{"report_id":"6d88b159-2fb8-4541-8317-1f7ae7ff9a22","version":6,"status":"done","tags":["bancolombia","financial","phishing"],"date":"2023-11-24T17:40:29Z","url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":0,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"final":{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"title":"Valida tus Datos"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:59:43Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":14,"request_count":16,"received_data":618853,"sent_data":8700,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images-cdn.info","ip":{"addr":"52.21.2.28","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2018-02-25","domain_rank":528156,"first_seen":"2020-06-20 01:31:03","last_seen":"2023-11-24 03:31:54","alert_count":1,"request_count":2,"received_data":470,"sent_data":892,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ka-f.fontawesome.com","ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2012-10-18","domain_rank":3598,"first_seen":"2019-12-17 07:36:13","last_seen":"2023-11-24 05:10:26","alert_count":0,"request_count":4,"received_data":137303,"sent_data":2423,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kit.fontawesome.com","ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2012-10-18","domain_rank":1868,"first_seen":"2019-12-16 20:51:31","last_seen":"2023-11-24 05:11:09","alert_count":0,"request_count":1,"received_data":12243,"sent_data":561,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"kit.fontawesome.com/45b9078c9f.js","fqdn":"kit.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8e4f917ed26e3a1d2f26077eee3f73c","sha1":"b37c96d5deda15c3754f058f8f42ecc4fb9e4970","sha256":"8212039d17d158453c6305a5ca08559ca48007be17b5fc214a00b57461e9d8a4","sha512":"3fa9ebcdc9f3e0eae35e28239e841f747a0c07b64020c3d20fb7f2fba9553f4ab68beaaedd234b4e84343d045e9eb90207965bc2264984533d38b9b0c3300d50","ssdeep":"192:PkO3pHuf4n7ACpiIthMzn/A+gmTVULb2nZsyP4lO3mX7dvh3D21Q5l8hf0kCzMn:cdVCfhMznrnBrmL9h3D21Q5l8hfl","tlshash":"6832a4997691b5b246eb7160803f620bf2753536300ad060e25dede46c7dd6e9233f2d","size":11642,"data":"","first_seen":"2023-08-03T05:21:29Z","last_seen":"2023-11-27T05:17:07Z","times_seen":185,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/js/jquery-3.6.0.min.js","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-11T03:28:37.21317Z","times_seen":465699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/js/jquery.jclock-min.js","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"introduction_type":"scriptElement","is_inline":false,"md5":"71722c7314fed201941f23bc1fe9604e","sha1":"1d1c35c3b25ea4056bd39ba290523e70bd2f8038","sha256":"93bf1714fd8d4cad23861f0017d5b3335f8b009f59d2bd654dcf0c29b7f36031","sha512":"f0c56d414d56bcb50a3264783781dedfb7401a553069a2d96b6b62289fb4246dc1fe601a6fdb8acd069e43c382788592ceafcc31ce799f6c1cc1025ca89ce6ea","ssdeep":"","tlshash":"a671545a243cc2d16a96bc39287f1e73c63b5d36080ae46c794fd6c5682c83f556ba20","size":3337,"data":"","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-05-09T03:07:33.771181Z","times_seen":715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"72c849f4e961e28f1b808e494aeb74fc","sha1":"fc8dac259db80d9b7726d9879c87bf215da0c998","sha256":"e9a8b6953d544e0ecbcaceb9bf82f0d6fff65278545f11d0ee580072e52a66b1","sha512":"8a7283ddd117af134b92deaeb88909e9a434a2675d0cbc5af60ca0bfb61a7f0d228c428e75f10f29e175c05eff4762b39b5f6dfc092c666bf257c0f0ce0bba5d","ssdeep":"","tlshash":"b0a0220b203e30e32002e0ec382f0020eeb2e0bf0c28cfc0800a0880b8802380232e8c","size":73,"data":"","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-05-09T03:07:33.808277Z","times_seen":794,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/js/functions.js","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"introduction_type":"scriptElement","is_inline":false,"md5":"766efd6f6fabe224b25520316b20b6a3","sha1":"0c05051015db2ace6078680a8448723e090350f8","sha256":"cdc0d129aeca47bd4a47cac2d9d777517a19692defe663fe2806d0dfd2211c25","sha512":"e9da9384d496cea5d9252bb62bd58245d0a6a6bf1ec34bdd9cb400a7f10b2bdf105d58ed167adf4da7308ce0234671983e8e6d70cfaf1237c93a8f8bf3d436d3","ssdeep":"","tlshash":"bf712bfc307230140573b729595f2b01af6a8c9377185f45394d89b0dfb82ae7962fa5","size":3637,"data":"","first