4926117dd4d1991f87eb69c9a7d4a7aa5781e3c6b4f6b9c115d687156","sha512":"e999e03158b06580e3a977644f1526a5a742d781129041e5e76545854e667056494c5baceba90acc8535680a8384c0e77c2dd32c16857981f9791fd663d3b5e4","ssdeep":"3072:G5su56TQW8NP5v0qcQv02yFuiMSSpQq2cZo2NdN5:GQ0t","tlshash":"1254a7d96286fd0f578d1e93bf51aafd51697263a4cc7247c2a8fb8c08a8147c99ccc1","size":290314,"data":"","first_seen":"2025-07-30T15:19:52.830796Z","last_seen":"2025-10-22T08:51:52.814462Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"b97cdd9ca8a2534e50188b24a8846cbb","sha1":"6c654d2f6cf309555426e143f96f8341def2c89b","sha256":"a8ee0a084d7a894b60dd6e9f7155e06b3a7ff7782b32a02862767dbaebbd8ebc","sha512":"99dce1f49ce8d0c659d3c760906310012241d77017b300f8b28bda65540af2233c31e72bf24deab7ef6b3d8955e677bd73ab969f3691104d48ca149c78032123","ssdeep":"1536:pD7xzFaWU6WgnM2CAXP1X8G4+Er9b3bL7Xkz:pD7xHw2CAXNsUm570z","tlshash":"c2636605c1f28d3a54d25aab141232c0e478b3b5d2ed41fb31aeae67f7729a2c35d385","size":72535,"data":"","first_seen":"2025-07-30T01:35:36.542701Z","last_seen":"2025-10-22T11:05:04.986154Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","date":"2025-08-12T01:30:34.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 20 Jul 2025 17:08:10 GMT","end":"Sat, 18 Oct 2025 18:08:03 GMT"},"fingerprint":{"sha1":"66:D5:51:E0:8E:D7:2C:D1:E3:98:58:99:22:9B:73:C4:6F:32:FD:EC","sha256":"52:CD:3D:83:E5:5A:57:37:9F:D9:0B:EB:C3:EA:67:B7:4C:F1:74:93:B7:C9:E8:0B:E3:E8:CB:2E:7A:94:A2:78"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://transmittedbankrecord.blob.core.windows.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 12 Aug 2025 01:30:34 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 10482\r\ncf-ray: 96dc354ef8760b49-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6599bda5-28f2\"\r\nlast-modified: Sat, 06 Jan 2024 21:52:53 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 947591\r\nexpires: Sun, 02 Aug 2026 01:30:34 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fTzvXME4x1l6ubB%2B%2FBqVmv%2BnnGpI0UM%2FE1j2WaO4yhsnXEw%2FMbktv98s6xqmm4YjOWH9udrm099koPBjyRHchqBXUEl02Y60FpFp4vkwlDPjfrXO0BwzF9h11MquJbfYlnL1ZiMH\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59344,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (59158)","md5":"74bab4578692993514e7f882cc15c218","sha1":"b6293bcfd851f963edbe859498570c4c0c7eaae4","sha256":"d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386","sha512":"8810579bc7d6f74fa7b8b7122a56e6acf70b6b4393f76c4ed4122c67ecb00d6642beab1681c715de0168441bf4cfef1d2c9832007221477e5565cda833f808d7","ssdeep":"768:0Eh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzl:0E0PxXE4YXJgndFTfy9lt5B","tlshash":"0a43fbb8e54c01c9b731c44bef82b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-04T04:26:03.271697Z","times_seen":80036,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":18,"dns":1,"connect":5,"send":0,"wait":11,"receive":2,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.194.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","date":"2025-08-12T01:30:34.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://transmittedbankrecord.blob.core.windows.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Tue, 12 Aug 2025 01:30:34 GMT\r\nage: 1792694\r\nx-served-by: cache-lga21931-LGA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 71, 324688\r\nx-timer: S1754962235.782397,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T04:41:25.448678Z","times_seen":444697,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":65,"dns":0,"connect":27,"send":0,"wait":26,"receive":8,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.glitch.global/d27d99eb-d54f-474f-a1fc-a598e61e5947/pdf-logo.png?v=1724752732381","fqdn":"cdn.glitch.global","domain":"glitch.global","tld":"global"},"ip":{"addr":"151.101.2.132","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","date":"2025-08-12T01:30:34.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.glitch.global","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 12:13:16 GMT","end":"Wed, 22 Oct 2025 12:13:15 GMT"},"fingerprint":{"sha1":"98:A9:A1:D8:3A:9F:4E:82:53:EB:CD:30:3B:55:B5:63:6D:DB:D8:7A","sha256":"5B:5F:CB:11:22:5B:F4:A7:0A:70:D7:43:CC:6C:7C:2D:42:7C:73:32:30:B3:C7:99:B9:42:71:C1:DF:40:F5:91"}}},"request":{"raw":"GET /d27d99eb-d54f-474f-a1fc-a598e61e5947/pdf-logo.png?v=1724752732381 HTTP/1.1\r\nHost: cdn.glitch.global\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://transmittedbankrecord.blob.core.windows.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 27 Aug 2024 09:58:52 GMT\r\netag: \"71cb333185ec977534da302ccac07e3b\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000\r\ncontent-type: image/png\r\nvia: 1.1 varnish, 1.1 varnish\r\naccess-control-allow-methods: GET, HEAD, POST\r\naccess-control-allow-origin: *\r\ncontent-security-policy: script-src 'none'\r\naccept-ranges: bytes\r\nage: 552425\r\ndate: Tue, 12 Aug 2025 01:30:34 GMT\r\nx-served-by: cache-iad-kcgs7200097-IAD, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 1116, 0\r\nx-timer: S1754962235.766695,VS0,VE107\r\ncontent-length: 2678\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":2678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 168, 8-bit colormap, non-interlaced","md5":"71cb333185ec977534da302ccac07e3b","sha1":"fddb8eabf9fb17f146ca49260a4ff9c646505060","sha256":"b3da464ddbe224e993956e087c3d3a0897a5fcc79500b6d4c830f4df414d2c78","sha512":"f3b4a7788d6f20dabd80ae25543a3f7e44fb805d4bd91fa33245747746b59809360b264e666d391cf0c45102cbfa6df95db5ded21229805a1a989f90a862eb7d","ssdeep":"","tlshash":"88515ed59a0b501125d39eb7c1245039dcb2f63d206b8c0c4d365e5d5f1fe7cb640a47","first_seen":"2024-10-30T12:06:45.305679Z","last_seen":"2025-12-27T07:27:46.224392Z","times_seen":117,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":55,"dns":28,"connect":15,"send":0,"wait":121,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","date":"2025-08-12T01:30:34.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 20 Jul 2025 17:08:10 GMT","end":"Sat, 18 Oct 2025 18:08:03 GMT"},"fingerprint":{"sha1":"66:D5:51:E0:8E:D7:2C:D1:E3:98:58:99:22:9B:73:C4:6F:32:FD:EC","sha256":"52:CD:3D:83:E5:5A:57:37:9F:D9:0B:EB:C3:EA:67:B7:4C:F1:74:93:B7:C9:E8:0B:E3:E8:CB:2E:7A:94:A2:78"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://transmittedbankrecord.blob.core.windows.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 12 Aug 2025 01:30:34 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 78196\r\ncf-ray: 96dc35505f0756aa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6599bdc3-13174\"\r\nlast-modified: Sat, 06 Jan 2024 21:53:23 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 362335\r\nexpires: Sun, 02 Aug 2026 01:30:34 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=zkvolwxYWBkVjSEpnyuo44n6KNbzycCju9%2FSqDC9Q3Zr5Vf5cr7iKCJa4Taja%2F88kGr7MjIRupzyOX%2BAWw0%2BR2hgj9aO%2FnQOR4GsEc1B3VyDBwZj1%2FQWrSJSQXRj%2FiwKEG4Nj32g\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78196,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-04-04T04:43:49.295098Z","times_seen":119526,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":17,"dns":1,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.glitch.global/d27d99eb-d54f-474f-a1fc-a598e61e5947/favicon.png?v=1724752849466","fqdn":"cdn.glitch.global","domain":"glitch.global","tld":"global"},"ip":{"addr":"151.101.2.132","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","date":"2025-08-12T01:30:34.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.glitch.global","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 12:13:16 GMT","end":"Wed, 22 Oct 2025 12:13:15 GMT"},"fingerprint":{"sha1":"98:A9:A1:D8:3A:9F:4E:82:53:EB:CD:30:3B:55:B5:63:6D:DB:D8:7A","sha256":"5B:5F:CB:11:22:5B:F4:A7:0A:70:D7:43:CC:6C:7C:2D:42:7C:73:32:30:B3:C7:99:B9:42:71:C1:DF:40:F5:91"}}},"request":{"raw":"GET /d27d99eb-d54f-474f-a1fc-a598e61e5947/favicon.png?v=1724752849466 HTTP/1.1\r\nHost: cdn.glitch.global\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://transmittedbankrecord.blob.core.windows.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 27 Aug 2024 10:00:49 GMT\r\netag: \"eaf4c20f63b6f903130aea2a7910a083\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31536000\r\ncontent-type: image/png\r\nvia: 1.1 varnish, 1.1 varnish\r\naccess-control-allow-methods: GET, HEAD, POST\r\naccess-control-allow-origin: *\r\ncontent-security-policy: script-src 'none'\r\naccept-ranges: bytes\r\nage: 551859\r\ndate: Tue, 12 Aug 2025 01:30:34 GMT\r\nx-served-by: cache-iad-kcgs7200152-IAD, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 144, 0\r\nx-timer: S1754962235.963401,VS0,VE1\r\ncontent-length: 14671\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":14671,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 137 x 188, 8-bit/color RGBA, non-interlaced","md5":"eaf4c20f63b6f903130aea2a7910a083","sha1":"2762ce1e775aa56f04614afb33aa01dfa18ab8b0","sha256":"aa8de7743649db70aaea24f94058ab9514820cb7cf5267076372285f3a949d2e","sha512":"53d1d6ec240ca9d802af9b121b29cd252dc0fc72dd7b3059e42d7ca5057e459191cd753e694f64a90611ad9ed17d09d2d769c7b1bd88f1b1c5f4ac1c43eeff8e","ssdeep":"384:wX1pNiPBAQeDjdO3angvjcWkJiesSyy5585jq/:wX1PYBGDMrc2S1Ylq/","tlshash":"0662c08308522ce9ac73a98881bf7de2d37d2b564712ed07312f82099d77af35677511","first_seen":"2024-11-04T10:15:10.626477Z","last_seen":"2025-12-17T19:21:02.883538Z","times_seen":68,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"forge.speedtest.cn/api/v2/statistics/redirect?position=www-to-speed\u0026url=https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"forge.speedtest.cn","domain":"speedtest.cn","tld":"cn"},"ip":{"addr":"118.31.5.70","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-12T01:30:32.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.speedtest.cn","organization":""},"issuer":{"commonName":"GDCA TrustAUTH R4 DV SSL CA G2","organization":"Global Digital Cybersecurity Authority Co., Ltd."},"validity":{"start":"Tue, 05 Aug 2025 01:47:55 GMT","end":"Wed, 05 Aug 2026 01:47:54 GMT"},"fingerprint":{"sha1":"64:62:B4:0B:C2:03:50:75:6A:1E:D2:2E:0D:EE:F3:DD:78:1B:D1:DA","sha256":"64:CB:34:84:95:22:39:A3:12:E6:0E:2E:5F:F1:39:5D:7B:B5:3E:07:A6:5E:1D:D5:2F:CA:1E:5F:84:CA:56:3C"}}},"request":{"raw":"GET /api/v2/statistics/redirect?position=www-to-speed\u0026url=https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html HTTP/1.1\r\nHost: forge.speedtest.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 12 Aug 2025 01:30:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html\r\nset-cookie: acw_tc=0a0966c617549622328776705e872e34f92e98e73e760869e9f14737c2f65e;path=/;HttpOnly;Max-Age=1800\r\nx-powered-by: PHP/7.3.11\r\ncache-control: no-cache, private\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP:7.3.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2613091,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T04:46:10.842589Z","times_seen":13317089,"resource_available":true,"data":null}},"time_used":1837,"timings":{"blocked":765,"dns":29,"connect":242,"send":0,"wait":307,"receive":0,"ssl":490},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","fqdn":"transmittedbankrecord.blob.core.windows.net","domain":"windows.net","tld":"net"},"ip":{"addr":"57.150.154.65","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-12T01:30:33.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.blob.core.windows.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Fri, 20 Jun 2025 16:17:19 GMT","end":"Wed, 17 Dec 2025 16:17:19 GMT"},"fingerprint":{"sha1":"9D:F7:63:AC:ED:D6:16:F8:0A:68:91:57:18:B2:D0:5C:E2:02:66:7F","sha256":"23:A8:96:5E:F8:AB:E4:91:1F:C2:0A:4A:A5:43:FE:86:F3:5C:C0:84:31:24:3A:AF:16:B0:32:93:2F:20:37:FE"}}},"request":{"raw":"GET /sharedviaadobeonline/August2025payment.html HTTP/1.1\r\nHost: transmittedbankrecord.blob.core.windows.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 2613091\r\nContent-Type: text/html\r\nContent-MD5: +uag/0HFyE7CC7kc67xfdQ==\r\nLast-Modified: Sun, 03 Aug 2025 20:17:46 GMT\r\nETag: 0x8DDD2CACFBC6EEC\r\nServer: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: e12562cb-f01e-0040-6e28-0b7190000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nDate: Tue, 12 Aug 2025 01:30:32 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft HTTPAPI:2.0","description":"Microsoft HTTPAPI is a kernel-mode HTTP driver in the Windows operating system responsible for handling HTTP requests and responses with efficiency, scalability, and security.","website":"https://learn.microsoft.com/en-us/windows/win32/http/http-api-start-page","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":2613091,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"18aae1f67308b1781c7ba4fad5997c53","sha1":"c639e5f61d6127b17e0dcf0391433099f218c1aa","sha256":"f0b3ac3a86fda04a3eb272e7d5eaab89587cc3c6d9377786a0188272521386b5","sha512":"7ba2bd80340585d2d72fa2b2dc1f38f49e1097a2c39fd7a2b66f65a5e873aece5911b986ec28552c7daaef2ceb0e20bcd872baecdd34ea894db18b43fa5033d9","ssdeep":"768:EZZwfRgpudjfYoGDfY36ODumGnbSCIMdbPFSzdFnyT7GzdGRL9E0i3hUGL9f4EhP:b","tlshash":"04250687cb8fd578b2c6eebfe19c5a2a6143dc12bddd4a07064c1a5009c158abd6ece4","first_seen":"2025-07-30T01:35:36.533998Z","last_seen":"2025-10-22T11:05:04.956687Z","times_seen":17,"resource_available":false,"data":null}},"time_used":1293,"timings":{"blocked":237,"dns":44,"connect":93,"send":0,"wait":105,"receive":713,"ssl":99},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://transmittedbankrecord.blob.core.windows.net/sharedviaadobeonline/August2025payment.html","date":"2025-08-12T01:30:34.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 02:43:39 GMT","end":"Fri, 10 Oct 2025 03:43:37 GMT"},"fingerprint":{"sha1":"C1:BD:D6:84:57:89:FE:9E:6D:F9:1F:26:76:1D:7C:45:E8:23:F6:35","sha256":"42:6A:B9:E6:CC:53:CB:12:2A:7A:43:B8:3D:90:FC:5E:4D:CA:A2:E0:3D:B4:2E:38:10:A6:6F:26:86:7F:D5:A0"}}},"request":{"raw":"GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://transmittedbankrecord.blob.core.windows.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 12 Aug 2025 01:30:34 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 96dc354efbda56bf-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"816af0eddd3b4822c2756227c7e7b7ee\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:11 GMT\r\ncdn-cachedat: 05/24/2025 18:37:33\r\ncdn-proxyver: 1.28\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 865\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 3d509adc4552922cf6e96d612d5d5e16\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 1019537\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":160302,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65326)","md5":"816af0eddd3b4822c2756227c7e7b7ee","sha1":"c470239d4c7db36d56dc3a74a080c62218c6edc4","sha256":"5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a","sha512":"32844d968c5b4ad05c0fccf733fd819a74feae0e08b0cc4f917686876cc3e8b18d34513cd16de89ec02145c30032b4a8c962fdc43ec4aedd267a7eef47c2d466","ssdeep":"1536:V47CIJ0T2r+ryEIA1pDEBi8yNcuSEcA1/uypq3SYiLENM6HN26b:S7VSGGq3SYiLENM6HN26b","tlshash":"0bf353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf827376487892c70a73e4c","first_seen":"2023-04-05T03:15:58Z","last_seen":"2026-04-04T04:22:23.706287Z","times_seen":12345,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":21,"dns":1,"connect":2,"send":0,"wait":21,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}