{"report_id":"7060845d-68ca-4c1e-865c-da64855507d6","version":6,"status":"done","tags":[],"date":"2026-02-22T13:58:23Z","url":{"schema":"http","addr":"squad-2-building-control.azurewebsites.net","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"title":"Home – Apply for building control approval for a higher-risk building – GOV.UK Prototype Kit","dom":{"size":9681,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2042)","md5":"846e3b45d1fd12602244b83b2b8ef722","sha1":"3ac1da4dc35aadf896d35da7a2c7cf4b3e34babd","sha256":"6a3f1039726616f79d147351bd69b3111bb7c2be8e0eb604012fc00852907bec","sha512":"a91a7549205d355a9a24a0bf1d3f07f9c2c05b47938365eae33613404ff28b520f69e3bb8c038f60186a982088f65955194fe1981d476e47e4d3efea2e9fd116","ssdeep":"96:f8t6slSCZVLLe+bmw7uYnDyWJfY3dlKn98E2dR1pWPjVjdRKdrW9HovbA6/6goJU:gxbmmbH24V2P1sV+bigrfrbpl","tlshash":"b5126434a4e4b03624a242aee67b3274ed9bd487d091cda875bc81504fd3fe3b85b578","dom_hash":"domhash32de16db0c141ec51b3828ddc5cff0ef","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"squad-2-building-control.azurewebsites.net","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-29T13:58:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-22T13:58:00Z","timestamp":1771768680,"ip_dst":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":50356,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI","source":"{\"timestamp\":\"2026-02-22T13:58:00.104447+0000\",\"flow_id\":135673913324344,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.52\",\"src_port\":50356,\"dest_ip\":\"20.90.134.23\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063118,\"rev\":1,\"signature\":\"ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_20\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1102\"],\"mitre_technique_name\":[\"Web_Service\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_20\"]}},\"tls\":{\"sni\":\"squad-2-building-control.azurewebsites.net\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":944,\"bytes_toclient\":4616,\"start\":\"2026-02-22T13:58:00.045880+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"squad-2-building-control.azurewebsites.net","ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"domain_registered":"2012-01-24","domain_rank":0,"first_seen":"2026-02-22T13:58:23.564215Z","last_seen":"2026-02-22T13:58:23.564215Z","alert_count":42,"request_count":14,"received_data":616903,"sent_data":11325,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"GOV.UK Frontend","description":"","website":"https://design-system.service.gov.uk/","common_platform_enumeration":"","icon":"govuk.png","categories":["UI frameworks"]},{"name":"Prototype","description":"Prototype is a JavaScript Framework that aims to ease development of web applications.","website":"https://www.prototypejs.org","common_platform_enumeration":"cpe:2.3:a:prototypejs:prototype:*:*:*:*:*:*:*:*","icon":"Prototype.png","categories":["JavaScript frameworks"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/public/javascripts/application.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"218a78f0f84421488ac5c6def240898e","sha1":"5831329f3935e40cc600c9872fa2bca088692dae","sha256":"8eb19ec7f9344013cd16d0432c7c5a8d64490d2ca69a3da9c88fb0a0422a1065","sha512":"7dab280e2998bae588b6463662ad583cb8c4c36e8b19861ccbd96dfbc4c8156ad38fecc901ab5b9402f681cb75a01538cdd7fbbf7c79b21ccc0d76dd11359aff","ssdeep":"","tlshash":"55d02373bf24c171000507d70167fe6d9916306453519d8ce5dc5c42747245d09dc1e7","size":206,"data":"","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.669758Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk/all.