{"report_id":"9814f240-d66d-4b1d-8a50-1419ad22aee1","version":6,"status":"done","tags":[],"date":"2023-09-21T05:46:24Z","url":{"schema":"http","addr":"jclarke.expofranchise.com.br/3mail@slurpmail.net","fqdn":"jclarke.expofranchise.com.br","domain":"slurpmail.net","tld":"com.br"},"ip":{"addr":"162.241.203.46","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"title":"Capital One Sign In: Log in to access your account(s)"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T22:55:09Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ecm.capitalone.com","ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"1995-03-13","domain_rank":13649,"first_seen":"2017-02-01 18:32:51","last_seen":"2023-09-20 12:16:44","alert_count":0,"request_count":11,"received_data":98256,"sent_data":5597,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ajax.aspnetcdn.com","ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"domain_registered":"2010-10-12","domain_rank":693,"first_seen":"2012-05-24 15:35:31","last_seen":"2023-09-20 18:38:34","alert_count":0,"request_count":1,"received_data":30886,"sent_data":421,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bucolic-mandazi-68151a.netlify.app","ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-05-08","domain_rank":0,"first_seen":"2023-08-08 17:04:14","last_seen":"2023-09-20 19:35:05","alert_count":19,"request_count":19,"received_data":64502,"sent_data":8478,"comment":"","tags":null,"fingerprints":null},{"fqdn":"verified.capitalone.com","ip":{"addr":"23.32.89.161","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"domain_registered":"1995-03-13","domain_rank":24740,"first_seen":"2017-01-03 14:44:34","last_seen":"2023-09-20 09:36:19","alert_count":0,"request_count":1,"received_data":15995,"sent_data":432,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cazzim.com","ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2023-02-06","domain_rank":0,"first_seen":"2023-02-07 04:42:41","last_seen":"2023-09-20 18:45:50","alert_count":0,"request_count":1,"received_data":156220,"sent_data":556,"comment":"","tags":null,"fingerprints":null},{"fqdn":"jclarke.expofranchise.com.br","ip":{"addr":"162.241.203.46","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2023-05-26","domain_rank":0,"first_seen":"2023-09-20 10:51:07","last_seen":"2023-09-21 02:00:09","alert_count":0,"request_count":1,"received_data":490,"sent_data":504,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-09-20 22:02:45","alert_count":0,"request_count":2,"received_data":12158,"sent_data":909,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"Client IP","port":40258,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"54.37.238.86","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"severity":"high","alert":"ET POLICY PE EXE or DLL Windows file download HTTP","source":"{\"timestamp\":\"2023-09-21T05:46:07.259712+0000\",\"flow_id\":1238564810688102,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"54.37.238.86\",\"src_port\":80,\"dest_ip\":\"10.70.215.197\",\"dest_port\":40258,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"exe.no.referer\",\"ET.http.binary\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2018959,\"rev\":4,\"signature\":\"ET POLICY PE EXE or DLL Windows file download HTTP\",\"category\":\"Potential Corporate Privacy Violation\",\"severity\":1,\"metadata\":{\"created_at\":[\"2014_08_19\"],\"former_category\":[\"POLICY\"],\"updated_at\":[\"2017_02_01\"]}},\"http\":{\"hostname\":\"20230921t123120_130.ltiapmyzmjxrvrts.info\",\"url\":\"/v4/20230921T123120_130.exe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"application/octet-stream\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":5120},\"files\":[{\"filename\":\"/v4/20230921T123120_130.exe\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":5120,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":8,\"bytes_toserver\":996,\"bytes_toclient\":5821,\"start\":\"2023-09-21T05:41:38.624230+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49294,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.695284+0000\",\"flow_id\":61971422485492,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":49294,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":63072,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-21T05:46:07.695284+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55154,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.695452+0000\",\"flow_id\":279064839429276,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":55154,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032759,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted DNS Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":28778,\"rrname\":\"bucolic-mandazi-68151a.netlify.app\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":105,\"bytes_toclient\":0,\"start\":\"2023-09-21T05:46:07.695452+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40308,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.778413+0000\",\"flow_id\":1457148598882867,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":40308,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:46:07.725555+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40294,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.780622+0000\",\"flow_id\":1875796241093094,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":40294,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:46:07.725478+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40290,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.783049+0000\",\"flow_id\":969613976211856,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":40290,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:46:07.725392+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40280,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.785284+0000\",\"flow_id\":963459288076576,