{"report_id":"5a2f4ff5-af67-4a32-abe3-fff98f8d6d77","version":6,"status":"done","tags":[],"date":"2023-09-27T07:56:51Z","url":{"schema":"http","addr":"aulacland.com/wpmailcap/capitalone.com/","fqdn":"aulacland.com","domain":"aulacland.com","tld":"com"},"ip":{"addr":"103.27.238.234","port":0,"asn":131386,"as":"Long Van System Solution JSC","country":"Vietnam","country_code":"VN"},"final":{"url":{"schema":"https","addr":"aulacland.com/wpmailcap/capitalone.com/","fqdn":"aulacland.com","domain":"aulacland.com","tld":"com"},"title":"Capital One Sign In: Log in to access your account(s)"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T21:28:41Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"bucolic-mandazi-68151a.netlify.app","ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-05-08","domain_rank":0,"first_seen":"2023-08-08 17:04:14","last_seen":"2023-09-21 07:54:21","alert_count":17,"request_count":17,"received_data":155269,"sent_data":7605,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ecm.capitalone.com","ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"1995-03-13","domain_rank":13649,"first_seen":"2017-02-01 18:32:51","last_seen":"2023-09-22 04:21:06","alert_count":0,"request_count":11,"received_data":98258,"sent_data":5615,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aulacland.com","ip":{"addr":"103.27.238.234","port":443,"asn":131386,"as":"Long Van System Solution JSC","country":"Vietnam","country_code":"VN"},"domain_registered":"2019-09-28","domain_rank":0,"first_seen":"2020-01-17 22:05:42","last_seen":"2023-08-19 17:28:18","alert_count":0,"request_count":2,"received_data":156047,"sent_data":761,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.aspnetcdn.com","ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2010-10-12","domain_rank":693,"first_seen":"2012-05-24 15:35:31","last_seen":"2023-09-26 18:17:11","alert_count":0,"request_count":1,"received_data":30886,"sent_data":424,"comment":"","tags":null,"fingerprints":null},{"fqdn":"verified.capitalone.com","ip":{"addr":"2.16.174.101","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"domain_registered":"1995-03-13","domain_rank":24740,"first_seen":"2017-01-03 14:44:34","last_seen":"2023-09-22 04:21:08","alert_count":0,"request_count":1,"received_data":15995,"sent_data":435,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-09-26 18:52:10","alert_count":0,"request_count":2,"received_data":12155,"sent_data":915,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:38Z","timestamp":1695801398,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":57453,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:38.980961+0000\",\"flow_id\":4105455466465,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":57453,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":56571,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-27T07:56:38.980961+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:38Z","timestamp":1695801398,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55555,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:38.980756+0000\",\"flow_id\":1971252016641812,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":55555,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":39181,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-27T07:56:38.980756+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:39Z","timestamp":1695801399,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":38942,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:39.060373+0000\",\"flow_id\":86659021866066,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":38942,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-27T07:56:39.001106+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:39Z","timestamp":1695801399,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":38978,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:39.055873+0000\",\"flow_id\":367824760931867,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":38978,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-27T07:56:39.001563+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:39Z","timestamp":1695801399,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":38926,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:39.063992+0000\",\"flow_id\":1996656748200899,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":38926,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":936,\"bytes_toclient\":1434,\"start\":\"2023-09-27T07:56:39.000963+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:39Z","timestamp":1695801399,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":38992,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:39.067916+0000\",\"flow_id\":2159573447673491,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":38992,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-27T07:56:39.001683+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:39Z","timestamp":1695801399,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":38954,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:39.071424+0000\",\"flow_id\":494685209953485,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":38954,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-27T07:56:39.001