Report - aulacland.com/wpmailcap/capitalone.com/

Report Overview

Visited public
2023-09-27 07:56:51
Tags
Submit Tags
URL
aulacland.com/wpmailcap/capitalone.com/
Finishing URL
aulacland.com/wpmailcap/capitalone.com/
IP / ASN
103.27.238.234
#131386 Long Van System Solution JSC
Title
Capital One Sign In: Log in to access your account(s)

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bucolic-mandazi-68151a.netlify.app	unknown	2018-05-08	2023-08-08 17:04:14	2023-09-21 07:54:21	7.6 kB	155 kB	3.70.101.28
ecm.capitalone.com	13649	1995-03-13	2017-02-01 18:32:51	2023-09-22 04:21:06	5.6 kB	98 kB	23.36.79.11
aulacland.com	unknown	2019-09-28	2020-01-17 22:05:42	2023-08-19 17:28:18	761 B	156 kB	103.27.238.234
ajax.aspnetcdn.com	693	2010-10-12	2012-05-24 15:35:31	2023-09-26 18:17:11	424 B	31 kB	152.199.19.160
verified.capitalone.com	24740	1995-03-13	2017-01-03 14:44:34	2023-09-22 04:21:08	435 B	16 kB	2.16.174.101
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-26 18:52:10	915 B	12 kB	104.17.24.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-27 07:56:38	medium	Client IP	Internal IP	ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing
2023-09-27 07:56:38	medium	Client IP	Internal IP	ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing
2023-09-27 07:56:39	medium	Client IP	3.70.101.28	ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing
2023-09-27 07:56:39	medium	Client IP	3.70.101.28	ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing
2023-09-27 07:56:39	medium	Client IP	3.70.101.28	ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing
2023-09-27 07:56:39	medium	Client IP	3.70.101.28	ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing
2023-09-27 07:56:39	medium	Client IP	3.70.101.28	ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing
2023-09-27 07:56:39	medium	Client IP	3.70.101.28	ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing
2023-09-27 07:56:39	medium	Client IP	3.70.101.28	ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed
2023-09-27	medium	bucolic-mandazi-68151a.netlify.app	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-11
Pretty URL ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-11 23:51 Times Seen65302 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js	ScriptElement	20 kB	2023-03-07	2025-07-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-10 12:24 Times Seen2206 Hash 053305c2b293c27c02523cda42962c09 556b0af7346b9e21a8eea1be8b195b563169ecd5 be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44 Loading...

	aulacland.com/wpmailcap/capitalone.com/	ScriptElement	4.1 kB	2023-08-08	2024-08-21
Pretty URL aulacland.com/wpmailcap/capitalone.com/ IP 103.27.238.234 ASN #131386 Long Van System Solution JSC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-08 19:36 Last Seen2024-08-21 09:41 Times Seen14 Hash 2a300216f9981acb4aa60076bca3c8a5 3ac71c9adfa8c73dbc456c2f32ed4f88d9ab9eb3 9247a540b871db0aee6825168a9de84ea1157291816dcfa6383d09e8906ba854 Loading...

	aulacland.com/wpmailcap/capitalone.com/	ScriptElement	322 B	2023-08-08	2024-08-21
Pretty URL aulacland.com/wpmailcap/capitalone.com/ IP 103.27.238.234 ASN #131386 Long Van System Solution JSC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-08 19:36 Last Seen2024-08-21 09:41 Times Seen246 Hash a1bc03e6dfd24877410c06fae2f59504 20cae06221c7108483e52c40a7a85278c801d9c8 156f99ec569d25d9d8722518dda4d7e60b4b210ab2ce9202c8585606bad9c6af Loading...

	bucolic-mandazi-68151a.netlify.app/css/serverComponent.php	ScriptElement	602 B	2023-08-08	2024-09-19
Pretty URL bucolic-mandazi-68151a.netlify.app/css/serverComponent.php IP 3.70.101.28 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 19:36 Last Seen2024-09-19 22:51 Times Seen366 Hash 0626b9bc7730ff6a1cfffc216aae6a53 fb1ffc1f91553b782ca3c004b66045744a84f16a 6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007 Loading...

	unknown	EventHandler	16 B	2023-04-10	2025-07-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-07-11 23:51 Times Seen72917 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

HTTP Transactions (34)

