{"report_id":"6d1553af-ff27-46dd-8917-14a8db3a16e5","version":6,"status":"done","tags":[],"date":"2026-03-12T13:04:18Z","url":{"schema":"http","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"final":{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"title":"Santander","dom":{"size":4532,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4528), with no line terminators","md5":"3dd7b657a22a88c1977ab27645b3d917","sha1":"bcabcdf8aed9a63e1c3003dc86f4ad6af6747969","sha256":"fee819b3196516b70cf034516602e14f691c8c9f8bdfa3fb66455247a257b495","sha512":"55903b1cbd0ab28e85563d0380d3d3d1441de1b511c0baa820d70021063c15968db314e1bb87f42fb57cccb8a0ae1c7980eef2e1e87a87940143356faa18c7eb","ssdeep":"48:ni1u/Dd9jw9jwzY4pOxGCBukbzA5RFMHwFMHW9FMH4c+FMHwFMH4DzA5RFMHWgpc:nKu/Z9U9UUBubSPQpY2A+xw7","tlshash":"ee912eb2c969223603330ecdb576f72ef9a3d10dde62681674bd87894bc1d99ce0624d","dom_hash":"domhash0746dca0bfdbdd35c44a4f56092b30d5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":0,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-16T13:04:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"stats.customerverification-test.santander.co.uk","ip":{"addr":"52.49.96.228","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2003-08-14","domain_rank":0,"first_seen":"2026-03-11T22:23:42.747636Z","last_seen":"2026-03-11T22:23:42.747636Z","alert_count":0,"request_count":1,"received_data":191,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2019-06-17","domain_rank":0,"first_seen":"2026-03-11T22:52:21.181739Z","last_seen":"2026-03-11T22:52:21.181739Z","alert_count":70,"request_count":14,"received_data":2791255,"sent_data":7255,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/plausible.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":false,"md5":"6dd442efa4a37285f2fa74b469012543","sha1":"c830e1cd078b81d2ce8f48e1f524d988f5afdd1c","sha256":"a0ad8bd25f6cb7b0d18da29bfc7107346d83d50220b42b9c26b4e6044bbcda2f","sha512":"f0cba37152c6dc4e3b964d632bd4cb4f9ca08e9787eecc5da4756f4139e25d80482ab49a00dc75a1788d02630eda8caf038997c233667ef2ca9eaa6ec06681cb","ssdeep":"","tlshash":"74e0c2390f63e23c89b90b8b0c3ee56fb272b4146a6ed00b3089cc064090bcc8f26d35","size":315,"data":"","first_seen":"2026-03-11T22:23:51.328396Z","last_seen":"2026-03-12T13:04:21.585921Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/polyfill/14d8ca3accec84c954a9.min.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":false,"md5":"124bf405ac1aa85fc4d836ac1513e27d","sha1":"52c659974afa4da867de5842d2d96e3df7d044ba","sha256":"51c96e175ed6a508d9edc1a08301836fd361a0a4a8315cb3abf5eaa904183816","sha512":"afc0b17d580ad51c7530486f55f44b8f52602930bd2f2147e6225aeaafa7459fd9791b31d60e144ed6412160af1b06c8245580f50eb6c931894d8552dc6c9d9e","ssdeep":"","tlshash":"42310eea3292f8d81397b494052f909bf1278876207df0e0e712d8a23c3519d8077fa9","size":1750,"data":"","first_seen":"2026-03-11T22:23:51.330927Z","last_seen":"2026-03-12T13:04:21.592265Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/vendor/dea4405c14dd72267a1f.min.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab7cf963b92cf18ffae6261dc260b389","sha1":"15f9a97e26dbad767518d7398164a1fb7a95378f","sha256":"5aa552734df65af07f18e7e610ee803deb3f7048357e8e203609761e6e1d8894","sha512":"8880661ba4ea697287d342dc5df0f9db56b3f75946fe15dfb04560cccddccf487cbfa37fe9794dbcb00290fa3eb16f6432a455a9b5712bc22f794880dbb722e5","ssdeep":"12288:Pw01TgJT17jzsVROMJB1AhVddO2W6pZqI4e/zzZOhtpB:oITgJhrSROMv1aQ2W6pZqReLdOhV","tlshash":"844519cc7596f4a247e321f1402f290ab33e2e6d680da810e6a1e4d5bd7595e8237f7c","size":1206868,"data":"","first_seen":"2026-03-11T22:23:51.358538Z","last_seen":"2026-03-12T13:04:21.599277Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/santander/40a6b7392d8ed3babf86.min.