229+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:39Z","timestamp":1695801399,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":38994,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:39.076424+0000\",\"flow_id\":2100577776895793,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":38994,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-27T07:56:39.001841+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-27T07:56:39Z","timestamp":1695801399,"ip_dst":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":38968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-27T07:56:39.080078+0000\",\"flow_id\":1640152987796901,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.34\",\"src_port\":38968,\"dest_ip\":\"3.70.101.28\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1434,\"start\":\"2023-09-27T07:56:39.001445+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-05T18:57:17.705496Z","times_seen":118454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","size":20120,"data":"","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-04-04T13:17:57.792984Z","times_seen":2670,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aulacland.com/wpmailcap/capitalone.com/","fqdn":"aulacland.com","domain":"aulacland.com","tld":"com"},"ip":{"addr":"103.27.238.234","port":443,"asn":131386,"as":"Long Van System Solution JSC","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"2a300216f9981acb4aa60076bca3c8a5","sha1":"3ac71c9adfa8c73dbc456c2f32ed4f88d9ab9eb3","sha256":"9247a540b871db0aee6825168a9de84ea1157291816dcfa6383d09e8906ba854","sha512":"1357828ca60e080df6630f5432b5a2ef52702e792fbde52a329780e46dbafcedfdd31dc6221bebeddb9b455e955e1df88b8ebb4274c5836ec5327d9a82cda23f","ssdeep":"96:OKlMmtPwDFh3nAE31mykYHImV/VHVbmvd9cvS5M:OSw3rBPAA","tlshash":"c2810da8f7ac26aa55763039657fb098363e37bb1c41ad013cee4da03b95e0d7911e09","size":4100,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-08-21T09:41:14.675301Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aulacland.com/wpmailcap/capitalone.com/","fqdn":"aulacland.com","domain":"aulacland.com","tld":"com"},"ip":{"addr":"103.27.238.234","port":443,"asn":131386,"as":"Long Van System Solution JSC","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"a1bc03e6dfd24877410c06fae2f59504","sha1":"20cae06221c7108483e52c40a7a85278c801d9c8","sha256":"156f99ec569d25d9d8722518dda4d7e60b4b210ab2ce9202c8585606bad9c6af","sha512":"a56dfa1f46d7c20c3d3d99670b145e8e9b5dcbeae8d6040250dcecdc87b4aea465f4b2b184a1ee2a8cc83618af2f928c5ec649445af179b9cf43fa38faeafc80","ssdeep":"","tlshash":"60e0260ab3506d1ae0b39c8a08793009bb2973a593fcad0c3eb4ad901e7235ab004905","size":322,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2025-11-30T03:39:09.282916Z","times_seen":247,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","size":602,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"807000f0003000030003c30000333cf300000c0fc0ccc3ccfc0000c000c00000000c33","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-04-05T18:49:50.167739Z","times_seen":234782,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.026Z","timestamp":1695801399026,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5631\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5f-7918\"\r\nlast-modified: Mon, 04 May 2020 16:10:07 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1083411\r\nexpires: Mon, 16 Sep 2024 07:56:38 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=S0lrhJKjci9jwos8M3PMDO5wfQ6BFhYcKAoaYVuLcLCrut4%2BzFC0ESiBlRA7TnwaVkRio6MTCrQmamfh03P%2BvRAQIy9jV4ND2nXfVhRVckeFU1Cn2lwG%2BGHKyKcMA4JlZL6vKO9F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 80d230f5fddd56c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5631,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-05T18:50:03.05431Z","times_seen":237342,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":8,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:38.993Z","timestamp":1695801398993,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 79662\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NMP77YY9A3TQ0EEH7AP\r\ncontent-length: 1287\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1287,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":224,"dns":20,"connect":26,"send":0,"wait":27,"receive":0,"ssl":178},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c0d84295063dcdfcd1cc1f640130de02.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.000Z","timestamp":1695801399000,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c0d84295063dcdfcd1cc1f640130de02.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 79662\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NMQ3SQF8RMHVENRJPK2\r\ncontent-length: 1276\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1276,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":218,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/Bootstrap.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.023Z","timestamp":1695801399023,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/Bootstrap.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://aulacland.