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":40280,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3184,\"start\":\"2023-09-21T05:46:07.725280+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40328,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.788295+0000\",\"flow_id\":1678902055342923,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":40328,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:46:07.725835+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40322,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.790391+0000\",\"flow_id\":2192464179827403,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":40322,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3184,\"start\":\"2023-09-21T05:46:07.725707+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-21T05:46:07Z","timestamp":1695275167,"ip_dst":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":40314,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing","source":"{\"timestamp\":\"2023-09-21T05:46:07.792472+0000\",\"flow_id\":517650272686720,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.197\",\"src_port\":40314,\"dest_ip\":\"18.192.231.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2032760,\"rev\":1,\"signature\":\"ET HUNTING Suspicious Netlify Hosted TLS SNI Request - Possible Phishing Landing\",\"category\":\"Possible Social Engineering Attempted\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Web_Browsers\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2021_04_14\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"HUNTING\"],\"mitre_tactic_id\":[\"TA0001\"],\"mitre_tactic_name\":[\"Initial_Access\"],\"mitre_technique_id\":[\"T1566\"],\"mitre_technique_name\":[\"Phishing\"],\"signature_severity\":[\"Critical\"],\"tag\":[\"Phishing\"],\"updated_at\":[\"2021_04_14\"]}},\"tls\":{\"sni\":\"bucolic-mandazi-68151a.netlify.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":936,\"bytes_toclient\":3185,\"start\":\"2023-09-21T05:46:07.725632+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-05T20:07:49.163441Z","times_seen":125759,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","size":20120,"data":"","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-05-05T15:43:09.302347Z","times_seen":2740,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"20a28d7f8c5d408d7c97581a400da2d0","sha1":"6ba85b91e1cbaa627505d82c2b5c7c14f250fb78","sha256":"0c108a6613c257b59fb478f79cfae51fcb460d9b8c45a5825995a0686d6340e5","sha512":"9d4e608d252955da2d63142cacfcd817295e328a79f1dd166d0dafbde6c981cbaa48432d4aa19f37bbd4a0fec84cac32bc94282a65277e3b1ac28005b1ac5c86","ssdeep":"","tlshash":"cf81dbadf7ac26aa15763039957b60883a3e3b771c416d023dbe4db43b55e0c7a12e05","size":4075,"data":"","first_seen":"2023-09-19T20:15:59Z","last_seen":"2024-08-21T06:18:43.938095Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a1bc03e6dfd24877410c06fae2f59504","sha1":"20cae06221c7108483e52c40a7a85278c801d9c8","sha256":"156f99ec569d25d9d8722518dda4d7e60b4b210ab2ce9202c8585606bad9c6af","sha512":"a56dfa1f46d7c20c3d3d99670b145e8e9b5dcbeae8d6040250dcecdc87b4aea465f4b2b184a1ee2a8cc83618af2f928c5ec649445af179b9cf43fa38faeafc80","ssdeep":"","tlshash":"60e0260ab3506d1ae0b39c8a08793009bb2973a593fcad0c3eb4ad901e7235ab004905","size":322,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2025-11-30T03:39:09.282916Z","times_seen":247,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","size":602,"data":"","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"807000f0003000030003c30000333cf300000c0fc0ccc3ccfc0000c000c00000000c33","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-05-05T20:09:08.617199Z","times_seen":266539,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"jclarke.expofranchise.com.br/3mail@slurpmail.net","fqdn":"jclarke.expofranchise.com.br","domain":"slurpmail.net","tld":"com.br"},"ip":{"addr":"162.241.203.46","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-21T05:46:06.888022608Z","timestamp":1695275166888,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /3mail@slurpmail.net HTTP/1.1\r\nHost: jclarke.expofranchise.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=f828b57d79ced39f69bb1bd06a7ae985; path=/\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 120\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:46:06 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":120,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"fa7676f316ee9280ad1705b0c8343cd2","sha1":"1d30879d3c6a5fe12330a0a2a69d949b0bd25ac6","sha256":"f6756618de9b71c2e481da332033bd00fff0e0dc82ac28f441131265190e0b52","sha512":"773be74f5f3becd42de3f2de6357699b39560f2903ed8a2882076b1aede7755d6b229f065017d808defdff33dd53ed1173f013d00773f702abd0807d902fa060","ssdeep":"","tlshash":"2eb092c70db2d2050a4488a0a4a2b80e60aa60d80d95c85582d0dc79674a7df4a9ea8c","first_seen":"2023-09-21T01:15:17Z","last_seen":"2023-09-21T07:54:47Z","times_seen":95,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.731Z","timestamp":1695275167731,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5631\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5f-7918\"\r\nlast-modified: Mon, 04 May 2020 16:10:07 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 557180\r\nexpires: Tue, 10 Sep 2024 05:46:07 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=3JG6tSWco8iHDNOGtjaNrXasGA1ven9MngehKO61eL7F%2FQzz9fVWp3ZgLs93Kz2INyFg3xq3%2B9a7rKlO4%2BvHg%2FXfT9Rokp1a4rxcLNPe0oeP2Zt31j%2Bl7QWk%2FCsQSF%2FBBTaYYh4g\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 80a0018508d00b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5631,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-05-05T20:11:41.54597Z","times_seen":261341,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.726Z","timestamp":1695275167726,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cazzim.com/\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28388\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"f4e1fbca28c954a486a90828b2ee7543\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: UKrbxnA6XvXEgVu-TXphVPrBB0iMQxkeEdB_hKRsr382fqfwzgdFHA==\r\ncache-control: max-age=2133845\r\nexpires: Sun, 15 Oct 2023 22:30:12 GMT\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28388,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\\012- data","md5":"f4e1fbca28c954a486a90828b2ee7543","sha1":"7750f00fe0337120e16632ea7fff2a78b11c874a","sha256":"9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd","sha512":"637dcf053eef0e7d769863f91d229dbc8f53b1f5162628634b6849f2f947d002e4a8c69266db9376d8e52bb3eefe53c98ebefb584013a048020d35876daa88e6","ssdeep":"384:CZbzQs8AWvFV+CwE53CmqKETLKcdJTA8A9z12SkQDBkDNeDHrMR6ZWocMT12Ms0J:CZRVWvFzwK9KKwTALJn2eDrMR3ckfq","tlshash":"15d2f26c508ca59ddda7e0f2b9a45ff86ca4a11d9001578743fb67c0e3fed680980be2","first_seen":"2023-04-18T09:28:11Z","last_seen":"2026-05-04T17:19:35.527377Z","times_seen":700,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":54,"connect":1,"send":0,"wait":3,"receive":1,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.727Z","timestamp":1695275167727,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_SBd.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cazzim.com/\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 28188\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"d647937062406e5cc182de0cc77947d8\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: QmX7yv6RJT4hT4UTSJmqyU0reaonF3KP\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: O3lBoAqLkZUcPBtTZb4ozX77cfZvmlXBezAzB7kGcH79gTWk8WZMuQ==\r\ncache-control: max-age=2203425\r\nexpires: Mon, 16 Oct 2023 17:49:52 GMT\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28188,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 28188, version 1.0\\012- data","md5":"d647937062406e5cc182de0cc77947d8","sha1":"9d4c283a4fca43ae95019091bbd0a9e1b77b97bc","sha256":"48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056","sha512":"05aa4e12f95b749c2e772e9f596ed11dc2d4d40da637e4aafbe7a2a2b97b8398fb318f180b48711cdd89de8e92ddded32b066a7ef370f6245de4cad73b21e744","ssdeep":"768:HH1az7BcIW5H7g3+Ma2ZqcHOrCG7jCzVjNbEjfO:nA+h5bE0ISMVjNwjfO","tlshash":"a1c2e1cdc8206d85be52db386469edbb0220d4b5dc341d0938a9733c075847fe2ea9fa","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-05-04T17:19:35.522065Z","times_seen":685,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":53,"connect":1,"send":0,"wait":5,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.824Z","timestamp":1695275167824,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4517\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec3-4e98\"\r\nlast-modified: Mon, 04 May 2020 16:11:47 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 29080282\r\nexpires: Tue, 10 Sep 2024 05:46:07 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=DN0Y%2BM2VDyA5y%2F6A2f6%2F0takoHqidWpFWsK6jkVw1QX%2Fi8OQyhN6cmO%2FeuvzMFOStIOJzzDMuZk6nxw4WRvBOMWGOiisvvVrgmdKOot2r%2FZylyPletNyo4INKJ6kPEsWw95WzDdW\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 80a00185abaa56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4517,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"053305c2b293c27c02523cda42962c09","sha1":"556b0af7346b9e21a8eea1be8b195b563169ecd5","sha256":"be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44","sha512":"0fd324efdf7391ea6508816630c79a71b76a7ca3196d28554d8255e9c5bf29bd426c380716882b053e65f78890479e1b1b458ac5e7ad53041de31f0822e45980","ssdeep":"384:nPmG4foMrslSSQCyUAjKQze/he/UqlGA2A1:nOdobAjK78l1","tlshash":"1d922e0939f322625a6372ad0bef5009a3b58653149eee04bd4d63815f50a3893f7fe9","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-05-05T15:43:09.302347Z","times_seen":2740,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.724Z","timestamp":1695275167724,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cazzim.com/\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: binary/octet-stream\r\ncontent-length: 27852\r\nlast-modified: Fri, 28 Jun 2019 00:26:02 GMT\r\netag: \"cb37fa55f3dfdd26d61901032a53644f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 96b2Bo9YFlYTrfFcQX2Rvo9AmSOQP47Hz8QmnzNMKIjIs5vNDDwCTw==\r\ncache-control: max-age=1233991\r\nexpires: Thu, 05 Oct 2023 12:32:38 GMT\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27852,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\\012- data","md5":"cb37fa55f3dfdd26d61901032a53644f","sha1":"1115e8d43a08c1f74ec1f6a886d1cb530bb9da97","sha256":"902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9","sha512":"1a3176551c4f26069e24102fc72e407737b17121e39277b86f8130f10270cc81aefab8b11f7c38d8726ecaa1f3a24b2313a8f364442bc85dc8e41513b1d6e242","ssdeep":"768:DwcUL/u/dKOTCsjdD+GLF49dhKzulthYtOtGNl+34:DwcE2/BWeVB49d0CltheO8Z","tlshash":"e0c2e1ad1b73b17bdbe24b79db8951997d24b2e00775cfa712a411b0a003a951f382c6","first_seen":"2023-04-27T08:35:16Z","last_seen":"2026-05-04T17:19:35.525133Z","times_seen":658,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":54,"connect":1,"send":0,"wait":4,"receive":1,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js","fqdn":"ajax.aspnetcdn.com","domain":"aspnetcdn.com","tld":"com"},"ip":{"addr":"152.199.19.160","port":443,"asn":15133,"as":"EDGECAST","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.821Z","timestamp":1695275167821,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vo.msecnd.