URL IP Response Size

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Sep 2023 07:56:38 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1083411
expires: Mon, 16 Sep 2024 07:56:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0lrhJKjci9jwos8M3PMDO5wfQ6BFhYcKAoaYVuLcLCrut4%2BzFC0ESiBlRA7TnwaVkRio6MTCrQmamfh03P%2BvRAQIy9jV4ND2nXfVhRVckeFU1Cn2lwG%2BGHKyKcMA4JlZL6vKO9F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 80d230f5fddd56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/6.js

3.70.101.28

404 Not Found

1.3 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/6.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.3 kB (1287 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/6.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 79662
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NMP77YY9A3TQ0EEH7AP
content-length: 1287
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/c0d84295063dcdfcd1cc1f640130de02.js

3.70.101.28

404 Not Found

1.3 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/c0d84295063dcdfcd1cc1f640130de02.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.3 kB (1276 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/c0d84295063dcdfcd1cc1f640130de02.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
age: 79662
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NMQ3SQF8RMHVENRJPK2
content-length: 1276
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/Bootstrap.js

3.70.101.28

404 Not Found

1.2 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/Bootstrap.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1247 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/Bootstrap.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aulacland.com
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 115902
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NN0BNEBD1DSD8K8F83G
content-length: 1247
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/serverComponent.php

3.70.101.28

200 OK

602 B

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/serverComponent.php
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (601)
Size
602 B (602 bytes)
Hash
0626b9bc7730ff6a1cfffc216aae6a53
fb1ffc1f91553b782ca3c004b66045744a84f16a
6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/serverComponent.php HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 68242
cache-control: public,max-age=0,must-revalidate
content-type: application/x-php
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: "03cf249d51598e9e317827a045e53b8e-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HBAT7NMQGZZGAR60XTZYWWQ1
content-length: 602
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/c344d59e90

3.70.101.28

404 Not Found

1.2 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/c344d59e90
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1247 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/c344d59e90 HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
age: 33847
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NMQ1Y8TW3T109Z6TZ7Q
content-length: 1247
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/smartBanner.js

3.70.101.28

404 Not Found

1.3 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/smartBanner.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.3 kB (1294 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/smartBanner.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
age: 33847
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NNFVB5K52HBZMKTWTJV
content-length: 1294
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/cp_common.js

3.70.101.28

404 Not Found

1.2 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/cp_common.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1247 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/cp_common.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 79664
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NNFSP6RSVSZSCW0DAZ3
content-length: 1247
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/914a4a6f3a23a11a51feb0d6f6a68751.js

3.70.101.28

404 Not Found

1.3 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/914a4a6f3a23a11a51feb0d6f6a68751.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.3 kB (1276 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/914a4a6f3a23a11a51feb0d6f6a68751.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 2811
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NNFNFF1DP6AQW1BWZ7X
content-length: 1276
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/712ff787f143e2fedc740cf96cd0f80b.js

3.70.101.28

404 Not Found

1.2 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/712ff787f143e2fedc740cf96cd0f80b.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1247 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/712ff787f143e2fedc740cf96cd0f80b.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 2812
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NNFT8HJ04JB4QP603K5
content-length: 1247
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/2d6b9362638574d196874650cdb28cd6.js

3.70.101.28

404 Not Found

1.2 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/2d6b9362638574d196874650cdb28cd6.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1247 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/2d6b9362638574d196874650cdb28cd6.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 33847
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NNK9F3YFXCC7EJM8B23
content-length: 1247
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/web_properties.js

3.70.101.28

404 Not Found

1.2 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/web_properties.js
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1247 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/web_properties.js HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
age: 79663
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:38 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NNF45P3RZDJ80M603ET
content-length: 1247
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2

23.36.79.11

200 OK

28 kB

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\012- data
Size
28 kB (27852 bytes)
Hash
cb37fa55f3dfdd26d61901032a53644f
1115e8d43a08c1f74ec1f6a886d1cb530bb9da97
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9

HTTP Headers

GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aulacland.com/
Origin: https://aulacland.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 27852
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
etag: "cb37fa55f3dfdd26d61901032a53644f"
x-amz-server-side-encryption: AES256
x-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 96b2Bo9YFlYTrfFcQX2Rvo9AmSOQP47Hz8QmnzNMKIjIs5vNDDwCTw==
cache-control: max-age=707694
expires: Thu, 05 Oct 2023 12:31:33 GMT
date: Wed, 27 Sep 2023 07:56:39 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2