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 115902\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NN0BNEBD1DSD8K8F83G\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":13,"connect":37,"send":0,"wait":26,"receive":0,"ssl":180},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.004Z","timestamp":1695801399004,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/serverComponent.php HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 68242\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: application/x-php\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: \"03cf249d51598e9e317827a045e53b8e-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HBAT7NMQGZZGAR60XTZYWWQ1\r\ncontent-length: 602\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":602,"size_decoded":0,"mime_type":"application/x-php","magic":"ASCII text, with very long lines (601)","md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":214,"dns":0,"connect":0,"send":0,"wait":27,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c344d59e90","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.002Z","timestamp":1695801399002,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c344d59e90 HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 33847\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NMQ1Y8TW3T109Z6TZ7Q\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":216,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/smartBanner.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.192Z","timestamp":1695801400192,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/smartBanner.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 33847\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NNFVB5K52HBZMKTWTJV\r\ncontent-length: 1294\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1294,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/cp_common.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.024Z","timestamp":1695801399024,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/cp_common.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 79664\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NNFSP6RSVSZSCW0DAZ3\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":213,"dns":17,"connect":26,"send":0,"wait":33,"receive":3,"ssl":205},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/914a4a6f3a23a11a51feb0d6f6a68751.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:38.999Z","timestamp":1695801398999,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/914a4a6f3a23a11a51feb0d6f6a68751.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 2811\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NNFNFF1DP6AQW1BWZ7X\r\ncontent-length: 1276\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1276,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":237,"dns":18,"connect":41,"send":0,"wait":33,"receive":16,"ssl":180},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/712ff787f143e2fedc740cf96cd0f80b.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:38.995Z","timestamp":1695801398995,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/712ff787f143e2fedc740cf96cd0f80b.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 2812\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NNFT8HJ04JB4QP603K5\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":242,"dns":17,"connect":26,"send":0,"wait":50,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/2d6b9362638574d196874650cdb28cd6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:38.998Z","timestamp":1695801398998,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/2d6b9362638574d196874650cdb28cd6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 33847\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NNK9F3YFXCC7EJM8B23\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":249,"dns":19,"connect":30,"send":0,"wait":46,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/web_properties.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.025Z","timestamp":1695801399025,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/web_properties.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 79663\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:38 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NNF45P3RZDJ80M603ET\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":197,"dns":19,"connect":26,"send":0,"wait":72,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.007Z","timestamp":1695801399007,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aulacland.com/\r\nOrigin: https://aulacland.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 27852\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"cb37fa55f3dfdd26d61901032a53644f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 96b2Bo9YFlYTrfFcQX2Rvo9AmSOQP47Hz8QmnzNMKIjIs5vNDDwCTw==\r\ncache-control: max-age=707694\r\nexpires: Thu, 05 Oct 2023 12:31:33 GMT\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27852,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\\012- data","md5":"cb37fa55f3dfdd26d61901032a53644f","sha1":"1115e8d43a08c1f74ec1f6a886d1cb530bb9da97","sha256":"902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9","sha512":"1a3176551c4f26069e24102fc72e407737b17121e39277b86f8130f10270cc81aefab8b11f7c38d8726ecaa1f3a24b2313a8f364442bc85dc8e41513b1d6e242","ssdeep":"768:DwcUL/u/dKOTCsjdD+GLF49dhKzulthYtOtGNl+34:DwcE2/BWeVB49d0CltheO8Z","tlshash":"e0c2e1ad1b73b17bdbe24b79db8951997d24b2e00775cfa712a411b0a003a951f382c6","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-03-31T11:41:10.339622Z","times_seen":648,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":282,"connect":1,"send":0,"wait":3,"receive":3,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.008Z","timestamp":1695801399008,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aulacland.com/\r\nOrigin: https://aulacland.