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"DigiCert SHA2 Secure Server CA","organization":"DigiCert Inc"},"validity":{"start":"Fri, 05 May 2023 00:00:00 GMT","end":"Sun, 28 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80","sha256":"BF:60:70:23:0A:9B:F0:F9:BC:EE:56:40:4B:F6:C3:4B:F6:BE:14:87:14:29:CF:BD:47:5C:31:E8:85:A5:7F:C3"}}},"request":{"raw":"GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1\r\nHost: ajax.aspnetcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 14208603\r\ncache-control: public,max-age=31536000\r\ncontent-type: application/javascript\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: \"80288516b793d31:0\"\r\nlast-modified: Mon, 22 Jan 2018 19:27:49 GMT\r\nserver: ECAcc (ska/F6AE)\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 30394\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30394,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-05T20:07:49.163441Z","times_seen":125759,"resource_available":true,"data":null}},"time_used":337,"timings":{"blocked":163,"dns":4,"connect":8,"send":0,"wait":11,"receive":4,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/web_properties.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.730Z","timestamp":1695275167730,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/web_properties.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 55586\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC1BTNRCQ2TDKW12Y9K2\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":248,"dns":29,"connect":26,"send":0,"wait":26,"receive":0,"ssl":222},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/914a4a6f3a23a11a51feb0d6f6a68751.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.710Z","timestamp":1695275167710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/914a4a6f3a23a11a51feb0d6f6a68751.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 33462\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC1B5K0K987SMQ6P5KBT\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/Bootstrap.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.728Z","timestamp":1695275167728,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/Bootstrap.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cazzim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 49192\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC1CTKK7YR0KPS8YJFBV\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":10,"connect":34,"send":0,"wait":27,"receive":0,"ssl":217},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c0d84295063dcdfcd1cc1f640130de02.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.711Z","timestamp":1695275167711,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c0d84295063dcdfcd1cc1f640130de02.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 35420\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC1BVGYTHEHTD21DZ81X\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":267,"dns":0,"connect":0,"send":0,"wait":26,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/browserDecom.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.720Z","timestamp":1695275167720,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/browserDecom.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 32549\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: \"af121a0c15b5dee5f7becf597ed57352-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HAV4CC1C92KJC9K5QR4X411R\r\ncontent-length: 907\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":907,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"21b219c6d0855bd870704aca6149a386","sha1":"f3a3e71129678ac2364ca565ef5cdcdff6c6be0b","sha256":"5e93965b3f8db2834e8e22ebf73a538bad7ba99fdc443a38942bf69f55c299a3","sha512":"fd26746f9665e68b8213f25c464334a5c118c250fa5d1587c344a784e56b4a469ab8bb29df042251434994c991b9c52241c5a3eb78ec9ccb55041c9f3fc444c4","ssdeep":"","tlshash":"b4117dc29b664a88360ec1a6785763686339d141cd2bde3c76b039f8bd552805013776","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T21:28:33.449625Z","times_seen":314,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":258,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/serverComponent.php","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.714Z","timestamp":1695275167714,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/serverComponent.php HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 9186\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: application/x-php\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: \"03cf249d51598e9e317827a045e53b8e-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HAV4CC1CG09TMEJBKTDS5P27\r\ncontent-length: 602\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":602,"size_decoded":0,"mime_type":"application/x-php","magic":"ASCII text, with very long lines (601)","md5":"0626b9bc7730ff6a1cfffc216aae6a53","sha1":"fb1ffc1f91553b782ca3c004b66045744a84f16a","sha256":"6b1e09a13ba7f32b6a863b3bb0134bf9e1f959a53c53d155affe2233c09e1007","sha512":"c9b54308c84a611aa1395d19950f7cf17736d2469c8973e8d9bf7e26f61d27cc0bc7d2c05c0f8b8c9fcf6698121d77ea29246f84cea60b946fbfce091361cb06","ssdeep":"","tlshash":"92f07d9b97f8204464458d0d14df7d08e8b83028dcc20094d7ea59151f9719339cf6fe","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T22:51:16.250321Z","times_seen":366,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":264,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.733Z","timestamp":1695275167733,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.17a600ea31802b45.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 44259\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC1CKBVQB1TR3V26EARS\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/css.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.734Z","timestamp":1695275167734,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/css.