23.36.79.11

200 OK

28 kB

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\012- data
Size
28 kB (28388 bytes)
Hash
f4e1fbca28c954a486a90828b2ee7543
7750f00fe0337120e16632ea7fff2a78b11c874a
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd

HTTP Headers

GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aulacland.com/
Origin: https://aulacland.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 28388
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
etag: "f4e1fbca28c954a486a90828b2ee7543"
x-amz-server-side-encryption: AES256
x-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: UKrbxnA6XvXEgVu-TXphVPrBB0iMQxkeEdB_hKRsr382fqfwzgdFHA==
cache-control: max-age=1607554
expires: Sun, 15 Oct 2023 22:29:13 GMT
date: Wed, 27 Sep 2023 07:56:39 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2

23.36.79.11

200 OK

28 kB

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28188, version 1.0\012- data
Size
28 kB (28188 bytes)
Hash
d647937062406e5cc182de0cc77947d8
9d4c283a4fca43ae95019091bbd0a9e1b77b97bc
48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056

HTTP Headers

GET /CI_Common/assets/fonts/Optimist_W_SBd.woff2 HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aulacland.com/
Origin: https://aulacland.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 28188
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
etag: "d647937062406e5cc182de0cc77947d8"
x-amz-server-side-encryption: AES256
x-amz-version-id: QmX7yv6RJT4hT4UTSJmqyU0reaonF3KP
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: O3lBoAqLkZUcPBtTZb4ozX77cfZvmlXBezAzB7kGcH79gTWk8WZMuQ==
cache-control: max-age=1677256
expires: Mon, 16 Oct 2023 17:50:55 GMT
date: Wed, 27 Sep 2023 07:56:39 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/browserDecom.css

3.70.101.28

200 OK

907 B

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/browserDecom.css
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
907 B (907 bytes)
Hash
21b219c6d0855bd870704aca6149a386
f3a3e71129678ac2364ca565ef5cdcdff6c6be0b
5e93965b3f8db2834e8e22ebf73a538bad7ba99fdc443a38942bf69f55c299a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/browserDecom.css HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2
cache-control: public,max-age=0,must-revalidate
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 07:56:39 GMT
etag: "af121a0c15b5dee5f7becf597ed57352-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HBAT7NMQZ35WF8R659C20B2E
content-length: 907
X-Firefox-Spdy: h2

GET aulacland.com/wpmailcap/capitalone.com/

103.27.238.234

200 OK

156 kB

URL User Request GET HTTP/1.1
aulacland.com/wpmailcap/capitalone.com/
IP
103.27.238.234:443
ASN
#131386 Long Van System Solution JSC

Certificate
IssuercPanel, Inc.
Subjectaulacland.com
Fingerprint26:11:E6:1D:DD:B1:70:B1:2B:21:EE:9B:75:5C:52:E9:35:51:51:31
ValidityThu, 31 Aug 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41495)
Size
156 kB (155584 bytes)
Hash
fdeb550981f97080d0c4bb17fbb1bd7b
3f4319964e4a34070d7fa46c2fb9ac931d9975bc
267cb4a694c9736a2cd9b628e800ce7c8882481f70747f1ca691b093595af3ad

HTTP Headers

GET /wpmailcap/capitalone.com/ HTTP/1.1
Host: aulacland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 27 Sep 2023 07:56:36 GMT
Server: Apache
Last-Modified: Tue, 08 Aug 2023 13:22:08 GMT
Accept-Ranges: bytes
Content-Length: 155584
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET bucolic-mandazi-68151a.netlify.app/css/icon-user.svg

3.70.101.28

200 OK

584 B

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/icon-user.svg
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (584), with no line terminators
Size
584 B (584 bytes)
Hash
1f46c36bca03354edd25a3e35b7977db
c002468fca8f3910fccba86c6d67602191eaeaed
32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/icon-user.svg HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public,max-age=0,must-revalidate
content-type: image/svg+xml
date: Wed, 27 Sep 2023 07:56:39 GMT
etag: "2cb7bd60088678dedf1ed85bfa45d2cc-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HBAT7NNFX27YMZYG0QB7ZGYS
content-length: 584
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