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28388\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"f4e1fbca28c954a486a90828b2ee7543\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: UKrbxnA6XvXEgVu-TXphVPrBB0iMQxkeEdB_hKRsr382fqfwzgdFHA==\r\ncache-control: max-age=1607554\r\nexpires: Sun, 15 Oct 2023 22:29:13 GMT\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28388,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\\012- data","md5":"f4e1fbca28c954a486a90828b2ee7543","sha1":"7750f00fe0337120e16632ea7fff2a78b11c874a","sha256":"9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd","sha512":"637dcf053eef0e7d769863f91d229dbc8f53b1f5162628634b6849f2f947d002e4a8c69266db9376d8e52bb3eefe53c98ebefb584013a048020d35876daa88e6","ssdeep":"384:CZbzQs8AWvFV+CwE53CmqKETLKcdJTA8A9z12SkQDBkDNeDHrMR6ZWocMT12Ms0J:CZRVWvFzwK9KKwTALJn2eDrMR3ckfq","tlshash":"15d2f26c508ca59ddda7e0f2b9a45ff86ca4a11d9001578743fb67c0e3fed680980be2","first_seen":"2023-04-18T09:28:11Z","last_seen":"2026-04-04T13:42:44.12479Z","times_seen":687,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":281,"connect":1,"send":0,"wait":6,"receive":3,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.010Z","timestamp":1695801399010,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_SBd.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aulacland.com/\r\nOrigin: https://aulacland.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28188\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"d647937062406e5cc182de0cc77947d8\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: QmX7yv6RJT4hT4UTSJmqyU0reaonF3KP\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: O3lBoAqLkZUcPBtTZb4ozX77cfZvmlXBezAzB7kGcH79gTWk8WZMuQ==\r\ncache-control: max-age=1677256\r\nexpires: Mon, 16 Oct 2023 17:50:55 GMT\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28188,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28188, version 1.0\\012- data","md5":"d647937062406e5cc182de0cc77947d8","sha1":"9d4c283a4fca43ae95019091bbd0a9e1b77b97bc","sha256":"48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056","sha512":"05aa4e12f95b749c2e772e9f596ed11dc2d4d40da637e4aafbe7a2a2b97b8398fb318f180b48711cdd89de8e92ddded32b066a7ef370f6245de4cad73b21e744","ssdeep":"768:HH1az7BcIW5H7g3+Ma2ZqcHOrCG7jCzVjNbEjfO:nA+h5bE0ISMVjNwjfO","tlshash":"a1c2e1cdc8206d85be52db386469edbb0220d4b5dc341d0938a9733c075847fe2ea9fa","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-04-04T13:42:44.117617Z","times_seen":673,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":-1,"dns":281,"connect":1,"send":0,"wait":8,"receive":39,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/browserDecom.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.006Z","timestamp":1695801399006,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/browserDecom.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\netag: \"af121a0c15b5dee5f7becf597ed57352-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HBAT7NMQZ35WF8R659C20B2E\r\ncontent-length: 907\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":907,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"21b219c6d0855bd870704aca6149a386","sha1":"f3a3e71129678ac2364ca565ef5cdcdff6c6be0b","sha256":"5e93965b3f8db2834e8e22ebf73a538bad7ba99fdc443a38942bf69f55c299a3","sha512":"fd26746f9665e68b8213f25c464334a5c118c250fa5d1587c344a784e56b4a469ab8bb29df042251434994c991b9c52241c5a3eb78ec9ccb55041c9f3fc444c4","ssdeep":"","tlshash":"b4117dc29b664a88360ec1a6785763686339d141cd2bde3c76b039f8bd552805013776","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T21:28:33.449625Z","times_seen":314,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":213,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aulacland.com/wpmailcap/capitalone.com/","fqdn":"aulacland.com","domain":"aulacland.com","tld":"com"},"ip":{"addr":"103.27.238.234","port":443,"asn":131386,"as":"Long Van System Solution JSC","country":"Vietnam","country_code":"VN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-27T07:56:33.609Z","timestamp":1695801393609,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aulacland.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 31 Aug 2023 00:00:00 GMT","end":"Wed, 29 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"26:11:E6:1D:DD:B1:70:B1:2B:21:EE:9B:75:5C:52:E9:35:51:51:31","sha256":"98:D1:35:91:8E:0A:22:DD:1D:6D:EA:46:1A:53:EE:1B:AD:98:13:97:2A:B5:1D:35:42:1F:A2:56:03:38:A6:B7"}}},"request":{"raw":"GET /wpmailcap/capitalone.com/ HTTP/1.1\r\nHost: aulacland.