_seen":"2023-10-22T17:21:52Z","last_seen":"2023-12-03T23:41:35Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"introduction_type":"scriptElement","is_inline":true,"md5":"100035dac46c72d1635ab3ddc390bd25","sha1":"fb335e5abda81ef6bfd3720ef17037419c1f6527","sha256":"5ffbbdb62aaa75402fdc941f9b3d2ad53a71f6ab951083b3ac25392a3626325a","sha512":"5823319633d82e3e8f59d2646c7623f0109e9a417adb988b8fd65be3d54aa95d60d6a36e5f5f33c1993b5f668866eb40ae7094e7c1675ab24f4a7167055356df","ssdeep":"","tlshash":"e8319cb0f69c8bc71233233e490a76d990bd6d322e8885e9fd7521a98c08f65a566c80","size":1556,"data":"","first_seen":"2023-03-08T06:56:48Z","last_seen":"2024-08-20T18:19:44.639881Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c5c4007cea06af541a69c3e9a230d8","sha1":"5a6e2739fdcf9fe96696db91cdb274643e2ffa83","sha256":"1dfc31a76640c6741a2f9eaf5325ca5028fd518e0c5f86aea06fd620ac0b1225","sha512":"4cc34e388ea293d9b3f6731228d0b3ec1f7c659f8ad3b944141d554a5db84373b64ea34023726490d0ade08fbaf843212a133b4d5e2b9ba7e94734342208dd16","ssdeep":"","tlshash":"67e0c2829066639038a365b10dfd19826ba0409b8907eb143b8d8385cf0c22ea0779c8","size":331,"data":"","first_seen":"2024-08-20T18:02:51.543849Z","last_seen":"2024-08-20T18:02:51.543849Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/css/style.css","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.190Z","timestamp":1700847618190,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/css/style.css HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:15 GMT\r\nContent-Type: text/css\r\nContent-Length: 1423\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:15:48 GMT\r\nETag: \"1779-60ac50fb6c2f0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1423,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"72479bd20c38e802443cb174a470cbc9","sha1":"2d9d08213047e1f765e40f8e35cc634042fe6a92","sha256":"51aa53f23ba2b51e83eca02fdb47b2212252e7b5088a6c42b8b15431168fd15c","sha512":"ede9e340deee9dd23d5328f601d703d1b7c7804650b48df951eb886596227343a923ba39909e65a405bfbf8b7c4fa1f59a452833b2bf55158632a043e73a6377","ssdeep":"96:7GgJeJbJpJUJnGngyrA1p2ghJhJ/JNmZRYJCCuz8/Ju1GDyTXeJbE/L02jO1:vWtnQG43fBeSCF8Bu1GyWQg2y","tlshash":"39c1dd06ea4a028bb63618a9ff366ba7ed6c4003570747717ae077229fb507d5e907cc","first_seen":"2023-04-05T04:08:00Z","last_seen":"2024-12-12T13:23:44.339657Z","times_seen":372,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/js/jquery.jclock-min.js","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.193Z","timestamp":1700847618193,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/js/jquery.jclock-min.js HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:15 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 1393\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:20 GMT\r\nETag: \"d09-60ac5119caa79-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1393,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (2957), with CRLF line terminators","md5":"71722c7314fed201941f23bc1fe9604e","sha1":"1d1c35c3b25ea4056bd39ba290523e70bd2f8038","sha256":"93bf1714fd8d4cad23861f0017d5b3335f8b009f59d2bd654dcf0c29b7f36031","sha512":"f0c56d414d56bcb50a3264783781dedfb7401a553069a2d96b6b62289fb4246dc1fe601a6fdb8acd069e43c382788592ceafcc31ce799f6c1cc1025ca89ce6ea","ssdeep":"","tlshash":"a671545a243cc2d16a96bc39287f1e73c63b5d36080ae46c794fd6c5682c83f556ba20","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-05-09T03:07:33.771181Z","times_seen":715,"resource_available":true,"data":null}},"time_used":892,"timings":{"blocked":291,"dns":1,"connect":298,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/css/stylesheet.css","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.191Z","timestamp":1700847618191,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/css/stylesheet.css HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:15 GMT\r\nContent-Type: text/css\r\nContent-Length: 444\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:15:48 GMT\r\nETag: \"b82-60ac50fb674d0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":444,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (360)","md5":"a310982fb888be050fb3ab09d40d7ffc","sha1":"b4a86966fec0a29c9bae72c1279a762cc009bf21","sha256":"f27f79e97e6af6f6003291117a51ded4ac0271248d26e5acf840f666d12d38b2","sha512":"13df75f25b4827fa911f8700005d3c48d7acfb68ea4de57f244ac720b80e3bdfaf2fc4e36dfe795ca314a19cf4a38fb696d4501a934f91e21d11b9163b7d3b69","ssdeep":"","tlshash":"e1514960d14a799345583c5733db7f244f8d286670048457a23489afecf2a6a92d6f0f","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-05-09T03:07:33.796606Z","times_seen":611,"resource_available":false,"data":null}},"time_used":899,"timings":{"blocked":290,"dns":0,"connect":304,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/js/functions.js","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.194Z","timestamp":1700847618194,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/js/functions.js HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:15 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 749\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:17 GMT\r\nETag: \"e35-60ac511711624-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":749,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"766efd6f6fabe224b25520316b20b6a3","sha1":"0c05051015db2ace6078680a8448723e090350f8","sha256":"cdc0d129aeca47bd4a47cac2d9d777517a19692defe663fe2806d0dfd2211c25","sha512":"e9da9384d496cea5d9252bb62bd58245d0a6a6bf1ec34bdd9cb400a7f10b2bdf105d58ed167adf4da7308ce0234671983e8e6d70cfaf1237c93a8f8bf3d436d3","ssdeep":"","tlshash":"bf712bfc307230140573b729595f2b01af6a8c9377185f45394d89b0dfb82ae7962fa5","first_seen":"2023-10-22T17:21:52Z","last_seen":"2023-12-03T23:41:35Z","times_seen":9,"resource_available":true,"data":null}},"time_used":908,"timings":{"blocked":297,"dns":2,"connect":304,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/js/jquery-3.6.0.min.js","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.192Z","timestamp":1700847618192,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/js/jquery-3.6.0.min.js HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:15 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 30902\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:19 GMT\r\nETag: \"15d9d-60ac5118af730-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30902,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-11T03:28:37.21317Z","times_seen":465699,"resource_available":true,"data":null}},"time_used":917,"timings":{"blocked":291,"dns":0,"connect":0,"send":0,"wait":320,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-24T17:40:17.449Z","timestamp":1700847617449,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/ HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:15 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":221445,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, Unicode text, UTF-8 text, with very long lines (39061), with CRLF line terminators","md5":"daf444bc0b06b51fc6bfcff134ead3bd","sha1":"6b9f2bdc8bc0cb4f3a9dc4270f77129ebaaa2dbb","sha256":"7461fb84dd55994ff2c7f1315a49c38a47ed49c838d27461905a1b6c99614171","sha512":"3d008ebd03756d214d8e7f7fe1c1232669c8258d3a427fd68f437066b045d5bd322827af74a782f1fb3008977aa5f1e8f1645cacfe35ae55b7a6af6f64d556cc","ssdeep":"6144:OgTubdQ855B2riyQeQ0JSDyvrDON920x1Wt4TZAP24+HdDK:dKx7QvqenOWEU49Ae4+9DK","tlshash":"b05412b02b9e699f02d69617802a6e0eec616734f580a1e5f63e52c73f0cf994713ac1","first_seen":"2023-11-24T18:40:36Z","last_seen":"2023-11-24T18:40:36Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2130,"timings":{"blocked":308,"dns":7,"connect":300,"send":0,"wait":305,"receive":1209,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/seguridad.jpg","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.378Z","timestamp":1700847618378,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/seguridad.jpg HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1935\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:07 GMT\r\nETag: \"78f-60ac510d8601b\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1935,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"1aa9d62d948208093b507e8e1439b309","sha1":"72f701f1204320b47d9966d5d0ed496a733adb80","sha256":"1800e5e993450b4f547840ccb7abf5cd1f285f6cf9784b3ec23675528a49ff8c","sha512":"4acfb26832ef8591c9013f0ac40205be89767f961b84d7219c22d96b6d513abb705f9c8ea6fc159e9236667e7c6e39760dd635518764a641c8801a1cd16b3728","ssdeep":"","tlshash":"be41192747ef40a8cbc90035093529bb3755bf46dbb043933a113f2cb804048ba5e880","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.352874Z","times_seen":436,"resource_available":false,"data":null}},"time_used":1031,"timings":{"blocked":731,"dns":0,"connect":0,"send":0,"wait":299,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/error.jpg","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.371Z","timestamp":1700847618371,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/error.jpg HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 5363\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:15:59 GMT\r\nETag: \"14f3-60ac5105f76c1\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5363,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 195x194, components 3\\012- data","md5":"845eeed3b61d4c19ed0059c42fa7fc2e","sha1":"ace747921c0b92d8451a1562759c867296c31b44","sha256":"f68c633109e951014c6c401f878be7196c8894f6723215afb18388dbbbb83f1d","sha512":"f63bd639d06fe8aeb206af7cc08ab0804ac5649e5f3ca8f782ec8f758205b15ba3739942db1229675dfdd8913a9f77deab0756a8a9fc3190a951911efaf53496","ssdeep":"96:bAo7Z4BFz9xfjt0zwZhV3aeOZ35KoF+16ALzYT7+QLQNSWQvaUhu+t2:57ZXzwZn++ZQeo7hC","tlshash":"96b17d7845bbc8b5ff62067ba15984727350fc905c68d3ef6bd419bcf9c8a828dc4044","first_seen":"2023-04-30T17:56:26Z","last_seen":"2024-12-12T13:23:44.346199Z","times_seen":524,"resource_available":false,"data":null}},"time_used":1045,"timings":{"blocked":739,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/politica.jpg","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.380Z","timestamp":1700847618380,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/politica.jpg HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2615\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:05 GMT\r\nETag: \"a37-60ac510bd65ce\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2615,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"7bb6c2ef23b43c8b8723d9e68ddf2fec","sha1":"351b75536ef2c3244b7ba1eec7fe13215990a177","sha256":"7b4d681b13b2beeab7a0dbd807eac72b762dec8e3bb18410776270a51860ac86","sha512":"1455bbe49598927606b8e3089503a1096a580119410a60043a24cb4abc9a96f7c97c6907f4faecc68b91d9ce26c68db0de4a9ef605e8b7cfe0833eb5e3e377da","ssdeep":"","tlshash":"5d5119867f3ef84af23d207f096064143b6c152299f527c4b8010551bf787a8f58970a","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.357773Z","times_seen":436,"resource_available":false,"data":null}},"time_used":1035,"timings":{"blocked":730,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/reglamento.jpg","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.379Z","timestamp":1700847618379,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/reglamento.jpg HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1764\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:07 GMT\r\nETag: \"6e4-60ac510d7e31b\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1764,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"be3af886cffea048856b7fc77eaeebfc","sha1":"96c0ec1895b5544070fd9c3ff371812ea04c7932","sha256":"4d31c93eab87267a6e5e827fedd488a02c824a79ded4f00ef19f7431eaedab12","sha512":"f5e242594fe65a593da901ba2e108ab31b886661f613eed6c6d05b28f816fea2d3c0ce022c6b0cad0ffebc56c04809f129c07fbbfb9e6373367a7c16a260e7f8","ssdeep":"","tlshash":"d931b61aefb904e9eca44235696461303ba9fde151f3375f609a0e921e371f148f4448","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.355515Z","times_seen":436,"resource_available":false,"data":null}},"time_used":1036,"timings":{"blocked":731,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/demo.jpg","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.377Z","timestamp":1700847618377,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/demo.jpg HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1465\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:15:58 GMT\r\nETag: \"5b9-60ac51045d434\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1465,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"992039d1b794268d688a19b3563b7cd2","sha1":"9116dbfe0fe620a6351952c1053017501537002f","sha256":"61541605fc80557ad8cbc03b7d7ea64e94732198e536d4618dea0cb70191eb48","sha512":"61deb0ee1e8a821e974ac81295fa0f883ad2873fcbea69ada699dd18e34723068905c205bf72f6603fc328a63859436cbaaa5bb4cdae00d92fa5852c6c0e1a5a","ssdeep":"","tlshash":"3031b66befd77845d9fa0c31a8a10be5b302abc08e735bc93a647e15a5203c858222c4","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.350971Z","times_seen":436,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":733,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"images-cdn.info/444/image.gif","fqdn":"images-cdn.info","domain":"images-cdn.info","tld":"info"},"ip":{"addr":"52.21.2.28","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:19.433Z","timestamp":1700847619433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images-cdn.info","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Sep 2023 14:32:27 GMT","end":"Thu, 21 Dec 2023 14:32:26 GMT"},"fingerprint":{"sha1":"88:93:F5:C8:53:76:D3:B8:44:CB:1E:F9:F2:4F:90:51:4C:69:12:80","sha256":"6C:EC:FC:BB:EA:02:51:A1:81:9A:56:92:6A:54:61:7E:D4:A2:4F:3F:20:10:14:4D:20:25:DC:50:0A:E9:5B:D1"}}},"request":{"raw":"GET /444/image.gif HTTP/1.1\r\nHost: images-cdn.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nlocation: https://images-cdn.info/444/image.gif\r\nvary: Accept-Encoding\r\ndate: Fri, 24 Nov 2023 17:40:16 GMT\r\nserver: envoy\r\ncontent-length: 0\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T03:28:22.80711Z","times_seen":14986685,"resource_available":true,"data":null}},"time_used":538,"timings":{"blocked":216,"dns":0,"connect":101,"send":0,"wait":106,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/lock.png","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:19.171Z","timestamp":1700847619171,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/lock.png HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 465\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:04 GMT\r\nETag: \"1d1-60ac510a3b3a1\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":465,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e1fbae1c7cbb958401b23cc26991631b","sha1":"51fc2948568be9ac415bb8d48171534c674d309d","sha256":"022574e92ba7b69dd3e8f5da1882b053a893b97cf6bfe441753799dcc91655b6","sha512":"39824b6dac2225721696ef729228759c0d4891b492ecdc8becce869c48351bc39831e56f632b3189982445728748acc9aa7cee7bc8e3b70fb013e6027b8909ed","ssdeep":"","tlshash":"48f054d21ed88c3b4a2c200f62050b25546725b2549a91125ab2264be33d1a40b3250d","first_seen":"2023-05-01T10:11:50Z","last_seen":"2025-04-14T18:08:52.103922Z","times_seen":243,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/credit-card.png","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:19.167Z","timestamp":1700847619167,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/credit-card.png HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 13267\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:15:57 GMT\r\nETag: \"33d3-60ac5103df491\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13267,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit colormap, non-interlaced\\012- data","md5":"bdc41207eda679871ea8d52c4f0f10d3","sha1":"82173b5b660af8560810fe3a63de385d656b8966","sha256":"f068b3c17360b06f6cde9c9b1acf5c54ee3f32becdbbd013abb3808f51bbe412","sha512":"411726cbbb826aee7c72429a2cdd113a83627d7c24b536f4bc76dad32120db3264edbd6b5038b61ae18cc350078fa1e55b29def67e6aca6ae6921fe524e33a0f","ssdeep":"24:Zd1ne9fWuZDv/SARM6zRcLc9ZZlTkISHiaNp3j0p7eeD+tW:ZD0+cvLx7HZkItgjO7eq+Y","tlshash":"f652c345ac733680529eb97114eb141dcd53024315c05e067ebecfe35f803b21f5a9c6","first_seen":"2023-05-01T10:11:53Z","last_seen":"2024-08-21T08:07:22.743919Z","times_seen":52,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/img/info.jpg","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.374Z","timestamp":1700847618374,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/img/info.jpg HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3438\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:01 GMT\r\nETag: \"d6e-60ac51076c78c\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3438,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 62x61, components 