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 47164\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: \"78759fbc18d6dd8af298534fcf858866-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC1C8FKS85VTE9XXH9MA\r\ncontent-length: 27359\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27359,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (31118), with CRLF line terminators","md5":"dbfc2de4f7c9f7c851b60b41139ba060","sha1":"b4157c33443884cc743adfd5abc1763cbe6f5785","sha256":"20bb6bf4004dac223173ba5b41449186d983e80050dcfddbbc1975ae566a3e47","sha512":"3a5210282202e25093967a9261704066782054e0fad511d45a5d3b37fb6d4932f656cce3d7b640e00cfe7877a66e93a9f13201fc54ce8b2f97252bb68c4e44b6","ssdeep":"1536:ACQLzUxDgkEgGDgkEgDDgkEgEDgkEgbDgkEgNxVIjDgkEgXDgkEggHADgkEgCDgO:ACQLzba","tlshash":"bfa410b2f2c2011d33b38e7e2062a788d514d86bd1b627ed25c3b9a8b5c57bb01b751d","first_seen":"2023-08-08T19:36:34Z","last_seen":"2024-09-19T21:28:32.990818Z","times_seen":314,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":49,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.d7eeec1c93eef5e61473.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.732Z","timestamp":1695275167732,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.d7eeec1c93eef5e61473.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 60906\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: \"f699d301c9a785fdace5efdc9151313f-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC1CCEKC4N6J2292FVY7\r\ncontent-length: 9356\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9356,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"01aed6b25e0eb3d74a5f15f51752a6a9","sha1":"c2d806ad5b0ff7c82beca75d2c8f7f1bcc6936b5","sha256":"0c4f7f58335b6375e7a4500ab43f4057d09ac3017fd5f2f408259fc762b7ab15","sha512":"27239c439e1fe9178e2b59e828966c5a3bc059a436d36f5ab761e443e2cdb6b39ad4022ebdf577ab1446edfdf06ff76ddae7edd023cc850009bb0f6414af4305","ssdeep":"384:wy2DsacMwIXZT+SRbFcWSZe5xkoodWHoon/tVp:r2DsaUOSZsp","tlshash":"8ea3a0a7f6c6016ac097cf6590b639fce63a8c00d7c7666b5d03b7b89785fc60532889","first_seen":"2023-07-26T20:41:18Z","last_seen":"2024-09-19T22:51:16.260566Z","times_seen":387,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":247,"dns":0,"connect":0,"send":0,"wait":50,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/smartBanner.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.736Z","timestamp":1695275167736,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/smartBanner.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 115715\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC23QJMYST8SX84QE813\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/cp_common.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.729Z","timestamp":1695275167729,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/cp_common.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 55585\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC23M4GVCM2AQNS5PW4F\r\ncontent-length: 1274\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1274,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":609,"timings":{"blocked":252,"dns":28,"connect":25,"send":0,"wait":73,"receive":0,"ssl":224},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/712ff787f143e2fedc740cf96cd0f80b.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.704Z","timestamp":1695275167704,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/712ff787f143e2fedc740cf96cd0f80b.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 121319\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC23D3HNWPCWKJZDAV24\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":285,"dns":33,"connect":26,"send":0,"wait":65,"receive":0,"ssl":228},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.702Z","timestamp":1695275167702,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 55585\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC23YY42NE4W4QN2P2K0\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":660,"timings":{"blocked":287,"dns":32,"connect":26,"send":0,"wait":65,"receive":12,"ssl":231},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/icon-user.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.738Z","timestamp":1695275167738,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/icon-user.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 32546\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-type: image/svg+xml\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: \"2cb7bd60088678dedf1ed85bfa45d2cc-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-nf-request-id: 01HAV4CC23ENA1EZ0ZX2W3KSFK\r\ncontent-length: 584\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":584,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (584), with no line terminators","md5":"1f46c36bca03354edd25a3e35b7977db","sha1":"c002468fca8f3910fccba86c6d67602191eaeaed","sha256":"32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6","sha512":"75d96be277e58c397f846c80ed1154a910b824c349ccafa3de277dcbdbd227cfc98b7848fca0906654d80be81b4b5248d7e907fe0b843c36c43047c26e7b22c0","ssdeep":"","tlshash":"fef002e9577458fcd943ca3ad72924c62a3a70fd9a248998709864256d140ce4008888","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.182874Z","times_seen":284,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":243,"dns":0,"connect":0,"send":0,"wait":85,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/2d6b9362638574d196874650cdb28cd6.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.707Z","timestamp":1695275167707,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/2d6b9362638574d196874650cdb28cd6.