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7419b2240d2ae4425bf91d85ee7b2b1c","sha1":"1efcd76759079d9b147ca7564700d0c490211c45","sha256":"ce35fdb84d93536b74f9cbf0b29e611d5d131b032befc66635c9ccc460bb9eff","sha512":"f0fdc1b64c48aebe0acff2728e5108a9f53b19ba757019fce180d9d7bb2538dd8eebd091bbbf0adb6a3075056d61de50749a3038aff6c4b77a2adad1abce44aa","ssdeep":"3072:pH5hfnqiN1aKzfhqmdvdHQqLDLQGLfOx4A/rmtsAU9vJNtf7BT9+zIQ1ISahfO+u:/hPNN8GAVqsAMJX1Q1ka","tlshash":"0a64e851b17815ac89da029fa4395a08ff943f1e6a3d4860a0f8cc6cb2b5fd4357ee74","size":323197,"data":"","first_seen":"2026-03-11T22:23:51.343771Z","last_seen":"2026-03-12T13:04:21.587398Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":true,"md5":"56a573bb525fcbe30a42ed4a6c210f2e","sha1":"4ee265b710b6253e274401987ba5fcc2e9d32de9","sha256":"95bb2e65c45a4bb040bae6b7d0c97545a2440ab03dea9b1c17d3696dc4539100","sha512":"5f0d3d1d465c7f39d421ee69649b014bfece7c3c41f9467799171a8143597db507f1dff69cae7c2bf867726556fc21e2cccb2ae6f82470ce7089746dfd1f446e","ssdeep":"","tlshash":"6ec09b347605a27025e51e8435fedbc5ac3111036907b080d51d5381e5a5c075c57dfd","size":139,"data":"","first_seen":"2026-03-11T22:23:51.352314Z","last_seen":"2026-03-12T13:04:21.600271Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/assets/888c6680f5df1d171d8c.svg","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /assets/888c6680f5df1d171d8c.svg HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4882\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4882,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8c102a28a8ad5d4770d2a82c7d214e65","sha1":"2332ae0d14526d138dafef0407f84f3c4b4ab69f","sha256":"547974470435fac87ed39804d3d48d39a9072e5a856bc2eabd8573ae4ca97b08","sha512":"d0dd35cbd9c83f3e54669f606586af9a41b966e6144a8203164d93f27a23b94572bed2e6ddac3d851da43cbf2836a05aca14151ca30fa12ff5fa58ef3c239b15","ssdeep":"96:mPPibjymj4iKFC7xtcu94aIMtumt5Pc410bLqK8rRXqKURFCSGacpWifn:1jym0iKA7maIMtumt5T15ZU3CBacUE","tlshash":"d6a1b6ef17c5b5e4e049e7e48a01ac34f79b24be3e62866dc6994f60b65288e194ccc1","first_seen":"2026-03-11T22:23:51.333989Z","last_seen":"2026-03-12T13:04:21.578665Z","times_seen":4,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/assets/90073800c8cb7d20c69a.woff","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /assets/90073800c8cb7d20c69a.woff HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/santander/a03b91d4b42c8014a2a7.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: font/woff\r\ncontent-length: 71270\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71270,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 71270, version 0.0","md5":"05be61edf47d85eed650e66dc0888e28","sha1":"cadcd1fd7f0826a9d7810dc9f5996c2b2cf263c7","sha256":"b3e36283594a5c24cf9e9ba48a5bd484878a98cb1bc0a688dc41001cfc3eec3b","sha512":"be64b6f7a8ada4a287e400610b7b374fb4c9eeb1dc73d879cf500892e38da5bd529bf2ede0c217d50250c8fb871b24e0ca58bd80742fe778da507c1e394bc703","ssdeep":"1536:hcNsKYyPKRPo+vOgdIcUXph73BqpmMTGQQThhhhhhhhhhhhhhhhhhhhhhhhhhhhA:hcNsKHPNYZU773BqpmMAhhhhhhhhhhhi","tlshash":"ab63b07dd786a652d139f0aa6ce43c26ee0f938ce6422c904646e058b5d527cbf4f48f","first_seen":"2023-04-12T23:53:21Z","last_seen":"2026-04-23T13:17:32.286821Z","times_seen":30,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/vendor/5cc2f5e85bad7c8495ef.css","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:55.