3\\012- data","md5":"72f07f88a708281bb165235fb88649ee","sha1":"d2e7284036b30a170dc68c2ad476d664234ed66c","sha256":"13df691e5ad1109013261983ff6272aa37353f3b28525a9e8b0b29355a1ebec4","sha512":"f04ad8b3fb72d2b4e9f9c655dd14a2e4e192fabae1965a019461fa1797233e39d0de55a333e0d2213ea42037d5ee3d4bd0516d353f9a7f2471ccf99234dec116","ssdeep":"","tlshash":"85614dcdbe248441e07e1ebde2440941d615f895f4f0875f9162aa2ff86a70d47d4716","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.348738Z","times_seen":515,"resource_available":false,"data":null}},"time_used":1348,"timings":{"blocked":1042,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"images-cdn.info/444/image.gif","fqdn":"images-cdn.info","domain":"images-cdn.info","tld":"info"},"ip":{"addr":"52.21.2.28","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:19.433Z","timestamp":1700847619433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images-cdn.info","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Sep 2023 14:32:27 GMT","end":"Thu, 21 Dec 2023 14:32:26 GMT"},"fingerprint":{"sha1":"88:93:F5:C8:53:76:D3:B8:44:CB:1E:F9:F2:4F:90:51:4C:69:12:80","sha256":"6C:EC:FC:BB:EA:02:51:A1:81:9A:56:92:6A:54:61:7E:D4:A2:4F:3F:20:10:14:4D:20:25:DC:50:0A:E9:5B:D1"}}},"request":{"raw":"GET /444/image.gif HTTP/1.1\r\nHost: images-cdn.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\nserver: envoy\r\nvary: Origin\r\ndate: Fri, 24 Nov 2023 17:40:16 GMT\r\ncontent-length: 42\r\nx-envoy-upstream-service-time: 5\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-11T03:26:56.034272Z","times_seen":871882,"resource_available":true,"data":null}},"time_used":538,"timings":{"blocked":216,"dns":0,"connect":101,"send":0,"wait":106,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/fonts/opensans/CIBFontSans-Light.ttf","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:19.184Z","timestamp":1700847619184,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/fonts/opensans/CIBFontSans-Light.ttf HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/css/stylesheet.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: font/ttf\r\nContent-Length: 110612\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:48 GMT\r\nETag: \"1b014-60ac5134cfb28\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110612,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved.\\011CIBFont SansLight1.300;UKWN;CIBFont\\012- data","md5":"69096387df83ff65381f8ee25006b0aa","sha1":"89689ed7f7547a3815d9fa2d0a2c11513480086e","sha256":"decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc","sha512":"37aac063f5b5fb01f5e02497ec70e01ea7837feeb4167c5e8820cf02167445f4df90305db680568f45137de3e70c90a15bac5b723df0d83c6fdf390d0ce59d35","ssdeep":"3072:Po1/vxSHr+yjrdSiQTuicg4D47RiDEU3nlKXjY:PolO+8jiBDRiDE3X8","tlshash":"5ab37d07f353e609d41a8e381472d766f7e5b43aaf7b034b657a6539fcca5e08c2a180","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-05-09T03:07:33.765636Z","times_seen":986,"resource_available":false,"data":null}},"time_used":1242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":937,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"http","addr":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/fonts/opensans/OpenSans-Regular.ttf","fqdn":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","domain":"38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com","tld":"ap-southeast-2.elb.amazonaws.com"},"ip":{"addr":"13.237.213.206","port":80,"asn":16509,"as":"AMAZON-02","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:19.179Z","timestamp":1700847619179,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /mua/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1\r\nHost: 38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/css/stylesheet.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Nov 2023 17:40:16 GMT\r\nContent-Type: font/ttf\r\nContent-Length: 217276\r\nConnection: keep-alive\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Wed, 22 Nov 2023 22:16:52 GMT\r\nETag: \"350bc-60ac513801161\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":217276,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 19 tables, 1st \"DSIG\", 26 names, Macintosh, Digitized data copyright \\251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\\012- data","md5":"d7d5d4588a9f50c99264bc12e4892a7c","sha1":"513966e260bb7610d47b2329dba194143831893e","sha256":"13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8","sha512":"ce9f98208cd818e486a12848b2d64bd14e12d42d84b2e47436a3c4420a242583eefc4a9b42401b51cc204146c6133645975682e4bb5d48527b3796770efa3397","ssdeep":"6144:GLpzdD/rIJXiQTutgCNktQFvmnoxXTS4u8sl:c9FrIJJaqCNktA+SXfJsl","tlshash":"62242879b20139e6df11d4b7c261fe80281a7863a73f802b64e3477a88575cdbe53e49","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-05-11T03:58:18.302402Z","times_seen":3935,"resource_available":false,"data":null}},"time_used":1524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":1219,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.638Z","timestamp":1700847618638,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free-v4-shims.