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 115715\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC2380NWQNXZMCP3J3SZ\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":283,"dns":27,"connect":35,"send":0,"wait":76,"receive":1,"ssl":222},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/c344d59e90","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.712Z","timestamp":1695275167712,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/c344d59e90 HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 58722\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC237T0PV7RPDX3BRYDD\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":26,"connect":34,"send":0,"wait":85,"receive":0,"ssl":217},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/capital-one-logo.svg","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.737Z","timestamp":1695275167737,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/capital-one-logo.svg HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 61217\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\netag: \"5551fd44a62268b80906011d6516a2c9-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CC23RY02RETZVJ3NH7QA\r\ncontent-length: 1664\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1664,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3967), with CRLF line terminators","md5":"f0b7ad81821effc52540e39cafda48f9","sha1":"33d64bc7001f414f12bd92e740a45e5ced239add","sha256":"57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed","sha512":"ada921382d19becb6bb1efe43c7024f1bb995c84fb8c91e245731de68ab23e7959df759dc53fab8459b91eb3004334a6bd96194eb11c956a81a99b486252b727","ssdeep":"","tlshash":"a3819c79c390d3b9eed69bbc9f3260b4d08fd1ae90e5d35482a4c56035d20d8b25ecd9","first_seen":"2023-05-05T00:40:48Z","last_seen":"2026-05-04T17:19:35.518143Z","times_seen":491,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/styles.17a600ea31802b45.css","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.733Z","timestamp":1695275167733,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/styles.17a600ea31802b45.css HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 44260\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CCP43KSBF1HHBQN1D9GV\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bucolic-mandazi-68151a.netlify.app/css/smartBanner.js","fqdn":"bucolic-mandazi-68151a.netlify.app","domain":"bucolic-mandazi-68151a.netlify.app","tld":"netlify.app"},"ip":{"addr":"18.192.231.252","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:07.736Z","timestamp":1695275167736,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.netlify.app","organization":"Netlify, Inc"},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 21 Dec 2022 00:00:00 GMT","end":"Sun, 21 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"90:75:F4:E0:1B:98:9D:01:B0:58:B3:E3:3B:DB:DA:E0:24:FA:9F:82","sha256":"28:DF:77:2C:FA:74:24:3D:C4:3F:79:9C:90:49:05:B2:52:5B:8B:50:54:15:51:ED:CD:7C:D9:73:0D:11:46:10"}}},"request":{"raw":"GET /css/smartBanner.js HTTP/1.1\r\nHost: bucolic-mandazi-68151a.netlify.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nage: 115716\r\ncache-control: public,max-age=0,must-revalidate\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\netag: 1691221224-ssl-df\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01HAV4CCP50ATNG962QS07FYXM\r\ncontent-length: 1247\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1247,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (331)","md5":"4c1920da7e5d9180796a7cbd50c058fc","sha1":"ebc6858e8987cdb52fd011a29a6914f65e753a3e","sha256":"69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867","sha512":"c281dd50c956dab6b5e579b33df9facf71f9e8a9b87483a6d117e86466fd69ea28320f9166bf4ace4efe118df1d79ad44cba54b1a13ff59bc34757d0d0104350","ssdeep":"","tlshash":"855185ce42f32104d683a0683bf727496e91c01b990bc858bd8d7768cf46a85cc63b9c","first_seen":"2023-03-10T00:18:19Z","last_seen":"2026-04-28T06:28:34.670831Z","times_seen":3240,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":244,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-20","alert":"Sinkholed","trigger":"bucolic-mandazi-68151a.netlify.app","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.777Z","timestamp":1695275168777,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/twitter-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"c2f1acf6f29c52f793f66b65ba91d49f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: WY8VBzDyq7FctDDX8MrQBW0rTz7Flw8l\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: YlG8YqnDOa_P8VAf9WonpQ5skgLUvinbaxHQSNVgLOzUDc_p05KEJA==\r\ncontent-length: 734\r\ncache-control: max-age=2286195\r\nexpires: Tue, 17 Oct 2023 16:49:23 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":734,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- XML 1.0 document text\\012- XML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"c2f1acf6f29c52f793f66b65ba91d49f","sha1":"d045195486c4bfdbefd3e812e7297db69615484d","sha256":"d1b4860dcce83c4c73736dedeafe3b09403b267d087ef721a35dbffd5e564c68","sha512":"fc865996cb25ece0d63aea5801204de3642283dbddc174c87b0dccd5aba0f017fe03cfea081930ca3cdba4bca2359a22e140f567d6f9611fc18653095d2db197","ssdeep":"","tlshash":"d0213f55c395d8fabe258204d3b175c872f4589bb5b0d2d4bbaf0827f21c8e4454c2dd","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.186981Z","times_seen":396,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.782Z","timestamp":1695275168782,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/facebook-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"e43c5a7e7fb8c3c12579162a4986b1ad\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: sp5rcJ_CixBIFs_Kbc9AtTIkRc82cd4R\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: J59KxPSyrzwh1_-pHbiRvwFMM3nt_ufA6PAQOEVJZIkZALIksvAUkg==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 282\r\ncache-control: max-age=2178860\r\nexpires: Mon, 16 Oct 2023 11:00:28 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":282,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (431), with no line terminators","md5":"e43c5a7e7fb8c3c12579162a4986b1ad","sha1":"7a7c6a4ce7d8fe81778e3407bb710372ac3ea3f9","sha256":"b312fb49b19387ededa2729f0c384686ce7c83811b0ea0367ef63767e612da03","sha512":"949e0cfd60a6c3bd0f427b074e411e6891d76d67e0bc40d31fc14aabe54bed79fe15b8bf5fec39e9b504f297fd597e2b72ebf157b33a414be6e971e5cf083eba","ssdeep":"","tlshash":"d3e0a3dfb7492114a11fa9d6dbbc3e24781ce0ed64cd05c91f53b628509718cd417c50","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.187943Z","times_seen":388,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.788Z","timestamp":1695275168788,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/you-tube-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"0a9ec1ae291522dcb84befe6a44c3830\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 