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8e0327fe9a4f77887c82ff828457a49","sha1":"bf35a69bc4630f3a9efd2564e01c1842ef3cce46","sha256":"05e9756e2307598163a4d594d0e0c0c15c782494d77c029f3704da2a53c16068","sha512":"0af797102a89493c10145b3b85da22577257bd72581cf87e12c497ed4ec750a8d1dcf6337f7385a48613b3b35af77b6a66b871b5ae8e12782cb8c62b9bb9c81a","ssdeep":"1536:w9iJma881PB+Wbm4naI1qcGVjdDnLiOQ36Gfi2PrwMVxvoA9z4jS0VeYtw1oOpnl:Pi8CDk3r/PqG","tlshash":"eee3f9163af921f2495710bc678f7080f934406b6119d8507cadc7e85fd8f784bbaada","size":153698,"data":"","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.660466Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/browser-sync/browser-sync-client.js?v=2.29.1","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e95a9b62746dae8967010377317ced3","sha1":"9de866f782e3aa84c90c576bbb69fa82c7c0cb38","sha256":"0ebee4b6748dcea70de5fe185797140ec868ec5948f1909bb7d65c574f415b7e","sha512":"e2b718bade02128ec1d80d6fcff335e2a35c163645e13e59d5cc3f5f1bd3ca9bdfa680e7e2be7d6f26b2264837444f2a553f208884e98a97b53865d8d8e0983a","ssdeep":"3072:6dz5FoPD60NNmZJXCVrLvnLn4Khv5EsV9OWlAO3ljPRhCzoK:Men5Esd1ljPRhCzoK","tlshash":"5804b68cf6a0b0a143e760f5802f150bf23b585d611d51e8f3a8d8e1adb8a4e6527f7d","size":188271,"data":"","first_seen":"2026-02-22T13:58:26.081467Z","last_seen":"2026-02-23T01:47:37.661568Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"601c2d2da4b39d381ad71f2477396aca","sha1":"714b8cd08bac2208cfe467edcb46dc4846562020","sha256":"65f1481eb77d3338ab41d69d66b3378739e1625c7e3d1428f3e3825a368f0da6","sha512":"7b60cf27593393f4c1d84e4d18ab5d47b295bb1c838502baedd7da45c754a0d587bc60f8e3e79852b9bacfaeee7032fcbd0cccdbce22b0728c07b63a51104461","ssdeep":"","tlshash":"9de02b2e1cfe517565533436157fc2283173813b0809fd063cdc820c5f40be94d86e94","size":434,"data":"","first_seen":"2026-02-22T13:58:26.101318Z","last_seen":"2026-02-23T01:47:37.670544Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-prototype-kit/lib/assets/javascripts/kit.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"4dbaa02182098fe9b3070d40202b71c7","sha1":"f6d38091905537f4254a5dc0fc12c299fecf2c28","sha256":"e8ab6c5aae6bb90040185618e7289d703a31a0dd92310172c0971b4a3b00d5fe","sha512":"076720255de373a06469aa938d41cd0e449e1c4caa8aea2a17f8df71719711f93744445bbc491e2a43edd225da4d18b7f886d0fffcdf9966f7ad9e1f019b0122","ssdeep":"","tlshash":"b5f05c7549b4247052236031132767413b58417311c9ff16351d1764bff781381797ea","size":439,"data":"","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.668464Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-prototype-kit/lib/assets/javascripts/auto-store-data.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e0fe71fc6c33cbf5f314cd6fc00115e","sha1":"e00c064f8caefa80517264e875b82d2a87f2b31d","sha256":"4aa02cfda0ea6b22c9bb1c86afca8d00602a865eddaf2581e87e0237493b6845","sha512":"390cab192ea51d71bd61da1f27aa175543cb34eadc435016465cab85d1d5122fc89adbd80a1c0eb1549b0311f43dd7fabc94cbd0755b6b775859cb3267759e5e","ssdeep":"","tlshash":"2711ab327c785232057741f527da32896724613322828d753dcc88156b8ae6e6a73edd","size":862,"data":"","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.664881Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"f8245ee5f611c3c4cf83b87f62c07de1","sha1":"bbd81291a868d2e5c933336f069d6320c46d41fd","sha256":"fba5a75c897899b15308045df0ddc2390993ddb2499a8df637cabc65240021c5","sha512":"9178805db3672815ae00c82c0a4275e6535694200ddf0886bb9d280fa3016b1bd7d7212521ad8d36c13421c735bdb354da539ee712493de51d058b6bd86b9d1b","ssdeep":"","tlshash":"48b09220204472b81a138bd85cbc8ba17cf6b880ae032920c0fc2098cac08030d02ef4","size":111,"data":"","first_seen":"2023-03-07T12:12:26Z","last_seen":"2026-06-06T16:36:41.900617Z","times_seen":441,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk-prototype-kit/init.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"194ad8321cfabd56d88baa559c417497","sha1":"4cbf085ea25c15fd6175c4294f0acc97ac2faeb4","sha256":"5c39181e7e72fa531c6a1c965e5bec89a51c91d3a89c1a0ef2b1d756aa7a601d","sha512":"21aa491bd97fe7de3d85ac1fbb949d010487f009b74c80edde01f7b1955105b29469ca36ff8f2291bce578b18bc01fa308ef944305c37480f638ebf9f840991a","ssdeep":"","tlshash":"65d0127088a849f0a92123e8121b3b0c359647b092053f8ac4cc8fe4fff2477cb4479a","size":222,"data":"","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.669315Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk/all.