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /vendor/5cc2f5e85bad7c8495ef.css HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:55 GMT\r\ncontent-type: text/css; charset=UTF-8\r\ncontent-length: 227032\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":399980,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (43008)","md5":"ce2400688388223c840d2ae57a2b48c6","sha1":"275c74da636b86080d887656ecb057a5393d32e5","sha256":"4a2f5008d45e7e082a985d0aa4d451570846236437c5170df4c063e00f9a58e8","sha512":"c512278a2fe468d20cb75f145f92f2f0dd0ce742a782f6011a01e05de9b6683ea21851cc427581121b747b6dc1a4affc72a436a8d91517dcf1a58d305a6448c3","ssdeep":"12288:uarEXA7YTW0JkQOBLxEaY7j/hZY7e9wIM7x8HqOtZSTx:uarEw7YTW0JkaboK9hM7xwqIZS9","tlshash":"60845ab0920c18c67766ccafc38873685d3afb6ad050ac51f94ed90dafc9349559af2c","first_seen":"2026-03-11T22:23:51.340707Z","last_seen":"2026-03-12T13:04:21.583319Z","times_seen":3,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":170,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/vendor/dea4405c14dd72267a1f.min.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:55.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /vendor/dea4405c14dd72267a1f.min.js HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 387112\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1207195,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63964)","md5":"f7269f2d20f66a22c54b5feb76cdec3b","sha1":"693628056e17bde3cd408ba724c2bb3ed6f7ceca","sha256":"a77b8646cd22699a1bc18b21b8328e5a4485bee275233a4f130670fcecac7c28","sha512":"946e13330b3a1e674badad44f6381558b4bc5f804ee9a27ba3a148e437c3aa9d97745873085c33f927bca50e211acd01ff1aa66854fa03a1211d207fcc9261d3","ssdeep":"12288:Pw01TgJT17jzsVROMJB1AhVddO2W6pZqI4e/zz3:oITgJhrSROMv1aQ2W6pZqReLb","tlshash":"39351acc75d6f0a247e321f1402f290ab23e2e6d680da410e6a1e4d5bdb595e8237f7d","first_seen":"2026-03-11T22:52:26.475802Z","last_seen":"2026-03-12T13:04:21.584743Z","times_seen":3,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/plausible.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:55.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /plausible.js HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:55 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 315\r\ncache-control: max-age=86400, immutable\r\netag: W/\"13b-yDDhzQeLgdLOj0jh9STZiPWv3Rw\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":315,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"6dd442efa4a37285f2fa74b469012543","sha1":"c830e1cd078b81d2ce8f48e1f524d988f5afdd1c","sha256":"a0ad8bd25f6cb7b0d18da29bfc7107346d83d50220b42b9c26b4e6044bbcda2f","sha512":"f0cba37152c6dc4e3b964d632bd4cb4f9ca08e9787eecc5da4756f4139e25d80482ab49a00dc75a1788d02630eda8caf038997c233667ef2ca9eaa6ec06681cb","ssdeep":"","tlshash":"74e0c2390f63e23c89b90b8b0c3ee56fb272b4146a6ed00b3089cc064090bcc8f26d35","first_seen":"2026-03-11T22:23:51.328396Z","last_seen":"2026-03-12T13:04:21.585921Z","times_seen":4,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/santander/40a6b7392d8ed3babf86.min.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:55.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /santander/40a6b7392d8ed3babf86.min.js HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 86407\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":323197,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65525), with no line terminators","md5":"7419b2240d2ae4425bf91d85ee7b2b1c","sha1":"1efcd76759079d9b147ca7564700d0c490211c45","sha256":"ce35fdb84d93536b74f9cbf0b29e611d5d131b032befc66635c9ccc460bb9eff","sha512":"f0fdc1b64c48aebe0acff2728e5108a9f53b19ba757019fce180d9d7bb2538dd8eebd091bbbf0adb6a3075056d61de50749a3038aff6c4b77a2adad1abce44aa","ssdeep":"3072:pH5hfnqiN1aKzfhqmdvdHQqLDLQGLfOx4A/rmtsAU9vJNtf7BT9+zIQ1ISahfO+u:/hPNN8GAVqsAMJX1Q1ka","tlshash":"0a64e851b17815ac89da029fa4395a08ff943f1e6a3d4860a0f8cc6cb2b5fd4357ee74","first_seen":"2026-03-11T22:23:51.343771Z","last_seen":"2026-03-12T13:04:21.587398Z","times_seen":4,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/assets/746c91a0576679ec8313.woff","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /assets/746c91a0576679ec8313.woff HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/santander/a03b91d4b42c8014a2a7.