104.17.24.14

200 OK

4.5 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
4.5 kB (4517 bytes)
Hash
053305c2b293c27c02523cda42962c09
556b0af7346b9e21a8eea1be8b195b563169ecd5
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 27 Sep 2023 07:56:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 29606514
expires: Mon, 16 Sep 2024 07:56:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QfcS7zO%2BnD%2BRSxd6NO3nz%2F%2BugerlTLd8NuKZNHH4Us29p%2BT8Y6gvBfIaRM4qg%2BUctPfupzV7yCQSjXjYTxxweJPaSJsGaCNXGIr%2BN46w5bKcDTwOFTwGmzfJtGP%2Fb9dgm2OWO0F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 80d230fb990956cb-OSL
alt-svc: h3=":443"; ma=86400

GET ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

152.199.19.160

200 OK

30 kB

URL GET HTTP/2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP
152.199.19.160:443
ASN
#15133 EDGECAST

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30394 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 14734835
cache-control: public,max-age=31536000
content-type: application/javascript
date: Wed, 27 Sep 2023 07:56:39 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F6AE)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css

3.70.101.28

404 Not Found

1.3 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.3 kB (1275 bytes)
Hash
4c1920da7e5d9180796a7cbd50c058fc
ebc6858e8987cdb52fd011a29a6914f65e753a3e
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/styles.17a600ea31802b45.css HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
age: 2
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Sep 2023 07:56:39 GMT
etag: 1691221224-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7PJ6XM86HHB5QARY7GD8
content-length: 1275
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/css.css

3.70.101.28

200 OK

29 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/css.css
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (31118), with CRLF line terminators
Size
29 kB (28835 bytes)
Hash
dbfc2de4f7c9f7c851b60b41139ba060
b4157c33443884cc743adfd5abc1763cbe6f5785
20bb6bf4004dac223173ba5b41449186d983e80050dcfddbbc1975ae566a3e47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/css.css HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 07:56:39 GMT
etag: "78759fbc18d6dd8af298534fcf858866-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NMRQKK0F9NHXNCPRKJ9
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg

23.36.79.11

200 OK

734 B

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
734 B (734 bytes)
Hash
c2f1acf6f29c52f793f66b65ba91d49f
d045195486c4bfdbefd3e812e7297db69615484d
d1b4860dcce83c4c73736dedeafe3b09403b267d087ef721a35dbffd5e564c68

HTTP Headers

GET /CI_Common/assets/images/footer/social-icons/twitter-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: W/"c2f1acf6f29c52f793f66b65ba91d49f"
x-amz-server-side-encryption: AES256
x-amz-version-id: WY8VBzDyq7FctDDX8MrQBW0rTz7Flw8l
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: YlG8YqnDOa_P8VAf9WonpQ5skgLUvinbaxHQSNVgLOzUDc_p05KEJA==
content-length: 734
cache-control: max-age=1759911
expires: Tue, 17 Oct 2023 16:48:31 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg

23.36.79.11

200 OK

282 B

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (431), with no line terminators
Size
282 B (282 bytes)
Hash
e43c5a7e7fb8c3c12579162a4986b1ad
7a7c6a4ce7d8fe81778e3407bb710372ac3ea3f9
b312fb49b19387ededa2729f0c384686ce7c83811b0ea0367ef63767e612da03

HTTP Headers

GET /CI_Common/assets/images/footer/social-icons/facebook-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: "e43c5a7e7fb8c3c12579162a4986b1ad"
x-amz-server-side-encryption: AES256
x-amz-version-id: sp5rcJ_CixBIFs_Kbc9AtTIkRc82cd4R
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: J59KxPSyrzwh1_-pHbiRvwFMM3nt_ufA6PAQOEVJZIkZALIksvAUkg==
vary: Accept-Encoding
content-encoding: gzip
content-length: 282
cache-control: max-age=1652600
expires: Mon, 16 Oct 2023 11:00:00 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg

23.36.79.11

200 OK

295 B

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (491), with no line terminators
Size
295 B (295 bytes)
Hash
0a9ec1ae291522dcb84befe6a44c3830
3236900d0d9801eb93d355a7b9be38b16ea51604
bb29a96bd1b20b9dedd8197ce7f9a29fc742aa6555df924453b5561c6ef3564f

HTTP Headers

GET /CI_Common/assets/images/footer/social-icons/you-tube-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: "0a9ec1ae291522dcb84befe6a44c3830"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5PqSeWnBhEvAtcPgf2XAbVZCtyvnbUxM
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 61GrgK63n8h_lGzo-6PZlw-FzSgEAbs-J-4o0C9LPZwcXeaYMS7VwA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 295
cache-control: max-age=1558762
expires: Sun, 15 Oct 2023 08:56:02 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg

23.36.79.11

200 OK

349 B

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (605), with no line terminators
Size
349 B (349 bytes)
Hash
4135a3d131493d86e0db3c8ad0420602
4849488ce3d7aff2ec83435520a70627144cff6a
bb0c33cd3e05dfff3f5fe39c013a2afc5ddd457d3b76b0bc7ee231cf5d0f01f7

HTTP Headers

GET /CI_Common/assets/images/footer/social-icons/linkedin-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: "4135a3d131493d86e0db3c8ad0420602"
x-amz-server-side-encryption: AES256
x-amz-version-id: V4.R2G9M5ytZINKkEHFYF7hbdLSExGPo
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 4ynpoRODdMy0NFqZlQXq01IXubwYlzd97AREFp__7QRwOBOU0ttfVw==
vary: Accept-Encoding
content-encoding: gzip
content-length: 349
cache-control: max-age=1491159
expires: Sat, 14 Oct 2023 14:09:19 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg

23.36.79.11

200 OK

768 B

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1670), with no line terminators
Size
768 B (768 bytes)
Hash
7ff5bca5e93664bc612cc91ae53ac496
6a078cc08d3f7fe2b9f06a6f20cd3b953748f45f
bb4babc75eb6ef45fd42a6fb5f50b059473aaf36c607bef28a4aedb514e238fc

HTTP Headers

GET /CI_Common/assets/images/footer/social-icons/instagram-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: W/"7ff5bca5e93664bc612cc91ae53ac496"
x-amz-server-side-encryption: AES256
x-amz-version-id: FUfIizReL1r02BrKB1G0_CUQXIQQ79Tx
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: coB_AF0E8m8ED78Dtvm4EGB0n-8P_tmMBd8KBvpxdKedH9QJyXEhzg==
content-length: 768
cache-control: max-age=1422247
expires: Fri, 13 Oct 2023 19:00:47 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg

23.36.79.11

200 OK

1.7 kB

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3967), with CRLF line terminators
Size
1.7 kB (1732 bytes)
Hash
f0b7ad81821effc52540e39cafda48f9
33d64bc7001f414f12bd92e740a45e5ced239add
57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed

HTTP Headers

GET /CI_Common/assets/images/logos/capital-one-logo.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 20 Jan 2021 18:06:43 GMT
etag: W/"f0b7ad81821effc52540e39cafda48f9"
x-amz-server-side-encryption: AES256
x-amz-version-id: 8LzbBBEj8zCeatCBoYuv1q1dFFpTcVNl
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: HdJaUvrAj5VEG9DzlICGcJdU50sF2rvFp9FpZhYE6tYcovP5XqgQKQ==
content-length: 1732
cache-control: max-age=1636733
expires: Mon, 16 Oct 2023 06:35:33 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg

23.36.79.11

200 OK

299 B

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (437), with no line terminators
Size
299 B (299 bytes)
Hash
30d0ea03dfc7173265c5896affca1ad9
3eb9550c148d3e49d67c6531a9aa6cf8acd356d0
2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af

HTTP Headers

GET /CI_Common/assets/images/footer/www-ehl.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:06 GMT
etag: "30d0ea03dfc7173265c5896affca1ad9"
x-amz-server-side-encryption: AES256
x-amz-version-id: Cfpp_Ya_3POEKViDatTY.UH0GBjWHzjx
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: VUds1SokOgb9rdD7QoElH2jw_GpSlScadYoEUDVMVKsc8pGsgE3Y4A==
vary: Accept-Encoding
content-encoding: gzip
content-length: 299
cache-control: max-age=2533495
expires: Thu, 26 Oct 2023 15:41:35 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg

23.36.79.11

200 OK

955 B

URL GET HTTP/2
ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg
IP
23.36.79.11:443
ASN
#20940 Akamai International B.V.