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 27 Sep 2023 07:56:36 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 08 Aug 2023 13:22:08 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 155584\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":155584,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41495)","md5":"fdeb550981f97080d0c4bb17fbb1bd7b","sha1":"3f4319964e4a34070d7fa46c2fb9ac931d9975bc","sha256":"267cb4a694c9736a2cd9b628e800ce7c8882481f70747f1ca691b093595af3ad","sha512":"9730b309eb055967b1087d78e0d2542a373504188ec964c73f86773b25258caa2d89f352a50d54782fcc017af1def820d3178dff679d7a211fdd10af3a1e1c5f","ssdeep":"3072:77Wa4u8Ay9lGbocwruWNOTAHx9lGbocwruWNOTAHabJCfZLpwlXK:77WaHb4ob45fZLpd","tlshash":"31e38d7251080e6e1b83e9daca727f016d71902bd94f4268b69c3b4c17f5ff5646e2c8","first_seen":"2023-08-08T19:36:34Z","last_seen":"2023-10-27T15:35:18Z","times_seen":8,"resource_available":false,"data":null}},"time_used":10515,"timings":{"blocked":4729,"dns":0,"connect":261,"send":0,"wait":264,"receive":793,"ssl":4465},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/icon-user.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.034Z","timestamp":1695801399034,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/icon-user.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: image/svg+xml\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\netag: \"2cb7bd60088678dedf1ed85bfa45d2cc-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HBAT7NNFX27YMZYG0QB7ZGYS\r\ncontent-length: 584\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":584,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (584), with no line terminators","md5":"1f46c36bca03354edd25a3e35b7977db","sha1":"c002468fca8f3910fccba86c6d67602191eaeaed","sha256":"32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6","sha512":"75d96be277e58c397f846c80ed1154a910b824c349ccafa3de277dcbdbd227cfc98b7848fca0906654d80be81b4b5248d7e907fe0b843c36c43047c26e7b22c0","ssdeep":"","tlshash":"fef002e9577458fcd943ca3ad72924c62a3a70fd9a248998709864256d140ce4008888","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.182874Z","times_seen":284,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":187,"dns":0,"connect":0,"send":0,"wait":245,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.910Z","timestamp":1695801399910,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4517\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec3-4e98\"\r\nlast-modified: Mon, 04 May 2020 16:11:47 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 29606514\r\nexpires: Mon, 16 Sep 2024 07:56:39 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=3QfcS7zO%2BnD%2BRSxd6NO3nz%2F%2BugerlTLd8NuKZNHH4Us29p%2BT8Y6gvBfIaRM4qg%2BUctPfupzV7yCQSjXjYTxxweJPaSJsGaCNXGIr%2BN46w5bKcDTwOFTwGmzfJtGP%2Fb9dgm2OWO0F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 80d230fb990956cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4517,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-04-04T13:17:57.792984Z","times_seen":2670,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.909Z","timestamp":1695801399909,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vo.msecnd.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 05 May 2023 00:00:00 GMT","end":"Sun, 28 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80","sha256":"BF:60:70:23:0A:9B:F0:F9:BC:EE:56:40:4B:F6:C3:4B:F6:BE:14:87:14:29:CF:BD:47:5C:31:E8:85:A5:7F:C3"}}},"request":{"raw":"GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1\r\nHost: ajax.aspnetcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 14734835\r\ncache-control: public,max-age=31536000\r\ncontent-type: application/javascript\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\netag: \"80288516b793d31:0\"\r\nlast-modified: Mon, 22 Jan 2018 19:27:49 GMT\r\nserver: ECAcc (ska/F6AE)\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 30394\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30394,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-05T18:57:17.705496Z","times_seen":118454,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":76,"dns":20,"connect":36,"send":0,"wait":12,"receive":3,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.028Z","timestamp":1695801399028,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.17a600ea31802b45.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 2\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7PJ6XM86HHB5QARY7GD8\r\ncontent-length: 1275\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1275,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-03-27T05:21:03.027988Z","times_seen":3239,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":190,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/css.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.030Z","timestamp":1695801399030,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/css.