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: font/woff\r\ncontent-length: 69352\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69352,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 69352, version 0.0","md5":"3007e13054b230e9ccd5e4f506ee64fe","sha1":"e9d048202f4ba5aac599d6d6189389fb1b992b70","sha256":"2d2d2cfd7a36307f8ca530948d454dcd9f706830b7c18ee0cc4fa3ec16d96091","sha512":"2bb7c20d6e519056b187d21abba465112ff821c359b9a4f5bfdfcd40d7049a1d54b0977fdbaf0ef52ae13ecb355be5bf01de943cdfea2dc2c92dd71ddf3a4ac7","ssdeep":"1536:3zyXiuGPgGtBENT+37PkwkbKDD5eoRlztr6Bbn:3m18gVNueqlztr2n","tlshash":"9f63c060d777c4d20bcf8232d2b0b76df72da228fa91807571bcd9b4b925688b4819cd","first_seen":"2023-04-12T23:53:21Z","last_seen":"2026-06-06T23:54:38.61958Z","times_seen":50,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/api/authorisation","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /api/authorisation HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 401 Unauthorized\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 12\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: no-store\r\netag: W/\"c-dAuDFQrdjS3hezqxDTNgW7AOlYk\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"e06d1ba70f1331e9f9a113cc2f887d3f","sha1":"740b83150add8d2de17b3ab10d33605bb00e9589","sha256":"d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f","sha512":"5a5cb10218016ed858b0b16f4bab706405153b8f6885e520f38c5209b58494cba187825004d82a3425ae661b7a696a646d490f84cb2d0b820f19050ceab21765","ssdeep":"","tlshash":"2060000000000300f000000c03000033c000c03cc30000300c00c000000300c0000c00","first_seen":"2023-04-05T04:24:58Z","last_seen":"2026-06-08T20:56:23.152948Z","times_seen":16019,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/assets/12bb416305974a3da674.woff","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /assets/12bb416305974a3da674.woff HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/santander/a03b91d4b42c8014a2a7.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: font/woff\r\ncontent-length: 71053\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71053,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 71053, version 0.0","md5":"1ff04868499fb12bde31413a62bdce28","sha1":"4cb0e837358c63f61edb7b65bf01d3be1b92b80c","sha256":"fb9959e108e4e451081311056d730119759da5ae0a4fe4b9e629cee4bd39a4d2","sha512":"87180789a5440857ca3ce608e223fd4fe35fa12e5ebf0616b0b72ca06482424afbc8cc1d4844091407d2b08b69cdd6f70f0746be20a8f9c8dc9bffc54b3d0561","ssdeep":"1536:4eEgLt4r7QbU6fnDUt0ICUS+j6VSMMMMRJJJJJJJJJJJJJJJBE3Pw:4vgLtSbMAt0IXS+j6V+JJJJJJJJJJJJn","tlshash":"f063b0e7c0a6b80b275fff7420835a2bce1ae5113f7ac0efd29a4e46c879125dc85605","first_seen":"2023-05-04T14:35:32Z","last_seen":"2026-05-28T01:41:17.029988Z","times_seen":30,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/polyfill/14d8ca3accec84c954a9.min.js","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:55.