5PqSeWnBhEvAtcPgf2XAbVZCtyvnbUxM\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 61GrgK63n8h_lGzo-6PZlw-FzSgEAbs-J-4o0C9LPZwcXeaYMS7VwA==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 295\r\ncache-control: max-age=2084939\r\nexpires: Sun, 15 Oct 2023 08:55:07 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":295,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (491), with no line terminators","md5":"0a9ec1ae291522dcb84befe6a44c3830","sha1":"3236900d0d9801eb93d355a7b9be38b16ea51604","sha256":"bb29a96bd1b20b9dedd8197ce7f9a29fc742aa6555df924453b5561c6ef3564f","sha512":"ce5259558d6f047262edbedd14001d0a14da8e818048d6b2c22690ba540508b9e4b9da2353be8827996a352701f8fad6dc8f6a92ee13f6cb309a6ad2693c96f7","ssdeep":"","tlshash":"80f059e28f281c29d88fcfa8de7835a5754d05f422ed498c62e6ae2422e5f8ad544d81","first_seen":"2023-08-08T19:36:34Z","last_seen":"2026-03-13T11:56:24.20206Z","times_seen":388,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.791Z","timestamp":1695275168791,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/linkedin-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: \"4135a3d131493d86e0db3c8ad0420602\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: V4.R2G9M5ytZINKkEHFYF7hbdLSExGPo\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: 4ynpoRODdMy0NFqZlQXq01IXubwYlzd97AREFp__7QRwOBOU0ttfVw==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 349\r\ncache-control: max-age=2017444\r\nexpires: Sat, 14 Oct 2023 14:10:12 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":349,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (605), with no line terminators","md5":"4135a3d131493d86e0db3c8ad0420602","sha1":"4849488ce3d7aff2ec83435520a70627144cff6a","sha256":"bb0c33cd3e05dfff3f5fe39c013a2afc5ddd457d3b76b0bc7ee231cf5d0f01f7","sha512":"2a4d52b445fd456acaff27b49d6dd7bed97c88a6dc0bdf725b3e96efc82431c468e808f167f121d069675b51dff60062ff7358d90146fe7fb76e352762a463aa","ssdeep":"","tlshash":"82f002af81064944e6068f22ce4c3c2ca71d14d5796980bcd003e63c7f8fa81bc15e72","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.178544Z","times_seen":384,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.805Z","timestamp":1695275168805,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/social-icons/instagram-social.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:05 GMT\r\netag: W/\"7ff5bca5e93664bc612cc91ae53ac496\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: FUfIizReL1r02BrKB1G0_CUQXIQQ79Tx\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: coB_AF0E8m8ED78Dtvm4EGB0n-8P_tmMBd8KBvpxdKedH9QJyXEhzg==\r\ncontent-length: 768\r\ncache-control: max-age=349209\r\nexpires: Mon, 25 Sep 2023 06:46:17 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":768,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1670), with no line terminators","md5":"7ff5bca5e93664bc612cc91ae53ac496","sha1":"6a078cc08d3f7fe2b9f06a6f20cd3b953748f45f","sha256":"bb4babc75eb6ef45fd42a6fb5f50b059473aaf36c607bef28a4aedb514e238fc","sha512":"21fbea944b4ed600bf269a8f8079364c63583700ad56ac65165775a56b953467825f177fb4d46c0d08b29019f4a70a287bf1a2ee54311b6162cb85f006195f97","ssdeep":"","tlshash":"7731d0c16670d74415ca9c59cbf2eb204563f02f14eab8d1daff8b09a54ecc9fb80844","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.191198Z","times_seen":389,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.815Z","timestamp":1695275168815,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/logos/capital-one-logo.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 20 Jan 2021 18:06:43 GMT\r\netag: W/\"f0b7ad81821effc52540e39cafda48f9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8LzbBBEj8zCeatCBoYuv1q1dFFpTcVNl\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: HdJaUvrAj5VEG9DzlICGcJdU50sF2rvFp9FpZhYE6tYcovP5XqgQKQ==\r\ncontent-length: 1732\r\ncache-control: max-age=2163248\r\nexpires: Mon, 16 Oct 2023 06:40:16 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1732,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (3967), with CRLF line terminators","md5":"f0b7ad81821effc52540e39cafda48f9","sha1":"33d64bc7001f414f12bd92e740a45e5ced239add","sha256":"57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed","sha512":"ada921382d19becb6bb1efe43c7024f1bb995c84fb8c91e245731de68ab23e7959df759dc53fab8459b91eb3004334a6bd96194eb11c956a81a99b486252b727","ssdeep":"","tlshash":"a3819c79c390d3b9eed69bbc9f3260b4d08fd1ae90e5d35482a4c56035d20d8b25ecd9","first_seen":"2023-05-05T00:40:48Z","last_seen":"2026-05-04T17:19:35.518143Z","times_seen":491,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.818Z","timestamp":1695275168818,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-fdic.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: W/\"a5b2f8771a99c2670dd5183853596b4f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: 8xRP0pbuqhkFsGgLYTsgGzSHlkx4pEGg\r\nserver: AmazonS3\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: H-Np6_9eZQP1ng_FN2ju7A_gz1t7ss5LHM5EInETUpJpRN5SPOGvkw==\r\ncontent-length: 955\r\ncache-control: max-age=268093\r\nexpires: Sun, 24 Sep 2023 08:14:21 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document, ASCII text, with very long lines (1959), with no line terminators","md5":"a5b2f8771a99c2670dd5183853596b4f","sha1":"31d62e53c4839860683ff79e3866278f5ea35616","sha256":"017d9cf1015d4388c0069e8f2e147d998616605a8fdbb461cd964ff5cda545e3","sha512":"c456c0f4bed3264c85fb0336f334fd7be44ffd373230d0c5617e66ecebcaeb5faaccd815215e8ea788e6000330e5f7b2288c3c9cc66e2843f10dc00e839960c2","ssdeep":"","tlshash":"2a41adbd8754d1adeec48aec6e27e0a4e05fa259c0d1c3519266c6b111d24c9e34f8e4","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.193272Z","times_seen":390,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg","fqdn":"ecm.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.36.79.34","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.825Z","timestamp":1695275168825,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecm.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Tue, 25 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"EB:F6:BD:77:65:EE:62:78:14:5F:98:60:A6:56:55:50:0A:7E:93:03","sha256":"EE:04:66:C5:6D:29:20:A4:E8:F1:4B:FC:6F:B8:A8:48:F2:EC:50:B0:69:6A:61:84:EA:41:FF:5D:49:1D:DC:49"}}},"request":{"raw":"GET /CI_Common/assets/images/footer/www-ehl.svg HTTP/1.1\r\nHost: ecm.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bucolic-mandazi-68151a.netlify.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 28 Jun 2019 00:26:06 GMT\r\netag: \"30d0ea03dfc7173265c5896affca1ad9\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Cfpp_Ya_3POEKViDatTY.UH0GBjWHzjx\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-amz-cf-pop: ARN56-P2\r\nx-amz-cf-id: VUds1SokOgb9rdD7QoElH2jw_GpSlScadYoEUDVMVKsc8pGsgE3Y4A==\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 299\r\ncache-control: max-age=726899\r\nexpires: Fri, 29 Sep 2023 15:41:07 GMT\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\naccess-control-request-method: POST,GET,PUT,DELETE\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":299,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (437), with no line terminators","md5":"30d0ea03dfc7173265c5896affca1ad9","sha1":"3eb9550c148d3e49d67c6531a9aa6cf8acd356d0","sha256":"2d23c63e03fb685ed80f2554da2069dbc431720b6ed4f3f7cce579f52aaa62af","sha512":"5a460a10695b605ac05b4f21881751ea3a87c65245b0b3ae6a45b42bafb42f85f3df0f710afcd55a1c5ab6f0b9044a9c032dba888de3e18a5e4291b464a6f4fe","ssdeep":"","tlshash":"bde0555e87ba3a1468a087f8f3997e5253e602c9c298d2ec54f12537606d9e8819ce44","first_seen":"2023-07-26T20:41:18Z","last_seen":"2026-03-13T11:56:24.195536Z","times_seen":385,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verified.capitalone.com/auth/favicon.ico","fqdn":"verified.capitalone.com","domain":"capitalone.com","tld":"com"},"ip":{"addr":"23.32.89.161","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","date":"2023-09-21T05:46:08.862Z","timestamp":1695275168862,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"verified.capitalone.com","organization":"Capital One Financial Corporation"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Mon, 06 Feb 2023 00:00:00 GMT","end":"Mon, 05 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"44:E2:45:6A:F1:39:E9:0C:AE:A5:CD:55:BE:10:72:0E:7D:B9:D5:BC","sha256":"9B:15:C9:E4:1C:60:57:83:AA:C0:E3:81:DD:7B:2F:1C:3A:33:0C:53:B1:A5:69:F0:DD:5E:A5:F9:0E:80:DE:46"}}},"request":{"raw":"GET /auth/favicon.ico HTTP/1.1\r\nHost: verified.capitalone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cazzim.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15086\r\nlast-modified: Tue, 12 Sep 2023 19:03:44 GMT\r\netag: \"d27e1739c7477b10ec6917546ae61f1d\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: c_DMsHz6KnKZy3qO7ga3vWdToiGZuAy_\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ncontent-security-policy: frame-ancestors 'none'\r\nstrict-transport-security: max-age=31622400; includeSubdomains\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-amz-cf-pop: MXP64-C2\r\nx-amz-cf-id: ZsB8wpwO-NEil9hNhNfhsh3eKKeEuXc4_Qo4YXwQWGONbw3S-iVMNw==\r\ndate: Thu, 21 Sep 2023 05:46:08 GMT\r\nset-cookie: akacd_phased_release_site_down=1695275228~rv=59~id=7983d76c0bbeba7f305acb6b76847006; path=/; Expires=Thu, 21 Sep 2023 05:47:08 GMT; Secure; SameSite=None\r\nx-robots-tag: noindex\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\nx-frame-options: DENY, deny\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\\012- data","md5":"d27e1739c7477b10ec6917546ae61f1d","sha1":"bb36ab8bce726ce72a2d74a8529526bca0fa515d","sha256":"5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec","sha512":"f8905a386f0d492e37d086fefd9e0eca1ef915551242554b70803f3fe89d4d7173565820f391f14f392d71861c8c43f3f8ecb4c5569491db9a2006f80bd0f64d","ssdeep":"96:WnvwwlPwSVOJilFV9HNya8arOd9e9DAthhrXTF14/sKFVNe4WiInwjr:Mf9DNF2e9DALhrjFeUmNlWz4","tlshash":"2e6262a362824eb4d8671530e9569b2dc272efea8df4fd042d387a2b4b352c5500b7c1","first_seen":"2023-04-18T09:27:51Z","last_seen":"2026-05-04T17:19:35.542168Z","times_seen":665,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":115,"connect":7,"send":0,"wait":15,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cazzim.com//tmp/capitalone.com.axpwas/indexnw.html","fqdn":"cazzim.com","domain":"cazzim.com","tld":"com"},"ip":{"addr":"192.185.131.38","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-21T05:46:07.167Z","timestamp":1695275167167,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cazzim.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 Sep 2023 09:00:59 GMT","end":"Mon, 04 Dec 2023 09:00:58 GMT"},"fingerprint":{"sha1":"E3:CE:7E:44:B8:D4:B6:73:61:6D:E2:A6:5F:D9:E8:0F:08:B4:A9:FE","sha256":"97:C7:34:EE:57:64:7A:F9:07:46:8C:56:29:E8:B5:C1:41:AA:3B:BD:B9:24:C3:E4:5D:DA:A8:BD:FF:F0:99:DA"}}},"request":{"raw":"GET //tmp/capitalone.com.axpwas/indexnw.html HTTP/1.1\r\nHost: cazzim.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://jclarke.expofranchise.com.br/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 20 Sep 2023 17:36:39 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Thu, 21 Sep 2023 05:46:07 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":155990,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T20:09:54.588333Z","times_seen":14703811,"resource_available":true,"data":null}},"time_used":676,"timings":{"blocked":266,"dns":1,"connect":122,"send":0,"wait":136,"receive":0,"ssl":149},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}