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\netag: \"78759fbc18d6dd8af298534fcf858866-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NMRQKK0F9NHXNCPRKJ9\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28835,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (31118), with CRLF line terminators","md5":"dbfc2de4f7c9f7c851b60b41139ba060","sha1":"b4157c33443884cc743adfd5abc1763cbe6f5785","sha256":"20bb6bf4004dac223173ba5b41449186d983e80050dcfddbbc1975ae566a3e47","sha512":"3a5210282202e25093967a9261704066782054e0fad511d45a5d3b37fb6d4932f656cce3d7b640e00cfe7877a66e93a9f13201fc54ce8b2f97252bb68c4e44b6","ssdeep":"1536:ACQLzUxDgkEgGDgkEgDDgkEgEDgkEgbDgkEgNxVIjDgkEgXDgkEggHADgkEgCDgO:ACQLzba","tlshash":"bfa410b2f2c2011d33b38e7e2062a788d514d86bd1b627ed25c3b9a8b5c57bb01b751d","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T21:28:32.990818Z","times_seen":314,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":190,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.352Z","timestamp":1695801400352,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/twitter-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"c2f1acf6f29c52f793f66b65ba91d49f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: WY8VBzDyq7FctDDX8MrQBW0rTz7Flw8l\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: YlG8YqnDOa_P8VAf9WonpQ5skgLUvinbaxHQSNVgLOzUDc_p05KEJA==\r\ncontent-length: 734\r\ncache-control: max-age=1759911\r\nexpires: Tue, 17 Oct 2023 16:48:31 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":734,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- XML 1.0 document text\\012- XML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"c2f1acf6f29c52f793f66b65ba91d49f","sha1":"d045195486c4bfdbefd3e812e7297db69615484d","sha256":"d1b4860dcce83c4c73736dedeafe3b09403b267d087ef721a35dbffd5e564c68","sha512":"fc865996cb25ece0d63aea5801204de3642283dbddc174c87b0dccd5aba0f017fe03cfea081930ca3cdba4bca2359a22e140f567d6f9611fc18653095d2db197","ssdeep":"","tlshash":"d0213f55c395d8fabe258204d3b175c872f4589bb5b0d2d4bbaf0827f21c8e4454c2dd","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.186981Z","times_seen":396,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.362Z","timestamp":1695801400362,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/facebook-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"e43c5a7e7fb8c3c12579162a4986b1ad\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: sp5rcJ_CixBIFs_Kbc9AtTIkRc82cd4R\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: J59KxPSyrzwh1_-pHbiRvwFMM3nt_ufA6PAQOEVJZIkZALIksvAUkg==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 282\r\ncache-control: max-age=1652600\r\nexpires: Mon, 16 Oct 2023 11:00:00 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":282,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (431), with no line terminators","md5":"e43c5a7e7fb8c3c12579162a4986b1ad","sha1":"7a7c6a4ce7d8fe81778e3407bb710372ac3ea3f9","sha256":"b312fb49b19387ededa2729f0c384686ce7c83811b0ea0367ef63767e612da03","sha512":"949e0cfd60a6c3bd0f427b074e411e6891d76d67e0bc40d31fc14aabe54bed79fe15b8bf5fec39e9b504f297fd597e2b72ebf157b33a414be6e971e5cf083eba","ssdeep":"","tlshash":"d3e0a3dfb7492114a11fa9d6dbbc3e24781ce0ed64cd05c91f53b628509718cd417c50","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.187943Z","times_seen":388,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.366Z","timestamp":1695801400366,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/you-tube-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"0a9ec1ae291522dcb84befe6a44c3830\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 5PqSeWnBhEvAtcPgf2XAbVZCtyvnbUxM\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 61GrgK63n8h_lGzo-6PZlw-FzSgEAbs-J-4o0C9LPZwcXeaYMS7VwA==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 295\r\ncache-control: max-age=1558762\r\nexpires: Sun, 15 Oct 2023 08:56:02 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":295,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (491), with no line terminators","md5":"0a9ec1ae291522dcb84befe6a44c3830","sha1":"3236900d0d9801eb93d355a7b9be38b16ea51604","sha256":"bb29a96bd1b20b9dedd8197ce7f9a29fc742aa6555df924453b5561c6ef3564f","sha512":"ce5259558d6f047262edbedd14001d0a14da8e818048d6b2c22690ba540508b9e4b9da2353be8827996a352701f8fad6dc8f6a92ee13f6cb309a6ad2693c96f7","ssdeep":"","tlshash":"80f059e28f281c29d88fcfa8de7835a5754d05f422ed498c62e6ae2422e5f8ad544d81","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.20206Z","times_seen":388,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.374Z","timestamp":1695801400374,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/linkedin-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"4135a3d131493d86e0db3c8ad0420602\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: V4.R2G9M5ytZINKkEHFYF7hbdLSExGPo\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 4ynpoRODdMy0NFqZlQXq01IXubwYlzd97AREFp__7QRwOBOU0ttfVw==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 349\r\ncache-control: max-age=1491159\r\nexpires: Sat, 14 Oct 2023 14:09:19 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":349,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (605), with no line terminators","md5":"4135a3d131493d86e0db3c8ad0420602","sha1":"4849488ce3d7aff2ec83435520a70627144cff6a","sha256":"bb0c33cd3e05dfff3f5fe39c013a2afc5ddd457d3b76b0bc7ee231cf5d0f01f7","sha512":"2a4d52b445fd456acaff27b49d6dd7bed97c88a6dc0bdf725b3e96efc82431c468e808f167f121d069675b51dff60062ff7358d90146fe7fb76e352762a463aa","ssdeep":"","tlshash":"82f002af81064944e6068f22ce4c3c2ca71d14d5796980bcd003e63c7f8fa81bc15e72","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.178544Z","times_seen":384,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.375Z","timestamp":1695801400375,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/instagram-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"7ff5bca5e93664bc612cc91ae53ac496\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: FUfIizReL1r02BrKB1G0_CUQXIQQ79Tx\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: coB_AF0E8m8ED78Dtvm4EGB0n-8P_tmMBd8KBvpxdKedH9QJyXEhzg==\r\ncontent-length: 768\r\ncache-control: max-age=1422247\r\nexpires: Fri, 13 Oct 2023 19:00:47 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":768,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1670), with no line terminators","md5":"7ff5bca5e93664bc612cc91ae53ac496","sha1":"6a078cc08d3f7fe2b9f06a6f20cd3b953748f45f","sha256":"bb4babc75eb6ef45fd42a6fb5f50b059473aaf36c607bef28a4aedb514e238fc","sha512":"21fbea944b4ed600bf269a8f8079364c63583700ad56ac65165775a56b953467825f177fb4d46c0d08b29019f4a70a287bf1a2ee54311b6162cb85f006195f97","ssdeep":"","tlshash":"7731d0c16670d74415ca9c59cbf2eb204563f02f14eab8d1daff8b09a54ecc9fb80844","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.191198Z","times_seen":389,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.389Z","timestamp":1695801400389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/logos/capital-one-logo.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 20 Jan 2021 18:06:43 GMT\r\netag: W/\"f0b7ad81821effc52540e39cafda48f9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8LzbBBEj8zCeatCBoYuv1q1dFFpTcVNl\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: HdJaUvrAj5VEG9DzlICGcJdU50sF2rvFp9FpZhYE6tYcovP5XqgQKQ==\r\ncontent-length: 1732\r\ncache-control: max-age=1636733\r\nexpires: Mon, 16 Oct 2023 06:35:33 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1732,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3967), with CRLF line terminators","md5":"f0b7ad81821effc52540e39cafda48f9","sha1":"33d64bc7001f414f12bd92e740a45e5ced239add","sha256":"57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed","sha512":"ada921382d19becb6bb1efe43c7024f1bb995c84fb8c91e245731de68ab23e7959df759dc53fab8459b91eb3004334a6bd96194eb11c956a81a99b486252b727","ssdeep":"","tlshash":"a3819c79c390d3b9eed69bbc9f3260b4d08fd1ae90e5d35482a4c56035d20d8b25ecd9","first_seen":"2023-05-05T00:40:48Z","last_seen":"2026-03-31T11:41:10.334419Z","times_seen":490,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.395Z","timestamp":1695801400395,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-ehl.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: \"30d0ea03dfc7173265c5896affca1ad9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Cfpp_Ya_3POEKViDatTY.UH0GBjWHzjx\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: VUds1SokOgb9rdD7QoElH2jw_GpSlScadYoEUDVMVKsc8pGsgE3Y4A==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 299\r\ncache-control: max-age=2533495\r\nexpires: Thu, 26 Oct 2023 15:41:35 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":299,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (437), with no line terminators","md5":"30d0ea03dfc7173265c5896affca1ad9","sha1":"3eb9550c148d3e49d67c6531a9aa6cf8acd356d0","sha256":"2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af","sha512":"5a460a10695b605ac05b4f21881751ea3a87c65245b0b3ae6a45b42bafb42f85f3df0f710afcd55a1c5ab6f0b9044a9c032dba888de3e18a5e4291b464a6f4fe","ssdeep":"","tlshash":"bde0555e87ba3a1468a087f8f3997e5253e602c9c298d2ec54f12537606d9e8819ce44","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.195536Z","times_seen":385,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.11","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.393Z","timestamp":1695801400393,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-fdic.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: W/\"a5b2f8771a99c2670dd5183853596b4f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8xRP0pbuqhkFsGgLYTsgGzSHlkx4pEGg\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: H-Np6_9eZQP1ng_FN2ju7A_gz1t7ss5LHM5EInETUpJpRN5SPOGvkw==\r\ncontent-length: 955\r\ncache-control: max-age=2063392\r\nexpires: Sat, 21 Oct 2023 05:06:32 GMT\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (1959), with no line terminators","md5":"a5b2f8771a99c2670dd5183853596b4f","sha1":"31d62e53c4839860683ff79e3866278f5ea35616","sha256":"017d9cf1015d4388c0069e8f2e147d998616605a8fdbb461cd964ff5cda545e3","sha512":"c456c0f4bed3264c85fb0336f334fd7be44ffd373230d0c5617e66ecebcaeb5faaccd815215e8ea788e6000330e5f7b2288c3c9cc66e2843f10dc00e839960c2","ssdeep":"","tlshash":"2a41adbd8754d1adeec48aec6e27e0a4e05fa259c0d1c3519266c6b111d24c9e34f8e4","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.193272Z","times_seen":390,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verified.capitalone.com/auth/favicon.ico","fqdn":"verified.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"2.16.174.101","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:40.508Z","timestamp":1695801400508,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"verified.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Mon, 06 Feb 2023 00:00:00 GMT","end":"Mon, 05 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:E2:45:6A:F1:39:E9:0C:AE:A5:CD:55:BE:10:72:0E:7D:B9:D5:BC","sha256":"9B:15:C9:E4:1C:60:57:83:AA:C0:E3:81:DD:7B:2F:1C:3A:33:0C:53:B1:A5:69:F0:DD:5E:A5:F9:0E:80:DE:46"}}},"request":{"raw":"GET /auth/favicon.ico HTTP/1.1\r\nHost: verified.