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/\r\nOrigin: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 24 Nov 2023 17:40:15 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"da06df503ced6ee507b5fb4fa0999f74\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: rNZcHWNonZ6X6wr1dRlEoYpjFsKDA2MnBgkOuMDSUzxKEx3n1vTj3g==\r\nage: 9559\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=c%2BLUuzqiDTKogIh1WCOZYuWSQf%2FCbXZSlxxCbzPTLX7PMgMCB84s%2BKlXgko0UyALeG6qxpQCCKRCsYTTLB6mTlDTbP%2BHcYtLo6SzomOLhf1C8qSxKeXzefKAIKr0hpj5T5PDvaZ9fQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82b36f9f5e1b71fe-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27592,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27377)","md5":"da06df503ced6ee507b5fb4fa0999f74","sha1":"d10d67ffa9c263e24c43b1df7fa3ba8f2dee2c36","sha256":"236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554","sha512":"4bb9f9b6715e2313bb4ee2405f48c4c215fb8f232a69c1d0269c2176d9e0528bcfbe91a99bcd7b0bd6696a1de773979aadead29fa4d37d9a9780cabe70e18990","ssdeep":"384:0fwu4Eyfd7PNRzAmReUtPAM0NuzwpmnWt:0YuqdNReUtPAM0v4E","tlshash":"3cc20569931da0e3b3a8e847bb0172e8277577999a864c50f30b7c4c5dc3a5772e8f18","first_seen":"2023-08-02T23:15:01Z","last_seen":"2026-05-07T12:10:59.167784Z","times_seen":1990,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":112,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.641Z","timestamp":1700847618641,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free-v4-font-face.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/\r\nOrigin: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 24 Nov 2023 17:40:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"9b853b50f37dd0ca770ce0f294d427df\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: fa-kit-token\r\naccess-control-max-age: 3000\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: puCyckEyUTh8lF3Y1ihjbQwmI7VNMx7NEjuLs1B2Cu1oyydNGiK7Vw==\r\nage: 9559\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=OnHKlv2mnUhppL1xQAcmrDl%2F7LGA6lTR181qJq88qTA7JKZXO9%2BCejXHW1glHccPeNDss7HeNTpcDeSRmLBp9IoZA0vLDSn1W4H3f9PncWtVliPwyH7LVZMllaXW%2BdhQOuesUjceZQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82b36f9f5e1671fe-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1775,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1803), with no line terminators","md5":"e222c7d81e67e7d64f8e1e2c2bf5b558","sha1":"05f52e4d94bf5f8a4f874589b2c66f3d40b64ce6","sha256":"35f3c6cee4d181081c6e1c723440924507201b46e4d5aa80a63fe29f7d8c748a","sha512":"8d1eec4650b58747adc05e4f183ce533d3899d5a5fa703c95148c0a0842e45a32903e852f3a5a0b6cf21b931da12d0d7df6d92056f948599cf4bf879c1dfe53c","ssdeep":"","tlshash":"7031f02487d90170b4313f097ac67120feae70a75bf95e62c62e99090cbec55b3c6a44","first_seen":"2023-08-02T23:18:17Z","last_seen":"2025-04-01T16:34:24.59528Z","times_seen":1375,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":109,"dns":29,"connect":30,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.636Z","timestamp":1700847618636,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/\r\nOrigin: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 24 Nov 2023 17:40:15 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"ae737a19e46fd502ba9cbe9e33213861\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f73d71dfa047571774d2c0460e5108ec.