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /polyfill/14d8ca3accec84c954a9.min.js HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 1750\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1750), with no line terminators","md5":"124bf405ac1aa85fc4d836ac1513e27d","sha1":"52c659974afa4da867de5842d2d96e3df7d044ba","sha256":"51c96e175ed6a508d9edc1a08301836fd361a0a4a8315cb3abf5eaa904183816","sha512":"afc0b17d580ad51c7530486f55f44b8f52602930bd2f2147e6225aeaafa7459fd9791b31d60e144ed6412160af1b06c8245580f50eb6c931894d8552dc6c9d9e","ssdeep":"","tlshash":"42310eea3292f8d81397b494052f909bf1278876207df0e0e712d8a23c3519d8077fa9","first_seen":"2026-03-11T22:23:51.330927Z","last_seen":"2026-03-12T13:04:21.592265Z","times_seen":4,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stats.customerverification-test.santander.co.uk/js/script.js","fqdn":"stats.customerverification-test.santander.co.uk","domain":"santander.co.uk","tld":"co.uk"},"ip":{"addr":"52.49.96.228","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"stats.customerverification-test.santander.co.uk","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 07:40:59 GMT","end":"Sat, 30 May 2026 07:40:58 GMT"},"fingerprint":{"sha1":"29:B1:FD:16:CB:83:4A:3E:59:4E:6E:1C:C3:7E:A2:4A:D0:F0:BE:96","sha256":"9D:FB:9D:2A:D9:F9:3E:2B:8C:73:E1:0F:65:6A:72:C3:61:48:E5:9C:C6:43:43:17:8B:48:2F:C4:9B:0F:F2:2F"}}},"request":{"raw":"GET /js/script.js HTTP/1.1\r\nHost: stats.customerverification-test.santander.co.uk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) like Gecko/20100101 Firefox/99.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":87,"dns":2,"connect":36,"send":0,"wait":38,"receive":1,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/santander/favicon.ico","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /santander/favicon.ico HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 3126\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=3600, immutable\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3126,"size_decoded":0,"mime_type":"image/x-icon","magic":"PC bitmap, Windows 3.x format, 32 x 32 x 24, image size 3072, resolution 3780 x 3780 px/m, cbSize 3126, bits offset 54","md5":"7aae90ebc4f50a35a497ccffcf817f15","sha1":"ca5a834c29003d0e18705ebdd9984b1fdbd78310","sha256":"0396d795adc0ebe6f1ecf8fc4165b92597b13987ffa43197698108c294feaaec","sha512":"736a25cafa747721382cf0fda331e93fb338d2ead9e8948ab6fb3a7b7cd043675c82e70553bff1232ef32a60bab325e2e7cbd007792d5c29e65ebc3b99a2874b","ssdeep":"","tlshash":"9c51f12057c4c717e4458eb393e1e5181d471c5d2d50e1e4e293bade4b792d121d34b9","first_seen":"2023-05-08T19:05:18Z","last_seen":"2026-06-08T17:07:59.922194Z","times_seen":154,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/assets/7cbeeb7b0b893b23a153.png","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:56.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /assets/7cbeeb7b0b893b23a153.png HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/santander/a03b91d4b42c8014a2a7.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 461834\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":461834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1440 x 360, 8-bit/color RGBA, non-interlaced","md5":"cba9f9d6b1701bff0fd1fffc7fce32fb","sha1":"263f845e25a11abb9cdd3963873f7ee89ce7aa9f","sha256":"acbf0e88aa668112b7fdc13bf16490c7098f8a52c631cb1350469734502dc096","sha512":"c2e1ef9f93beecdbbc9aa65caace6caad80e0ca0fd8c20903ce9d1f66da651a56ba0a3638e6a4e7096d44929a1ae7bc52ff9afd5aabc34ad93cd160db4373b33","ssdeep":"12288:7gwZEpkppB5H7kLLJHpPAeHESeaKhXtdut612w7:U5pkLAHJeeHgxPutRw7","tlshash":"87a42327a59c7d8d1ca96bfdc88071d57d158a22c21fc4ed9464282fad6bfb081ff802","first_seen":"2026-03-11T22:23:51.321329Z","last_seen":"2026-03-12T13:04:21.596267Z","times_seen":4,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-12T13:03:55.