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-frontend/govuk/all.js HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"25862-1887cae1720\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:04 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 153698\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":153698,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (565)","md5":"a8e0327fe9a4f77887c82ff828457a49","sha1":"bf35a69bc4630f3a9efd2564e01c1842ef3cce46","sha256":"05e9756e2307598163a4d594d0e0c0c15c782494d77c029f3704da2a53c16068","sha512":"0af797102a89493c10145b3b85da22577257bd72581cf87e12c497ed4ec750a8d1dcf6337f7385a48613b3b35af77b6a66b871b5ae8e12782cb8c62b9bb9c81a","ssdeep":"1536:w9iJma881PB+Wbm4naI1qcGVjdDnLiOQ36Gfi2PrwMVxvoA9z4jS0VeYtw1oOpnl:Pi8CDk3r/PqG","tlshash":"eee3f9163af921f2495710bc678f7080f934406b6119d8507cadc7e85fd8f784bbaada","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.660466Z","times_seen":9,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/public/javascripts/application.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /public/javascripts/application.js HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"ce-1887cae2c00\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:09 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 206\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":206,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text","md5":"218a78f0f84421488ac5c6def240898e","sha1":"5831329f3935e40cc600c9872fa2bca088692dae","sha256":"8eb19ec7f9344013cd16d0432c7c5a8d64490d2ca69a3da9c88fb0a0422a1065","sha512":"7dab280e2998bae588b6463662ad583cb8c4c36e8b19861ccbd96dfbc4c8156ad38fecc901ab5b9402f681cb75a01538cdd7fbbf7c79b21ccc0d76dd11359aff","ssdeep":"","tlshash":"55d02373bf24c171000507d70167fe6d9916306453519d8ce5dc5c42747245d09dc1e7","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.669758Z","times_seen":8,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/browser-sync/browser-sync-client.js?v=2.29.1","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /browser-sync/browser-sync-client.js?v=2.29.1 HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\ncache-control: public, max-age=0\r\ncontent-encoding: gzip\r\netag: \"2df6f-nehm94LjqoTJDFdru2n6gsfAyzg\"\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 48734\r\nrequest-context: appId=cid-v1:\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":188271,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62201)","md5":"0e95a9b62746dae8967010377317ced3","sha1":"9de866f782e3aa84c90c576bbb69fa82c7c0cb38","sha256":"0ebee4b6748dcea70de5fe185797140ec868ec5948f1909bb7d65c574f415b7e","sha512":"e2b718bade02128ec1d80d6fcff335e2a35c163645e13e59d5cc3f5f1bd3ca9bdfa680e7e2be7d6f26b2264837444f2a553f208884e98a97b53865d8d8e0983a","ssdeep":"3072:6dz5FoPD60NNmZJXCVrLvnLn4Khv5EsV9OWlAO3ljPRhCzoK:Men5Esd1ljPRhCzoK","tlshash":"5804b68cf6a0b0a143e760f5802f150bf23b585d611d51e8f3a8d8e1adb8a4e6527f7d","first_seen":"2026-02-22T13:58:26.081467Z","last_seen":"2026-02-23T01:47:37.661568Z","times_seen":3,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk/assets/fonts/bold-b542beb274-v2.woff2","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-frontend/govuk/assets/fonts/bold-b542beb274-v2.woff2 HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/public/stylesheets/application.css\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"7af8-1887cae1b08\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:05 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 31480\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":31480,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31480, version 1.0","md5":"b542beb2746ca0e4a5a9aa7ea7767df7","sha1":"edd7531eb22a9e4c7c17045d9ba5ec87e4c731d2","sha256":"06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47","sha512":"218feadc482032c1b5a9772865e5c519caf2863d2a517ae4ca26641c0d3facdb7011b879e79df893e4a018bde20854814e0b02df3c12984a76e8e3873d92c89e","ssdeep":"768:HL6pDaDjx1AYVxGYsw2SE/QA9ONnw03mfypl8wUaoAZBYZiJ4:H+0R1n6fwjDuONLxr8VaoAUO4","tlshash":"afe2f2ab762c007ec0abf67f1beca7afb3655c7a3cc1c42583045d12e5e1849298c5e9","first_seen":"2023-05-05T19:26:03Z","last_seen":"2026-06-05T15:22:43.194749Z","times_seen":1035,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk/assets/fonts/light-94a07e06a1-v2.woff2","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-frontend/govuk/assets/fonts/light-94a07e06a1-v2.woff2 HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/public/stylesheets/application.css\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"8266-1887cae1b08\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:05 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 33382\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":33382,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 33382, version 1.131","md5":"94a07e06a104e76fe40583f74b204aee","sha1":"3202361735eb0c59277c2140c34dd77879df43de","sha256":"eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0","sha512":"b7a07689a627e014e06452f9c5926288630352253fd9f207604c033e13696e5402d2cc41d14403646d321f54bebebfc9f72f574f1c33fe4062167c8d237d6661","ssdeep":"768:VjKZ1kJg+QjANVxKp9YSmHbP1iphzMuumFKkE6XVu+1nV0M:xK3kJo8NnoYSmHBiAuum1TlBhL","tlshash":"0be2e16255a65b14ad5e53a2b1b8ac71c0550e262326cfd5826bbd4d17fccebfef0003","first_seen":"2023-05-05T19:26:03Z","last_seen":"2026-06-05T15:22:43.202614Z","times_seen":1038,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk/assets/images/govuk-apple-touch-icon-180x180.png","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-frontend/govuk/assets/images/govuk-apple-touch-icon-180x180.png HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"daf-1887cae1b08\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:05 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 3503\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":3503,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit colormap, non-interlaced","md5":"a0f7e1b728a42016b247dc54ee40d055","sha1":"f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037","sha256":"ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90","sha512":"78451dde3864637852d708b9b870982cb233fca465a59b07ddda34d91b1a157e8860b6ef3c0bdec68f0bb67a3c96f6edd800c4bc45e1051fa02656e71694484a","ssdeep":"","tlshash":"6b712b2a2a6487da4e7051b7b2a9aa34d0f275090ba6d2d705c67ce675603f681ccb23","first_seen":"2023-05-05T19:26:03Z","last_seen":"2026-06-04T10:36:43.398309Z","times_seen":431,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net:8080/browser-sync/socket.io/?EIO=4\u0026transport=polling\u0026t=Po5f93I","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.660Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /browser-sync/socket.io/?EIO=4\u0026transport=polling\u0026t=Po5f93I HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net:8080\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://squad-2-building-control.azurewebsites.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":7387,"timings":{"blocked":7387,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T13:57:59.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\nset-cookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; Path=/; Expires=Sun, 22 Feb 2026 17:58:00 GMT; HttpOnly\nARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GOV.UK Frontend","description":"","website":"https://design-system.service.gov.uk/","common_platform_enumeration":"","icon":"govuk.png","categories":["UI frameworks"]},{"name":"Prototype","description":"Prototype is a JavaScript Framework that aims to ease development of web applications.","website":"https://www.prototypejs.org","common_platform_enumeration":"cpe:2.3:a:prototypejs:prototype:*:*:*:*:*:*:*:*","icon":"Prototype.png","categories":["JavaScript frameworks"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]}],"data":{"size":9941,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1990)","md5":"987cdcc609c6295cd33bb874ab785368","sha1":"5e4a63235030eeec8a9a429661513bc1aefd748e","sha256":"37c5ac48225d34d34ba43353daa94d50849824a652de4d247956f79c72ae6a91","sha512":"3d5284d6edbaaa031b6ad2080a1307bdae36382cf5a1ec6d6258835b5d603b9def1d69d8c5a0567d27b3b77346eb7e0cc8646277e3e6f38b8ae121d07402649a","ssdeep":"96:et6slSCZVmLt+bmw7OYxDyWJfY3dlKn98E2dR1pWPjVjd3KdrW9HovbA6/6goUf+:d8bmmNH24V2P1sP+bigHfrbGB","tlshash":"9e228434a4e4b07614a242aee67b3274e99bc487d081cda879bcc1504fd3fd3b85b578","first_seen":"2026-02-22T13:58:26.088292Z","last_seen":"2026-02-23T01:47:37.667451Z","times_seen":3,"resource_available":false,"data":null}},"time_used":425,"timings":{"blocked":146,"dns":82,"connect":20,"send":0,"wait":132,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk/assets/images/govuk-crest.png","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-frontend/govuk/assets/images/govuk-crest.png HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/public/stylesheets/application.css\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"e00-1887cae1b08\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:05 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 3584\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":3584,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 125 x 102, 8-bit colormap, non-interlaced","md5":"bcd5768bd7721641ee71ba103bb38900","sha1":"42a8d445a3446dee17cc6684ea055703e490bf5e","sha256":"bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b","sha512":"867d29edee10328d2b9e24bf3d8f2abbeb7e8b7555a6af17121a482e9627b57b9fb4f2ad67de7e7d9ef2a1dfea10a896661fb3a17e9a10fb00ac9ac20b8c1b3b","ssdeep":"","tlshash":"88713be3d5e1dc1d30c4869419b2a18daaf455881921ed8d205d1f31225d8ed6ab8e33","first_seen":"2023-05-01T16:39:53Z","last_seen":"2026-06-04T10:36:43.391016Z","times_seen":919,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/public/stylesheets/application.css","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /public/stylesheets/application.css HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"2a945-19c8549d93a\"\r\nlast-modified: Sun, 22 Feb 2026 12:18:55 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 174405\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":174405,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text","md5":"e0aacf9a3a664d61385cb74f48bc0be7","sha1":"c89c894fa671aa3ec25df8920ee1ebd133c52879","sha256":"2cefe4be849b64900dd2fb61d709e556b1ad673ccdfd69573d975af848c8480b","sha512":"2c67958b2f082f3ac3f2464708cc874a929c5bac485a9d743ca4b895b6d0b0e87eb36954897e99fed0746ce3d19630758b7a6b077b3fa5e3fea5b40f741f41aa","ssdeep":"3072:WoOBJ02hGvgsmvAajVKsCjg4uWLURuzK1tY1LWC65GJlV6rPgxK:WoOBJ02hGvgsmvAajVKsCjg4LUAK1gIb","tlshash":"8e0435f569e13904741b185de62fbeb5735e8812423dedb0aec06358cf853a372a2b4d","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.659742Z","times_seen":8,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-prototype-kit/lib/assets/javascripts/kit.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-prototype-kit/lib/assets/javascripts/kit.js HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"1b7-1887cae1720\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:04 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 439\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":439,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text","md5":"4dbaa02182098fe9b3070d40202b71c7","sha1":"f6d38091905537f4254a5dc0fc12c299fecf2c28","sha256":"e8ab6c5aae6bb90040185618e7289d703a31a0dd92310172c0971b4a3b00d5fe","sha512":"076720255de373a06469aa938d41cd0e449e1c4caa8aea2a17f8df71719711f93744445bbc491e2a43edd225da4d18b7f886d0fffcdf9966f7ad9e1f019b0122","ssdeep":"","tlshash":"b5f05c7549b4247052236031132767413b58417311c9ff16351d1764bff781381797ea","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.668464Z","times_seen":8,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-prototype-kit/lib/assets/javascripts/auto-store-data.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-prototype-kit/lib/assets/javascripts/auto-store-data.js HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"35e-1887cae1720\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:04 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 862\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":862,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text","md5":"3e0fe71fc6c33cbf5f314cd6fc00115e","sha1":"e00c064f8caefa80517264e875b82d2a87f2b31d","sha256":"4aa02cfda0ea6b22c9bb1c86afca8d00602a865eddaf2581e87e0237493b6845","sha512":"390cab192ea51d71bd61da1f27aa175543cb34eadc435016465cab85d1d5122fc89adbd80a1c0eb1549b0311f43dd7fabc94cbd0755b6b775859cb3267759e5e","ssdeep":"","tlshash":"2711ab327c785232057741f527da32896724613322828d753dcc88156b8ae6e6a73edd","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.664881Z","times_seen":8,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk-prototype-kit/init.js","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-frontend/govuk-prototype-kit/init.js HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"de-1887cae1720\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:04 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 222\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":222,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"194ad8321cfabd56d88baa559c417497","sha1":"4cbf085ea25c15fd6175c4294f0acc97ac2faeb4","sha256":"5c39181e7e72fa531c6a1c965e5bec89a51c91d3a89c1a0ef2b1d756aa7a601d","sha512":"21aa491bd97fe7de3d85ac1fbb949d010487f009b74c80edde01f7b1955105b29469ca36ff8f2291bce578b18bc01fa308ef944305c37480f638ebf9f840991a","ssdeep":"","tlshash":"65d0127088a849f0a92123e8121b3b0c359647b092053f8ac4cc8fe4fff2477cb4479a","first_seen":"2024-04-06T06:01:10Z","last_seen":"2026-02-23T01:47:37.669315Z","times_seen":8,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"squad-2-building-control.azurewebsites.net/plugin-assets/govuk-frontend/govuk/assets/images/favicon.ico","fqdn":"squad-2-building-control.azurewebsites.net","domain":"squad-2-building-control.azurewebsites.net","tld":"azurewebsites.net"},"ip":{"addr":"20.90.134.23","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://squad-2-building-control.azurewebsites.net/","date":"2026-02-22T13:58:00.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.azurewebsites.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 08","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 31 Jan 2026 14:29:52 GMT","end":"Thu, 30 Jul 2026 14:29:52 GMT"},"fingerprint":{"sha1":"A8:8D:A6:FF:E7:A6:86:5B:4D:0E:42:66:1C:23:8E:B5:45:8A:AF:09","sha256":"BC:31:93:E3:48:17:51:D7:6D:91:E2:DC:A0:FA:EA:C3:F5:4A:A0:65:89:46:B6:70:7A:DD:9D:DC:10:02:C7:F3"}}},"request":{"raw":"GET /plugin-assets/govuk-frontend/govuk/assets/images/favicon.ico HTTP/1.1\r\nHost: squad-2-building-control.azurewebsites.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://squad-2-building-control.azurewebsites.net/\r\nCookie: govuk-prototype-kit-2f686f6d652f736974652f777777726f6f74=s%3AtuN5eEJqPB7Dcv1XLKDnXu6tfQCKNzgR.Ugue%2B5yPoeTjQ3rW1PpJAVSKnkOcO1CSrs2iR4ULdGU; ARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6; ARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/x-icon\r\ndate: Sun, 22 Feb 2026 13:58:00 GMT\r\naccept-ranges: bytes\r\ncache-control: public, max-age=0\r\netag: W/\"18ae-1887cae0b68\"\r\nlast-modified: Fri, 02 Jun 2023 15:16:01 GMT\r\nset-cookie: ARRAffinity=16d804d14ef64669f5b5e9a32d24bd2216935c5d49cc32ceaf2cb6b87206626f;Path=/;HttpOnly;Domain=squad-2-building-control.azurewebsites.net\nARRAffinity=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;Secure;Domain=squad-2-building-control.azurewebsites.net\nARRAffinitySameSite=e009a7ea98f41f019965fc967ff2f997a5caab0ccf5705708160aa5af7cf72e6;Path=/;HttpOnly;SameSite=None;Secure;Domain=squad-2-building-control.azurewebsites.net\r\ncontent-length: 6318\r\nrequest-context: appId=cid-v1:\r\nx-powered-by: Express\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":6318,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 4 bits/pixel, 32x32, 8 bits/pixel","md5":"de7abc5226925203ac10b0a4a94af949","sha1":"f56cdbb947dae5ef70f410639c06c034bc2db511","sha256":"6921a31b023a41929073393bdad00077436c3835994079bcd2e437261875b2fc","sha512":"ab7701cee73a0bfacdcc12fc3f9fadfff19489af98737a1a772a90be2d6bbf2f07ba9bb6f5a4ce7b4a52bee91c4962829a7350246e59beb4c9a59cb58a223c8d","ssdeep":"96:6tUKcKhaoOtBRQmk8Fis8KeebftkojFxzDwYk:6tU5Khot0Jps84d","tlshash":"e9d1e89afc0d19eafc38e870c80bbd9400a0bdc7c1da8e247bd43a105dba3355a59565","first_seen":"2023-05-05T19:26:03Z","last_seen":"2026-06-04T10:36:43.393345Z","times_seen":366,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-22","alert":"Sinkholed","trigger":"squad-2-building-control.azurewebsites.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-22","alert":"Phishing Block","trigger":"squad-2-building-control.azurewebsites.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}