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: LaXMMJaxxB2eIBSw5tjXaz4-MpdDCr8EZC4qt25vfDrUpD8MlvrT9g==\r\nage: 9559\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=wMGbkK2zimygHo3YUC3rlXm01lzfIY%2BXUqNil1mTsVOF4WtmhPNMuxGsA1CScWO6hrpitgPWCFW8JmjRFHcYjXPvYIE8zETOX21MaTl8L6yXysVx8I69NUPYkSv9bhWd34%2FLD1pDgw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82b36f9f5e1d71fe-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102749,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65321)","md5":"ae737a19e46fd502ba9cbe9e33213861","sha1":"a4b5d757af122c49259d4398807e62d4ca6f2493","sha256":"5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223","sha512":"a84c3d7955db3c2976f5d3005377014ef44c88ab7fc3ac9bd85b2d02b8685e93bd1c4e1c61206cc8e98aaf7303f0ff489a6bed50872ee089f6d2290583813260","ssdeep":"1536:0mMCMPMCMjMCM4MCMwMCM3sVMH709gbPMfjSFOTyPGuiprrlCP:4709gMGFiyPGuiprlCP","tlshash":"a9a3b8f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-08-02T23:15:01Z","last_seen":"2026-05-07T12:10:59.13476Z","times_seen":2009,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.639Z","timestamp":1700847618639,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free-v5-font-face.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/\r\nOrigin: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 24 Nov 2023 17:40:15 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"dbf296002d53e56d340b105d9d764940\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 4e17b9920844b6a8df812cad8c3506ec.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: h6c82meTBFZ4pkM0MugBx0uQwumjt_itUhcuFlaj1fAkCs1UixcNmQ==\r\nage: 9559\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=6eNVuItJoRU%2FRE8R2ltVFpz%2BxHLJDQcp43fp2RH47TFmQpGWpOgRCcEdHbwRy%2FjffWiRT%2FrLhhx7V2HOIaRHKShWIAcTzPxmw%2BIfqChAruA8uKOi%2FhVO7G5Gz9u5%2FLakUn0WBXbSVw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82b36f9f5e1871fe-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":823,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (845), with no line terminators","md5":"60f771d70194eee2f6ca53f652629c57","sha1":"80569fe18344d0c3f526479a886fba91d2de0aca","sha256":"64d1a9645b5b437137ca6c04f5aa6bedd4fe5d102c592894411232a7121e7b02","sha512":"b5059e0980ceac922d94c4750eb05a1f38639ac3927f0d4566d6d371535f08f3afb44fa37dcb2df67236e32793edabeed62ebd5ddf1d7c729542218a6e523147","ssdeep":"","tlshash":"b201486c86a910214d410f0134caf609bd49b0a728ea6eb2911bd92e8cfad0b73f5f05","first_seen":"2023-08-02T23:18:17Z","last_seen":"2025-04-01T16:34:24.590011Z","times_seen":1422,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":111,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kit.fontawesome.com/45b9078c9f.js","fqdn":"kit.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/mua/VALIDATECARD/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-24T17:40:18.188Z","timestamp":1700847618188,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.fontawesome.com","organization":"Fonticons Inc"},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 22 Nov 2022 00:00:00 GMT","end":"Sat, 23 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E","sha256":"F6:72:03:2C:D0:96:E1:1E:BD:AD:77:14:74:82:CE:BB:40:88:41:FC:D2:F9:16:2B:93:34:73:8F:84:4F:FC:82"}}},"request":{"raw":"GET /45b9078c9f.js HTTP/1.1\r\nHost: kit.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://38c1b0335626c5f34985aa69fefbafe9-1345579746.ap-southeast-2.elb.amazonaws.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 24 Nov 2023 17:40:15 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3000\r\ncache-control: max-age=60, public, stale-while-revalidate=30\r\nvary: origin, accept-encoding, access-control-request-headers, access-control-request-method\r\nx-request-id: F5qf5RB63qVJkasTnn_C\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 82b36f9bffc8b4f1-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11642,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (11213)","md5":"e8e4f917ed26e3a1d2f26077eee3f73c","sha1":"b37c96d5deda15c3754f058f8f42ecc4fb9e4970","sha256":"8212039d17d158453c6305a5ca08559ca48007be17b5fc214a00b57461e9d8a4","sha512":"3fa9ebcdc9f3e0eae35e28239e841f747a0c07b64020c3d20fb7f2fba9553f4ab68beaaedd234b4e84343d045e9eb90207965bc2264984533d38b9b0c3300d50","ssdeep":"192:PkO3pHuf4n7ACpiIthMzn/A+gmTVULb2nZsyP4lO3mX7dvh3D21Q5l8hf0kCzMn:cdVCfhMznrnBrmL9h3D21Q5l8hfl","tlshash":"6832a4997691b5b246eb7160803f620bf2753536300ad060e25dede46c7dd6e9233f2d","first_seen":"2023-08-03T05:21:29Z","last_seen":"2023-11-27T05:17:07Z","times_seen":185,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":34,"dns":30,"connect":1,"send":0,"wait":175,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}