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 774\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=180\r\ncontent-security-policy: default-src 'self';img-src 'self' data:;script-src 'self' 'sha256-lbsuZcRaS7BAuua30Ml1RaJECrA96pscF9NpbcRTkQA=' https://stats.customerverification-test.santander.co.uk;style-src 'self';font-src 'self';frame-src 'self';frame-ancestors 'none';connect-src 'self' https://stats.customerverification-test.santander.co.uk\r\nx-xss-protection: 0\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\netag: W/\"306-19cbda16d18\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":774,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (774), with no line terminators","md5":"ab13c3948f5f51206ef1f1cb98ea9b9b","sha1":"726550df046f436fadddfb9160672df7e14a3ead","sha256":"007d76a437445d5f06ad3d317330aaf41632357a3bd689384c763861ffb65852","sha512":"af0d0cc595b28d1ff5922b9ecf071dcf0d3504cafa679184826fadb78169ee9b5cea4068d21457b0170e5a6c71ff79170c58d0039cef44f68b7dbc3a6cacb9b8","ssdeep":"","tlshash":"a201d095cc18835c56b01e8abab2fb5dec39550afd51b460b2ee01d599a4fc88c09d08","first_seen":"2026-03-11T22:23:51.339006Z","last_seen":"2026-03-12T13:04:21.597295Z","times_seen":4,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":80,"dns":4,"connect":33,"send":0,"wait":39,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"policy-portal.dev.san.kpmgcdd-fincrime.com/santander/a03b91d4b42c8014a2a7.css","fqdn":"policy-portal.dev.san.kpmgcdd-fincrime.com","domain":"kpmgcdd-fincrime.com","tld":"com"},"ip":{"addr":"46.137.103.76","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://policy-portal.dev.san.kpmgcdd-fincrime.com/","date":"2026-03-12T13:03:55.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"policy-portal.dev.san.kpmgcdd-fincrime.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Feb 2026 19:32:22 GMT","end":"Sun, 10 May 2026 19:32:21 GMT"},"fingerprint":{"sha1":"9B:47:3B:BC:D8:E8:31:39:78:11:5B:63:D4:9E:70:E9:B4:22:DB:54","sha256":"9E:ED:B1:D9:36:A8:FA:B6:27:32:9E:78:D9:0E:E4:B9:75:18:64:E6:BF:26:8B:A6:3D:37:E0:FC:72:CE:D7:90"}}},"request":{"raw":"GET /santander/a03b91d4b42c8014a2a7.css HTTP/1.1\r\nHost: policy-portal.dev.san.kpmgcdd-fincrime.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://policy-portal.dev.san.kpmgcdd-fincrime.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 12 Mar 2026 13:03:55 GMT\r\ncontent-type: text/css; charset=UTF-8\r\ncontent-length: 29818\r\nx-dns-prefetch-control: off\r\nexpect-ct: max-age=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: no-referrer,strict-origin-when-cross-origin\r\ncache-control: max-age=31536000, immutable\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Mar 2026 10:53:19 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":168883,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (40231)","md5":"6da2ec9b137e574805640b07f20c8464","sha1":"233db0a8d9f43288f5c6b0beef266d964e838a6e","sha256":"baf6bc35975c99502e62d0e8da6628eb468a698379fe7f2ce43968fbf7f2248a","sha512":"96a7e68aa731dcfab4d3a403af16ebc3e2c2df4ae65b8d27374bbdb7198b6004519ec006152f5f3c875a2d094c0b5f3f99b0dc5addd23cb346401a0a76895220","ssdeep":"1536:0EwIiEylFCcVoNOBJrrA5WiFCR923G8t2xB7TeKd0QJ97o:KoNOBJrrA5BF6I3Vx","tlshash":"eaf3feb1d60820e87737c81fa791b27c1534f231e1926daaf45ed94e8bc978502e6f2d","first_seen":"2026-03-11T22:23:51.325849Z","last_seen":"2026-03-12T13:04:21.598114Z","times_seen":4,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-12","alert":"Phishing Block","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-12","alert":"Sinkholed","trigger":"policy-portal.dev.san.kpmgcdd-fincrime.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}