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15086\r\nlast-modified: Mon, 25 Sep 2023 19:03:16 GMT\r\netag: \"d27e1739c7477b10ec6917546ae61f1d\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 87EhxpZH_d8.sK24QkufQr6nC9DY8ePJ\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ncontent-security-policy: frame-ancestors 'none'\r\nstrict-transport-security: max-age=31622400; includeSubdomains\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-amz-cf-pop: MXP64-C2\r\nx-amz-cf-id: HMW9EGNVJJlfBiLVPXtABKMLvAEtRXoXxhTqszXOKwxHdmJyUgHI7g==\r\ndate: Wed, 27 Sep 2023 07:56:40 GMT\r\nset-cookie: akacd_phased_release_site_down=1695801460~rv=58~id=92bf166203e399582cbe086faf83bf8e; path=/; Expires=Wed, 27 Sep 2023 07:57:40 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nx-frame-options: DENY, deny\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\\012- data","md5":"d27e1739c7477b10ec6917546ae61f1d","sha1":"bb36ab8bce726ce72a2d74a8529526bca0fa515d","sha256":"5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec","sha512":"f8905a386f0d492e37d086fefd9e0eca1ef915551242554b70803f3fe89d4d7173565820f391f14f392d71861c8c43f3f8ecb4c5569491db9a2006f80bd0f64d","ssdeep":"96:WnvwwlPwSVOJilFV9HNya8arOd9e9DAthhrXTF14/sKFVNe4WiInwjr:Mf9DNF2e9DALhrjFeUmNlWz4","tlshash":"2e6262a362824eb4d8671530e9569b2dc272efea8df4fd042d387a2b4b352c5500b7c1","first_seen":"2023-04-18T09:27:51Z","last_seen":"2026-03-31T11:41:10.336931Z","times_seen":660,"resource_available":false,"data":null}},"time_used":406,"timings":{"blocked":0,"dns":316,"connect":8,"send":0,"wait":41,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aulacland.com/","fqdn":"aulacland.com","domain":"aulacland.com","tld":"com"},"ip":{"addr":"103.27.238.234","port":0,"asn":131386,"as":"Long Van System Solution JSC","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-27T07:56:41.396475508Z","timestamp":1695801401396,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aulacland.com","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 31 Aug 2023 00:00:00 GMT","end":"Wed, 29 Nov 2023 23:59:59 GMT"},"fingerprint":{"sha1":"26:11:E6:1D:DD:B1:70:B1:2B:21:EE:9B:75:5C:52:E9:35:51:51:31","sha256":"98:D1:35:91:8E:0A:22:DD:1D:6D:EA:46:1A:53:EE:1B:AD:98:13:97:2A:B5:1D:35:42:1F:A2:56:03:38:A6:B7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aulacland.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 27 Sep 2023 07:56:34 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.4.33\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T18:47:00.55824Z","times_seen":13388457,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.d7eeec1c93eef5e61473.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.026Z","timestamp":1695801399026,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.d7eeec1c93eef5e61473.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\netag: \"f699d301c9a785fdace5efdc9151313f-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NMQES6XY9WJ9DPK2CKQ\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":99593,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"01aed6b25e0eb3d74a5f15f51752a6a9","sha1":"c2d806ad5b0ff7c82beca75d2c8f7f1bcc6936b5","sha256":"0c4f7f58335b6375e7a4500ab43f4057d09ac3017fd5f2f408259fc762b7ab15","sha512":"27239c439e1fe9178e2b59e828966c5a3bc059a436d36f5ab761e443e2cdb6b39ad4022ebdf577ab1446edfdf06ff76ddae7edd023cc850009bb0f6414af4305","ssdeep":"384:wy2DsacMwIXZT+SRbFcWSZe5xkoodWHoon/tVp:r2DsaUOSZsp","tlshash":"8ea3a0a7f6c6016ac097cf6590b639fce63a8c00d7c7666b5d03b7b89785fc60532889","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T22:51:16.260566Z","times_seen":387,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":192,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/capital-one-logo.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"3.70.101.28","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aulacland.com/wpmailcap/capitalone.com/","date":"2023-09-27T07:56:39.033Z","timestamp":1695801399033,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/capital-one-logo.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aulacland.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Wed, 27 Sep 2023 07:56:39 GMT\r\netag: \"5551fd44a62268b80906011d6516a2c9-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HBAT7NNFHJXJ6BMPX612F89X\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3971,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3993), with no line terminators","md5":"e9511a9c792fda659aa43f3e3b50e54f","sha1":"b5ff7bfa2b74b759141b05f7cf5709fc37a081da","sha256":"f56b400900e80e92fc46a930f6f7aad7c28211509f3c0bce0f72bd0a454bdaab","sha512":"c0f73bd06d4f899bc9a3886554bd99090308ab346b66e0d99bfd4785c61ea418038c9f71b2c6c3285b6ab66819c80e3fc8efd5ea9a53e3be7dce6f32979dedae","ssdeep":"","tlshash":"3a81ab79c380d3b9eee69bbc9f3650b4e08e90ae90f5d35482a4c46035d20d8b25ecd9","first_seen":"2023-08-13T05:35:18Z","last_seen":"2025-03-21T21:56:48.594733Z","times_seen":79,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":188,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-27","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}