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectecm.capitalone.com
FingerprintEB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03
ValidityFri, 23 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1959), with no line terminators
Size
955 B (955 bytes)
Hash
a5b2f8771a99c2670dd5183853596b4f
31d62e53c4839860683ff79e3866278f5ea35616
017d9cf1015d4388c0069e8f2e147d998616605a8fdbb461cd964ff5cda545e3

HTTP Headers

GET /CI_Common/assets/images/footer/www-fdic.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bucolic-mandazi-68151a.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:06 GMT
etag: W/"a5b2f8771a99c2670dd5183853596b4f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 8xRP0pbuqhkFsGgLYTsgGzSHlkx4pEGg
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: H-Np6_9eZQP1ng_FN2ju7A_gz1t7ss5LHM5EInETUpJpRN5SPOGvkw==
content-length: 955
cache-control: max-age=2063392
expires: Sat, 21 Oct 2023 05:06:32 GMT
date: Wed, 27 Sep 2023 07:56:40 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET verified.capitalone.com/auth/favicon.ico

2.16.174.101

200 OK

15 kB

URL GET HTTP/2
verified.capitalone.com/auth/favicon.ico
IP
2.16.174.101:443
ASN
#16625 AKAMAI-AS

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subjectverified.capitalone.com
Fingerprint44:E2:45:6A:F1:39:E9:0C:AE:A5:CD:55:BE:10:72:0E:7D:B9:D5:BC
ValidityMon, 06 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
d27e1739c7477b10ec6917546ae61f1d
bb36ab8bce726ce72a2d74a8529526bca0fa515d
5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec

HTTP Headers

GET /auth/favicon.ico HTTP/1.1
Host: verified.capitalone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15086
last-modified: Mon, 25 Sep 2023 19:03:16 GMT
etag: "d27e1739c7477b10ec6917546ae61f1d"
x-amz-server-side-encryption: AES256
x-amz-version-id: 87EhxpZH_d8.sK24QkufQr6nC9DY8ePJ
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31622400; includeSubdomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-cf-pop: MXP64-C2
x-amz-cf-id: HMW9EGNVJJlfBiLVPXtABKMLvAEtRXoXxhTqszXOKwxHdmJyUgHI7g==
date: Wed, 27 Sep 2023 07:56:40 GMT
set-cookie: akacd_phased_release_site_down=1695801460~rv=58~id=92bf166203e399582cbe086faf83bf8e; path=/; Expires=Wed, 27 Sep 2023 07:57:40 GMT; Secure; SameSite=None
x-robots-tag: noindex
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY, deny
X-Firefox-Spdy: h2

aulacland.com/

103.27.238.234

0 B

URL
aulacland.com/
IP
103.27.238.234:0
ASN
#131386 Long Van System Solution JSC

Certificate
IssuercPanel, Inc.
Subjectaulacland.com
Fingerprint26:11:E6:1D:DD:B1:70:B1:2B:21:EE:9B:75:5C:52:E9:35:51:51:31
ValidityThu, 31 Aug 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: aulacland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 27 Sep 2023 07:56:34 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET bucolic-mandazi-68151a.netlify.app/css/styles.d7eeec1c93eef5e61473.css

3.70.101.28

200 OK

100 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/styles.d7eeec1c93eef5e61473.css
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
100 kB (99593 bytes)
Hash
01aed6b25e0eb3d74a5f15f51752a6a9
c2d806ad5b0ff7c82beca75d2c8f7f1bcc6936b5
0c4f7f58335b6375e7a4500ab43f4057d09ac3017fd5f2f408259fc762b7ab15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/styles.d7eeec1c93eef5e61473.css HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 2
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 07:56:39 GMT
etag: "f699d301c9a785fdace5efdc9151313f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NMQES6XY9WJ9DPK2CKQ
X-Firefox-Spdy: h2

GET bucolic-mandazi-68151a.netlify.app/css/capital-one-logo.svg

3.70.101.28

200 OK

4.0 kB

URL GET HTTP/2
bucolic-mandazi-68151a.netlify.app/css/capital-one-logo.svg
IP
3.70.101.28:443
ASN
#16509 AMAZON-02

Requested by
https://aulacland.com/wpmailcap/capitalone.com/
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
Fingerprint90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3993), with no line terminators
Size
4.0 kB (3971 bytes)
Hash
e9511a9c792fda659aa43f3e3b50e54f
b5ff7bfa2b74b759141b05f7cf5709fc37a081da
f56b400900e80e92fc46a930f6f7aad7c28211509f3c0bce0f72bd0a454bdaab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/capital-one-logo.svg HTTP/1.1
Host: bucolic-mandazi-68151a.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aulacland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-type: image/svg+xml
date: Wed, 27 Sep 2023 07:56:39 GMT
etag: "5551fd44a62268b80906011d6516a2c9-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HBAT7NNFHJXJ6BMPX612F89X
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash