{"report_id":"ee3a2b94-1483-4983-851f-24aaa8fe510d","version":0,"status":"done","tags":[],"date":"2026-07-01T02:20:53Z","url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"final":{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"title":"beyondinvestmentcapitals | Home","dom":{"size":172559,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1100)","md5":"6b5649fc61bce0eaa0e29f0152c085ae","sha1":"794f317a19ed6af6bae5d20c884d30f051489d5e","sha256":"854f49713bf56f9c3bda77d4d7ca1460491c125dd3ba61ed32e7e7114bafab2d","sha512":"fd9324fe8c732ad0ac201044b6836c63d5e1090797aeb83e01c8b41620cae8b101e99c027f5d79960c43308fbc454a52e1e0375046681ec00aa0147bb4686c13","ssdeep":"3072:RS3yEEtHvAl5O5IAvAlHtmaGKhfVDkJWV+ptjLEbxjt:RS3yEEtEmaBPnjt","tlshash":"23f31d70a5f14c33019b50c469214f1a6fe6f787c9170189bafc0bea9fd6ca6ed27618","dom_hash":"domhashd492bffc140c6b2445f7d11b007ec34d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-05T02:20:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"mail.beyondinvestmentcapitals.com","ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"domain_registered":"2026-01-10","domain_rank":0,"first_seen":"2026-07-01T02:02:06.406271Z","last_seen":"2026-07-01T02:02:06.406271Z","alert_count":122,"request_count":61,"received_data":4138687,"sent_data":77844,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Font Awesome","description":"Font Awesome is a font and icon toolkit based on CSS and Less.","website":"https://fontawesome.com/","common_platform_enumeration":"","icon":"Font Awesome.svg","categories":["Font scripts"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-28T22:19:26.805281Z","alert_count":0,"request_count":7,"received_data":189463,"sent_data":4028,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":2,"received_data":19426,"sent_data":1124,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/popper.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"e21a6649041ef6f5f1bf43f11946621f","sha1":"01bcaef811210de0ea58e55e47fbefd77be5c442","sha256":"7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5","sha512":"10d373506802082bb1121092294e2ac7cf5695024a2ac9ce3e5d0a83f71b8fe906c3d9b736c667ecbba5a340d73e284f1cf710f393a1614d051bf4ee21ac8d87","ssdeep":"384:kmQkLrwVOyzirV9nNbRGlB9D45HjiWZ8xpOxvRVgD75zBY5vImg3+zopL9TidOg4:vLsgyziJ/0D45sxpOxvYD73Y5v9zwL9F","tlshash":"c792a3dc3294b06643a791a7a0bf960eb2339875610e9410f19df2d97c30ef9917bc7a","size":21162,"data":"","first_seen":"2023-03-07T01:17:32Z","last_seen":"2026-07-03T13:58:49.476965Z","times_seen":2596,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/slick.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5a61c749e44e47159af8a6579dda121","sha1":"3b41b3bc956685015a347a2238e71db29dfa0dbb","sha256":"0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740","sha512":"5ed98cb4311c373da3ede92bb47bce551e22c30683ea8fc55097baf99abe1e0702b24de48f8b9241047cc1e4364158f5a343e4e8fc182e8866db4e99ccd7ee6e","ssdeep":"768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYH:EPrYdlNixEePiYH","tlshash":"e513a549d205276285d721e62105c40eb3f7fb3cba22c0e475c9d3ea646ec4896d7bfa","size":42863,"data":"","first_seen":"2023-03-07T01:06:34Z","last_seen":"2026-07-03T19:14:02.706109Z","times_seen":104066,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/radialprogress.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b4443a30634524ad0de11cbc41a0c8c","sha1":"7a550671589fe60bbeb821d9e0267bd22847efb3","sha256":"0b6cff668b98bbfaca4969c3d48147bbd05536d494197f04e4a33164ef582524","sha512":"007c7e4f8e5601d1ee71bd94366dc6a7965061f4479b2aa0999999ca817991f4d0cb6df76a35ffb701f4847138c138b8348fd248e68b35765d64fd87fa0f1712","ssdeep":"","tlshash":"51112b363e14192195f7b03a8f7b2615ff27900342059680780e98f52ff072a8b1fea4","size":977,"data":"","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.160622Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/pusher.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1be14bcd111694d8e5ac59db0560aa4","sha1":"135246fffdb51a130c046f7d7f8c371ed6872b8f","sha256":"355557a7addf5ff91b246281cec6ad20f35b2ba7c44dd327926f337d6f0394e0","sha512":"c636bc7eb676353d3e6f568c9ae2dcde77c78e197dd284e253697c479e56c5132843ea93b91f6990e32787f23d5fb1dcd9edbbcf46a628d380266e976d87b6fc","ssdeep":"768:jWds216t1KRv89yz+YDN+hHW8hIEyZc+NwBuxt64CTMFPWfAfMxv3fUyaKdUTf76:Sdsg6CaLy2+cUybdIfVwApDVstxOOfz","tlshash":"2053a7c8f991b06143a7b171453f150ea33e686cb40ac0bcbb64d9e5ac7528d923bf79","size":65941,"data":"","first_seen":"2023-03-07T12:01:32Z","last_seen":"2026-07-03T18:32:59.099762Z","times_seen":2191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/axios.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"70489d9432ef978db53bebda3e9f4c14","sha1":"f24d0bcc36027bce45c86acfba57b248edb6a3f9","sha256":"24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1","sha512":"6d94b8ed2eec3cec648d4ff806dd33ae112d5b1d32d02464844a7c21c9332be96d89f20813d10c20c4ee4ff984ce820c7b050836bb8304847f8c99db82ea27a9","ssdeep":"384:4tuDoBdyteApZXfgHH7MsMRrVkkaFW4Um6kxTF6T9eeM:p0kvRrVwWQ6k5F6T9eJ","tlshash":"eb5295ceb4a1b09747f721f0809f4a0fb2ba552a644dc4a0fa60e8e66c7552d8733f5d","size":14355,"data":"","first_seen":"2023-03-07T01:06:54Z","last_seen":"2026-07-02T16:14:36.799727Z","times_seen":4566,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d7e516ec7a4767b6c18b63fa5a2b70dd","sha1":"07f4523deb30cfca5fa5c58d506564b5736db661","sha256":"9645b7dfa722d37705efcbf5fea580876eb2add5f667b65da68abab243ca8d8e","sha512":"9199cd6108dffd06510d4d9820d39b27cbf8b995e8769b285a2535542d86d0218352e67189d985305346b76b44e42ac72ea36101c6527c91cce9145bad1623ed","ssdeep":"","tlshash":"cf319d2dfabf01585a7b3046b7fb8c011b5d208f91068e14f9ad4fd46f4c555b5e8a0e","size":1518,"data":"","first_seen":"2026-07-01T02:21:00.273435Z","last_seen":"2026-07-01T02:21:00.273435Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"339181842a359c9945103c8817c968c9","sha1":"c5db08b59aa5c709e066be4fff429791f6734995","sha256":"abdbbc37b4b8a685b7bf9b1cf88647a26588c6386fea84f279da9a34840520f7","sha512":"6b5b8354fd2207498f85ccd451cb75d6d316aeed8c5bbb98db512533d2e1491919abfa4da57bb15a604308ac8c6d9e6d92e8105b12ecdf0cfb97d9411d58cd51","ssdeep":"","tlshash":"afe0c20820e380c0dd3b606a475bc0844ea73b072087de507e2c2fc46f76938526898c","size":372,"data":"","first_seen":"2026-06-14T10:13:34.045775Z","last_seen":"2026-07-01T02:21:00.274347Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"9d3b50286799b637d8420fd27f9434b9","sha1":"d0974e955459ca7cc55373e1725b8702c44a00e1","sha256":"488b968c5e2eba7aefcc6e111a1f6dde3d1c7f829a2961431b04cfd5deee57bb","sha512":"3276d5db267ae041e83c7c8475349f9356248af0e24142084e0e2db0ea23de3a888338c4ffd7918430e2ca7a5cde25f542eb7dfa9499b950d87c6a9dd5c1e873","ssdeep":"","tlshash":"62d022bf0090040013fb20526d0f3104b52324e708462a00be0ceda0cfe4abe120bf18","size":213,"data":"","first_seen":"2026-07-01T02:21:00.275656Z","last_seen":"2026-07-01T02:21:00.275656Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/modernizr.custom.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"e7499c5d8505eb7b8491d57535e626d8","sha1":"4082a467c069917a1bf0788a633809f9b92a1b72","sha256":"b80ac06974a5ff61f944f0f7fe3ccff1e38510f24243b0b25fd050ba608beeb7","sha512":"e4b542b9c19bb9c88fb251ccf849eb9030efe6122c7f5955b53873e718f22d26a50393a2220505b7020ddb967f29eb31b64230a3d782030db85aa962f5986a77","ssdeep":"192:Iwf7l2TmZyeKQob1dHYPeIny6L8LDDhWwpy8b7z:hf7l2SZyeKQoZRY5y6SHh1pz","tlshash":"8d02b6c87642f216879710ba907f410bf279e8aab84c8d50e045d9e8bd709b8467bf1d","size":8489,"data":"","first_seen":"2023-03-10T08:40:48Z","last_seen":"2026-07-01T02:21:00.252422Z","times_seen":94,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/jquery-3.5.1.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b61aa6e2d68d21b3546b5b418bf0e9c3","sha1":"9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7","sha256":"f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b","sha512":"5882735d9a0239c5c63c5c87b81618e3c8dc09d7d743c3444c535b9547b9b65defa509d7804552c581cb84b61dd1225e2add5dca6b120868ec201fa979504f4b","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvaks:/Yh8eip3huuf6IidlrvakdtQ47GK8","tlshash":"3193f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89478,"data":"","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-07-03T15:09:53.952187Z","times_seen":17213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/fontawesome.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e90fca85fa1f25038604a2f0a18d0b1","sha1":"d943307bd29d083cfab30778ad95cbac274be662","sha256":"25c212a4a47fa3b6c9f2fbb20010525a3b0581ee46bc1a9fdd2492acdf3de484","sha512":"a5a7e1d21aeb4fd64f665fe3c74730ca9ecddbea338107fe60af788d2ba91c72c3da57046132f1123bb8996ff6b1b9f8a8511fc49199c885ffc89890be0825a7","ssdeep":"768:5OYDSVk6tReHNMY8QFzm1vnGMHl7ehNHsF1pivehgXwUz0AH4d:5OFk6TetMHQFzmSvehgXzz0g4d","tlshash":"82f2096d724132b24e57043091ef160eb13abb1a759a8ca1e117e4c6687cedda0b3f5f","size":37330,"data":"","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.160004Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/wow.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"36050285bfeeb7395752f0f9bbc08273","sha1":"5924f7bbbf1dfa3f0926851d01f782f23a59e805","sha256":"0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69","sha512":"bf887e087c52583114b77bfb417d7dffa0ee8634d39155af14591a24b2add9ef4c8a0c0555364122800d07a55f5f1fb0c723b39541b069a437ff558ddbf380a3","ssdeep":"96:UrZgL1xvPV6GqKgR6TYLWHFMLJA6pOROVEE1fosvGeaMozHImBaoqbl:Ury9PVfIFrlAJROVEEdos+eatzHILoA","tlshash":"750267c97a967031d75796f6833f0106b6361aeeb028047cb5b88dd57c78868523bf38","size":8415,"data":"","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-07-03T18:58:29.552776Z","times_seen":13361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/vue.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb192338844efe86ec759a40152fcb8e","sha1":"e55df1f7d6c288ee73d439bab26dd006ffee7af3","sha256":"29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2","sha512":"04a6d247e71fcb12dd300b04d2768b45e1522e0f3fa636e07f11e1fe4fe4502f361f2eebe87b51e612e1a1b6a59f681c4efce4cb27a1add444763a6c430cb627","ssdeep":"1536:zUXY7qLtpHt2P0e1mZ8I6H82RaLPMBlo5VV2B/S/r:iYeJpN28efKMBlmV00/r","tlshash":"149308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","size":93670,"data":"","first_seen":"2023-03-07T12:58:36Z","last_seen":"2026-07-03T06:53:54.6497Z","times_seen":3011,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/script.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"67c4536344791e7962a3745766741510","sha1":"89a7066b50ac8f874139f6f16bd62bcad3c0794d","sha256":"d1e6f6211ce0690e28d2372412542d09c0b7811626899a97434f293bdab0ac4a","sha512":"6c0595ca213ec4dd15b787d983e4478c41cff583ea4076a750e23797d5400fdbdbf23528c6795fc712c49768bc6d10aa5df12787976068a780663854eb0e698d","ssdeep":"384:ZCPUf7jHikc0UmW4loYlDoDwDIIDIUDEDACYYQ1nYO:ZCPUf7jHin0UmssDoDwDIIDIUDED6N93","tlshash":"8ea2fe0a68791072507b703e5fbfd6003a6a500b9d19fd60b9ac1ac41f1c76eb6f27e9","size":21731,"data":"","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.238548Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/jquery-ui.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","size":253669,"data":"","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-07-03T18:40:25.938891Z","times_seen":21861,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/bootstrap.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"702b3a2e879ea8528a526a970d6e7fdd","sha1":"6054beee168e3ccf3d05540b38ddd27d48c76dbd","sha256":"5ee2ebf07e7d323cf5460469dc9a1956a53c38f0003acd80f3e7db323cb4f718","sha512":"057a5092e4f2e9cb8568341a98330ba977351f58c1ebaafc5a24096eef0ba3917afe312fff638be94a18ac85181b18b67d8403aa5b381e99b48765ef607c304e","ssdeep":"768:dKD1OQYUhHVvO1Nnng76Tq8mrIIeoBAiAHFcQqK8jXLb6mH/3fn57hCQ:dG1r7CDVBUXv/VhCQ","tlshash":"d653750672a4f472059fa176803b0a0bb7362c9de506b16cbad998dd1f7cd443267f3a","size":63241,"data":"","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.234385Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/multi-animated-counter.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c61945973b582a5069b19a283e972667","sha1":"b5408173db5f6597e4da2baeb81b04411f6b8683","sha256":"8f6e7b9d59933213421012e6957794c49f1fef91e44d545dbe269e069bfeba82","sha512":"2f61e4a679ae5864fad6431f4422b27788148cc0bc7111a08448a16beb2fd6159eef08ce2cdb8501d533a1e582301bf6da79283b002c4a2436dd06a07bf9ee16","ssdeep":"","tlshash":"07419b5c39f721218567f06a4b4f16100319e423a51ace2cbdaccbc85fd143adab9bbd","size":1936,"data":"","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.168046Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/notiflix-aio-2.7.0.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"8af26288f542ff1238a4594619c8e756","sha1":"32b1c52b33deb139c704b9af9b22ce7ad8d7b67a","sha256":"4755591f914733379059fd738192be747a78c20dd681087108b205896423d792","sha512":"d290a936aeed461c4da6a72607b93140f28df7b210fb093fbd6699918100ad51152f05a5f498e97ff3d102243f7cfa393d198bb9d8213a1fbecd4fda8908a9f7","ssdeep":"768:967T2Zhtifr2SNf4zlNkdFEiWjDDVv5c4JEwn2BaHNr5NvD4UcfidUC8b8wFwBPg:IUigRc43l74Uhq8dUtpBJgMPum","tlshash":"3a93f9eb5140111d82178be36bce4548763ab896b1160cdeb3b82c2a87d5bcd17e772f","size":91821,"data":"","first_seen":"2023-03-10T22:21:03Z","last_seen":"2026-07-01T02:21:00.259132Z","times_seen":143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/jquery.flagstrap.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"f88337f2499c12f689630bfac328c9f3","sha1":"857763052335b4ca57331755a6ea7d2dc92670b3","sha256":"f09afaed8fc889a576eb770b4deb8b0ac6531ec9c12239a7d7200f031fd2697a","sha512":"bd2d02a7980d67f299893b880a1e392cfd7f66eedeb29490cc92ee324ed68e67c65fbfdd1282526770dd7cc5155e0386dbf9211d8ceff2353335ac0141ce19b1","ssdeep":"192:+yIEoFjGXgUXUGTyroZ487wlIH2cyrR3POXwAQhT2:+coFqLX5Tyrq8lQyrR3POmhy","tlshash":"e0e1c80ce231123ec6f586beb4db2a62f43a91168124d8739a6f89bc0b15cc76176d77","size":7449,"data":"","first_seen":"2023-03-07T13:10:50Z","last_seen":"2026-07-01T02:21:00.260767Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/owl.carousel.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"f416f9031fef25ae25ba9756e3eb6978","sha1":"e2a600e433df72b4cfde93d7880e3114917a3cbe","sha256":"a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d","sha512":"6cfb3b01eea956f84e4a221cc940a547bfead8e02c462a2fc38bc0917fb325bc374a101e7aa7b3ab9d11208708511abb39adb4ad6da7daaf9fc9704d714f65af","ssdeep":"768:UCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSGc7UuHjRUQuFBt33:PITMFC4dbMVRSGcgRDV","tlshash":"e7137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","size":44342,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T19:11:44.022045Z","times_seen":62522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/bootstrap.min.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.208Z","timestamp":1782872428208,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/bootstrap.min.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 21534\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":160392,"size_decoded":21844,"mime_type":"text/css","magic":"ASCII text, with very long lines (65326)","md5":"023b3876bb73aa541367fc40a193d2b7","sha1":"8ed2d6350d23f857d92805737d0f97c675de666b","sha256":"f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194","sha512":"a1cf7e5d2b351f6e37fc544df51c3ad859fc12dc631185875d1be34b8dd8b6e7847b06d2e8e6df5dc24dca88631ea54a14fa175d4c7073eab52bb0de7babeff6","ssdeep":"1536:kw7CIJ0T+r+ryEIA1pDEBi8yNcuSEIA1/uypq3SYiLENM6HN26R:H7VKGGq3SYiLENM6HN26R","tlshash":"a3f353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-05T06:17:06Z","last_seen":"2026-07-03T13:44:21.69975Z","times_seen":12602,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/all.min.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.210Z","timestamp":1782872428210,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/all.min.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12379\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":59290,"size_decoded":12689,"mime_type":"text/css","magic":"ASCII text, with very long lines (59104)","md5":"8b35e4d386c611b23444619fba5d9368","sha1":"0edf926fa5f04ee5e3ffe0e6867b04ecf2e609e4","sha256":"21f517ab86dd0e0ed82ae480fcc75f072b30b7d5cce09b196577416bfc140e3a","sha512":"e1f13aecc9bb51d87d955e467b5b51a4f9c2b403fd0f0ea3154a2418fba71a76b9782849d992bef91450b3c90c8039f7f6a0b0ae7f7c846f8c2c1f943414f3d6","ssdeep":"768:5Eh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzJ:5E0PxXE4YXJgndFTfy9lt51","tlshash":"0543fbb8e54c01cab732c44bef41b2bc61b6f73de5914d95f00e591c2ad26a811c5fba","first_seen":"2023-05-17T00:21:50Z","last_seen":"2026-07-02T16:35:01.600426Z","times_seen":48,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/fontawesome.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.236Z","timestamp":1782872428236,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/fontawesome.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 12483\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":37330,"size_decoded":12807,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37144)","md5":"3e90fca85fa1f25038604a2f0a18d0b1","sha1":"d943307bd29d083cfab30778ad95cbac274be662","sha256":"25c212a4a47fa3b6c9f2fbb20010525a3b0581ee46bc1a9fdd2492acdf3de484","sha512":"a5a7e1d21aeb4fd64f665fe3c74730ca9ecddbea338107fe60af788d2ba91c72c3da57046132f1123bb8996ff6b1b9f8a8511fc49199c885ffc89890be0825a7","ssdeep":"768:5OYDSVk6tReHNMY8QFzm1vnGMHl7ehNHsF1pivehgXwUz0AH4d:5OFk6TetMHQFzmSvehgXzz0g4d","tlshash":"82f2096d724132b24e57043091ef160eb13abb1a759a8ca1e117e4c6687cedda0b3f5f","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.160004Z","times_seen":48,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/radialprogress.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.245Z","timestamp":1782872428245,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/radialprogress.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 336\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":977,"size_decoded":658,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"4b4443a30634524ad0de11cbc41a0c8c","sha1":"7a550671589fe60bbeb821d9e0267bd22847efb3","sha256":"0b6cff668b98bbfaca4969c3d48147bbd05536d494197f04e4a33164ef582524","sha512":"007c7e4f8e5601d1ee71bd94366dc6a7965061f4479b2aa0999999ca817991f4d0cb6df76a35ffb701f4847138c138b8348fd248e68b35765d64fd87fa0f1712","ssdeep":"","tlshash":"51112b363e14192195f7b03a8f7b2615ff27900342059680780e98f52ff072a8b1fea4","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.160622Z","times_seen":17,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/vue.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.249Z","timestamp":1782872428249,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/global/js/vue.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:17:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 33111\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":93670,"size_decoded":33435,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65449)","md5":"fb192338844efe86ec759a40152fcb8e","sha1":"e55df1f7d6c288ee73d439bab26dd006ffee7af3","sha256":"29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2","sha512":"04a6d247e71fcb12dd300b04d2768b45e1522e0f3fa636e07f11e1fe4fe4502f361f2eebe87b51e612e1a1b6a59f681c4efce4cb27a1add444763a6c430cb627","ssdeep":"1536:zUXY7qLtpHt2P0e1mZ8I6H82RaLPMBlo5VV2B/S/r:iYeJpN28efKMBlmV00/r","tlshash":"149308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","first_seen":"2023-03-07T12:58:36Z","last_seen":"2026-07-03T06:53:54.6497Z","times_seen":3011,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/jquery-ui.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.232Z","timestamp":1782872428232,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/global/js/jquery-ui.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:17:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 66089\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":253669,"size_decoded":66413,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32074)","md5":"c15b1008dec3c8967ea657a7bb4baaec","sha1":"78489e580adaef931e6e5b131dab556c397e4a1a","sha256":"28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3","sha512":"bada3d9a5433aece7d57020b70b89161e2ca3cf6d2fdb4fbd5d6bf38405813071d35493c8d8232f83d7be91628a29d436be7fd9af918ae68f93022d9584b50b8","ssdeep":"3072:FkHOJD1g7SV7opRBbDrtnAcKYvFJi/5PLO1aG0qF2/nwOW16j:q9/KvjOVlFYQ16j","tlshash":"1f44f74d72003a2296dbe2a5103b2a0fa237515da605805cb53dcedf9e7de4431bbfb9","first_seen":"2023-03-07T01:19:34Z","last_seen":"2026-07-03T18:40:25.938891Z","times_seen":21861,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/multi-animated-counter.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.244Z","timestamp":1782872428244,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/multi-animated-counter.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 593\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1936,"size_decoded":915,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"c61945973b582a5069b19a283e972667","sha1":"b5408173db5f6597e4da2baeb81b04411f6b8683","sha256":"8f6e7b9d59933213421012e6957794c49f1fef91e44d545dbe269e069bfeba82","sha512":"2f61e4a679ae5864fad6431f4422b27788148cc0bc7111a08448a16beb2fd6159eef08ce2cdb8501d533a1e582301bf6da79283b002c4a2436dd06a07bf9ee16","ssdeep":"","tlshash":"07419b5c39f721218567f06a4b4f16100319e423a51ace2cbdaccbc85fd143adab9bbd","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.168046Z","times_seen":18,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/62778ce92d4d51652002025.jpg","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.283Z","timestamp":1782872428283,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/62778ce92d4d51652002025.jpg HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 08 May 2022 14:27:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3815\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3815,"size_decoded":4081,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 88x88, components 3","md5":"fda0f6c94c491732f3676c9de04195c3","sha1":"764c58b11e6c23feebb22ffca587e2ee2ab1991c","sha256":"1a72be5a1ff28b51a90f2eb453ae7b4e63948d50148d0bfbdb8be7402385dc23","sha512":"b813efc12e0b882e144a36dd9dce49cca8bf80d7ed4db3a06174a94ac39455f8c339c0d3ed780b8d63d19731e7c95abab86f5c579cc8f1e56ecd80e1d96b5f81","ssdeep":"","tlshash":"5b715d552b4703e1b863ebfee0479d78e7ca2981349250ac5ff2a78a9107183d88410c","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.168963Z","times_seen":48,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/wow.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.237Z","timestamp":1782872428237,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/wow.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2572\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8415,"size_decoded":2895,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8385)","md5":"36050285bfeeb7395752f0f9bbc08273","sha1":"5924f7bbbf1dfa3f0926851d01f782f23a59e805","sha256":"0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69","sha512":"bf887e087c52583114b77bfb417d7dffa0ee8634d39155af14591a24b2add9ef4c8a0c0555364122800d07a55f5f1fb0c723b39541b069a437ff558ddbf380a3","ssdeep":"96:UrZgL1xvPV6GqKgR6TYLWHFMLJA6pOROVEE1fosvGeaMozHImBaoqbl:Ury9PVfIFrlAJROVEEdos+eatzHILoA","tlshash":"750267c97a967031d75796f6833f0106b6361aeeb028047cb5b88dd57c78868523bf38","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-07-03T18:58:29.552776Z","times_seen":13361,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac0fa3a5c781672220579.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.268Z","timestamp":1782872428268,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac0fa3a5c781672220579.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:46:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4301\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4301,"size_decoded":4566,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"7f52da7685c7835192f4412e83ec0828","sha1":"7cdee52567ba584f21dc14d3ea6a5f94abbc7e55","sha256":"f94bbca768525ced3509ecdcdfd384c245a8a501c3f7a63a342326e34414d6b4","sha512":"966a295b516e8c234f81e4202156ffce72d86055c873640f8e022af363ac6a73efc2f9a45b5d280bc0f6f8813449c206099bfaab65520d52a16d00264a31ef90","ssdeep":"96:rB0cM4bsKN2gs1WrtyOsAD04q7KMYNPYIGI99Nwb4S8Iih:90L6nN2gs1AsGcYNQPAib4S8v","tlshash":"3b918f267325cbc503e6c01511bceb28df2c193a36c953a121c0ed396bfd5108b7c195","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.170116Z","times_seen":53,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/images/shapes/shape-img-8.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.503Z","timestamp":1782872428503,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/images/shapes/shape-img-8.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/color.php?primaryColor=8080ff\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 03 Apr 2022 18:17:54 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4532\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4532,"size_decoded":4797,"mime_type":"image/png","magic":"PNG image data, 445 x 248, 8-bit/color RGBA, non-interlaced","md5":"2aa7c0526280ad2ca8d6d97262a82957","sha1":"f09d5df188253434da6b6b46d83de0b8d83ed7e9","sha256":"5a0b55d971a9247de848606c8f73c9346fae0b4fe1651a2e5ab8ca5efebddef2","sha512":"735110a4357b234557c61748063d88c8e833fbf98e2c6d6d248ba89ccb315ae070aba40d715bb8a1bb28155c38ae70e03c818cfe61a289470471db837bbaf8a2","ssdeep":"96:x5NTdpklsCC7pppRRRpwki3rm7uMkVq3Qlzb0adeAOhe9z6:likkm7udJlzYadeAa","tlshash":"a49119ab8fa447e2cfddd19613f4902e9dc28e819cecd07d9cce8049255c3994b2c9d1","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:21:00.170671Z","times_seen":15,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/slick.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.216Z","timestamp":1782872428216,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/slick.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 483\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1776,"size_decoded":791,"mime_type":"text/css","magic":"ASCII text","md5":"f38b2db10e01b1572732a3191d538707","sha1":"a94a059b3178b4adec09e3281ace2819a30095a4","sha256":"de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5","sha512":"c11e283612c11dfeec9a3cb42b8a2acdd5ae99dfabe7ffba40efef0dd6bbe8c5b98ae8383d3eeff3a168124c922097eddd703401ee9ac6122f1ebab09bbf7737","ssdeep":"","tlshash":"c931294845b389468416808d5fd7ca6d2bfff0130829e199ba8d1306cfce7d8a9c26b2","first_seen":"2023-04-05T08:37:21Z","last_seen":"2026-07-03T18:56:14.597806Z","times_seen":69212,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/color.php?primaryColor=8080ff","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.224Z","timestamp":1782872428224,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/color.php?primaryColor=8080ff HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/css;charset=UTF-8\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":122740,"size_decoded":19211,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"0e586fb25035d16cea896ade8bf99a5a","sha1":"99837429584501c65313cc6d09f12d3d3fed1116","sha256":"46c05cc19b792df6293fc8fb9ffd089e118d511f7e05befd89e2b54023ddf7fd","sha512":"2dbea773593d74b63c8d8f2744916c403351e362476f521b57cb9de4774776aa3b3e25037928ea60b7147e8bfcc0a7547b3de25c7879fa44eb5d2669b0de8495","ssdeep":"3072:PrPk8p2FwP4VNUnFCbr8PHm+EUH/lRQRBMvZaP0W1LGzUCQHY0yjkV8own8mrkYm:PrPk8p2FwP4VNUnFCbr8PHm+EUH/lRQz","tlshash":"94c383166e612465b437d65c72dda3a8df3ca152eb07157c72da241883ca2fd022ff8e","first_seen":"2026-07-01T02:21:00.172212Z","last_seen":"2026-07-01T02:21:00.172212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/pusher.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.246Z","timestamp":1782872428246,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/global/js/pusher.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:17:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 17077\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":65941,"size_decoded":17401,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65405)","md5":"e1be14bcd111694d8e5ac59db0560aa4","sha1":"135246fffdb51a130c046f7d7f8c371ed6872b8f","sha256":"355557a7addf5ff91b246281cec6ad20f35b2ba7c44dd327926f337d6f0394e0","sha512":"c636bc7eb676353d3e6f568c9ae2dcde77c78e197dd284e253697c479e56c5132843ea93b91f6990e32787f23d5fb1dcd9edbbcf46a628d380266e976d87b6fc","ssdeep":"768:jWds216t1KRv89yz+YDN+hHW8hIEyZc+NwBuxt64CTMFPWfAfMxv3fUyaKdUTf76:Sdsg6CaLy2+cUybdIfVwApDVstxOOfz","tlshash":"2053a7c8f991b06143a7b171453f150ea33e686cb40ac0bcbb64d9e5ac7528d923bf79","first_seen":"2023-03-07T12:01:32Z","last_seen":"2026-07-03T18:32:59.099762Z","times_seen":2191,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac1043c78011672220739.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.276Z","timestamp":1782872428276,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac1043c78011672220739.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:49:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2656\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2656,"size_decoded":2921,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"f1d9456f7f074cb920fc3cf0213edc96","sha1":"0f765acfb1722b8239b784be9f27f1668a5ef3a6","sha256":"5090919e4c10050e5781852f277714b73222fe10a1fad7ffba7f56d825a93815","sha512":"b6c0c405829c67a3d8940e1474ab489709504c970e01b6602815bbb0be70c699c503101c64f0bf857db8c68486bbaea071c937b08c78c2050d41d20296fd26a8","ssdeep":"","tlshash":"f1513ce9040fe62b77e5665560cf91fb957f12c82c3a87c9c2fe177b1e021608578d14","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.173656Z","times_seen":60,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.511Z","timestamp":1782872428511,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mail.beyondinvestmentcapitals.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 02:01:59 GMT\r\nexpires: Fri, 25 Jun 2027 02:01:59 GMT\r\ncache-control: public, max-age=31536000\r\nage: 519509\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":23580,"size_decoded":24393,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-07-03T19:01:55.215792Z","times_seen":241363,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":31,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/jquery-ui.min.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.207Z","timestamp":1782872428207,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/jquery-ui.min.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7510\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":34768,"size_decoded":7997,"mime_type":"text/css","magic":"ASCII text, with very long lines (2515)","md5":"3d19e4ee62b87a9acc72844c460a769e","sha1":"5286b6bffc248e9da304b6cc2ff27b09604dd387","sha256":"e2e244bcf9402593f069a1b1947c9916e9930ca650f8604715cf07796d477bf2","sha512":"de94cd08177c2a8a56013ded0591f1924360336b50b6edb1d8b45d3823d28698266fb9954f2c1e0afa09c5eec1dd391c4252bdca09b5bd24aae136a8a13a9135","ssdeep":"384:pCwiEt7Z0/x2mGfRdu4gDftwtka91e+HhgXEEeZXGb4bOT5fyQkCmnlD95/p4b:slEtrBZyaD95/pC","tlshash":"90f2ff3066a32d1efa23c11466a11eff733b1341c8a38eefe45a395953e94e1847b971","first_seen":"2023-04-07T13:37:00Z","last_seen":"2026-07-01T02:21:00.179112Z","times_seen":20,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.506Z","timestamp":1782872428506,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/opensans/v44/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mail.beyondinvestmentcapitals.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18640\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 05:53:39 GMT\r\nexpires: Fri, 25 Jun 2027 05:53:39 GMT\r\ncache-control: public, max-age=31536000\r\nage: 505609\r\nlast-modified: Mon, 15 Sep 2025 16:29:38 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":18640,"size_decoded":19453,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18640, version 1.0","md5":"289ab8c3689e58c84c061039efc15d3a","sha1":"9432c99c4915ea17dea97eec0bbd0f2fa6ff0943","sha256":"0e44026ad31376af1b56593cd4acb4f353f8e8789c51759e18f64578e4ef296a","sha512":"4c0ea3fe4daefcd63f7337e7a8e86d169c0f4ce3543b12a69f9980a5bb598987521138454ad4df4474a1edb0fef0c38cfd2de312cb355c9c2665ea3445586787","ssdeep":"384:UubNl0SziXg7u9lPk6A/BViMAf2zAeyrmYAUXKb+cu5E0GW6o6:dbj0S2XjRk6A+MAf2UeGIUEbM4WZ6","tlshash":"9182d1454a3d7753f235a6425daef8cac2b5d42d56978c103be2541a3dff28e33109d8","first_seen":"2025-09-17T00:02:10.421759Z","last_seen":"2026-07-03T18:48:24.816168Z","times_seen":41381,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":3,"connect":35,"send":0,"wait":20,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/slick.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.240Z","timestamp":1782872428240,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/slick.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10097\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":42863,"size_decoded":10421,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42862)","md5":"d5a61c749e44e47159af8a6579dda121","sha1":"3b41b3bc956685015a347a2238e71db29dfa0dbb","sha256":"0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740","sha512":"5ed98cb4311c373da3ede92bb47bce551e22c30683ea8fc55097baf99abe1e0702b24de48f8b9241047cc1e4364158f5a343e4e8fc182e8866db4e99ccd7ee6e","ssdeep":"768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYH:EPrYdlNixEePiYH","tlshash":"e513a549d205276285d721e62105c40eb3f7fb3cba22c0e475c9d3ea646ec4896d7bfa","first_seen":"2023-03-07T01:06:34Z","last_seen":"2026-07-03T19:14:02.706109Z","times_seen":104066,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac103b79dad1672220731.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.275Z","timestamp":1782872428275,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac103b79dad1672220731.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:49:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2014\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2014,"size_decoded":2279,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"3b21032980cb1cd196caccb28058f0ec","sha1":"d548e18d45a5c9ee12b66c0e1a658fb9802bb632","sha256":"52b939f0fdeb9b7c8d9ed470e325be744a834c5db0de5d0d4b3647b019afde3c","sha512":"9ad0c970e8f817cae1a01d39a977b4a5ed10c7a27898e837de31d7b6d75cc8b2100dae4c7d71923599a20885714fdc656b4778068cfee879c5431b764e61b80b","ssdeep":"","tlshash":"de414c67d3978e0d2e0c43b6f623af4004c57aafa3103f9979665882152667f5fe0434","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.181658Z","times_seen":56,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac1060947cf1672220768.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.280Z","timestamp":1782872428280,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac1060947cf1672220768.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:50:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2014\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2014,"size_decoded":2279,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"3b21032980cb1cd196caccb28058f0ec","sha1":"d548e18d45a5c9ee12b66c0e1a658fb9802bb632","sha256":"52b939f0fdeb9b7c8d9ed470e325be744a834c5db0de5d0d4b3647b019afde3c","sha512":"9ad0c970e8f817cae1a01d39a977b4a5ed10c7a27898e837de31d7b6d75cc8b2100dae4c7d71923599a20885714fdc656b4778068cfee879c5431b764e61b80b","ssdeep":"","tlshash":"de414c67d3978e0d2e0c43b6f623af4004c57aafa3103f9979665882152667f5fe0434","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.181658Z","times_seen":56,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh7USSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.517Z","timestamp":1782872428517,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mail.beyondinvestmentcapitals.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23236\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 11:39:48 GMT\r\nexpires: Fri, 25 Jun 2027 11:39:48 GMT\r\ncache-control: public, max-age=31536000\r\nage: 484840\r\nlast-modified: Mon, 15 Sep 2025 17:09:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":23236,"size_decoded":24049,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23236, version 1.0","md5":"716309aab2bca045f9627f63ad79d0bf","sha1":"38804233a29aaf975d557fe14e762c627bef76e0","sha256":"115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429","sha512":"adb0bc6cb9b230eda5dac7396a94a9a4dba9c8ba0b2eb73f5f21a20c3ca3d14651420bc6a17e67a71b5bba624f5a4e92d55cbbb898985dcca838184f6dfb2b15","ssdeep":"384:AHLaTYDpoR9l+9cJHxkGk3kbFpW88POLvFd9EDtwntxiFyLs86d975a2sfbAh:AHLKSSD49c0SFQ1wFnCajiws86dJ59WK","tlshash":"8aa2e10a0b99e00ff53655ba7504daa0b1c554b9c3ed69a2a12115c7b4eeecbf83138e","first_seen":"2023-04-05T15:38:53Z","last_seen":"2026-07-03T18:55:43.87761Z","times_seen":52795,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":46,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-01T02:20:27.028Z","timestamp":1782872427028,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; expires=Wed, 01-Jul-2026 04:20:27 GMT; Max-Age=7200; path=/; samesite=lax; secure\nbeyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D; expires=Wed, 01-Jul-2026 04:20:27 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 01 Jul 2026 02:20:27 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Font Awesome","description":"Font Awesome is a font and icon toolkit based on CSS and Less.","website":"https://fontawesome.com/","common_platform_enumeration":"","icon":"Font Awesome.svg","categories":["Font scripts"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]}],"data":{"size":191223,"size_decoded":17548,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (688)","md5":"c7ef84f72a59dbfc6a377f984ff5a858","sha1":"f8195d5456ce59690646f0c937bc6dbb569973fd","sha256":"cae352c58a0af8fc098af916cdcdee5b499ea2ecab8e78a84ceb57742eea3885","sha512":"ee9e88f2bbc018940bf9483838dd1936d7a5e18d29f4e7c5f0e3634046fffa1c94199d30750ecd6017c6a4ff4a73a59b3e595e1a05aee388547b4adc3257ffa3","ssdeep":"1536:i3DqP44VzpYvChJpaz+wKlcrfyI8uikJWV+ptjLEbxjx:IqFpYvCbpu+wKliSuikJWV+ptjLEbxjx","tlshash":"87140ca576f18ca201af54c49a320b1a6fd5f347e44a0588babc1bd58fe2ce6fd1750c","first_seen":"2026-07-01T02:21:00.18274Z","last_seen":"2026-07-01T02:21:00.18274Z","times_seen":1,"resource_available":true,"data":null}},"time_used":732,"timings":{"blocked":-1,"dns":72,"connect":23,"send":0,"wait":585,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/owl.carousel.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.241Z","timestamp":1782872428241,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/owl.carousel.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 11139\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":44342,"size_decoded":11463,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31997)","md5":"f416f9031fef25ae25ba9756e3eb6978","sha1":"e2a600e433df72b4cfde93d7880e3114917a3cbe","sha256":"a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d","sha512":"6cfb3b01eea956f84e4a221cc940a547bfead8e02c462a2fc38bc0917fb325bc374a101e7aa7b3ab9d11208708511abb39adb4ad6da7daaf9fc9704d714f65af","ssdeep":"768:UCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSGc7UuHjRUQuFBt33:PITMFC4dbMVRSGcgRDV","tlshash":"e7137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T19:11:44.022045Z","times_seen":62522,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac0ff74380e1672220663.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.272Z","timestamp":1782872428272,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac0ff74380e1672220663.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:48:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 780562\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":780562,"size_decoded":780829,"mime_type":"image/png","magic":"PNG image data, 999 x 666, 8-bit/color RGBA, non-interlaced","md5":"9527e11cd93e7f0ec5ac9054a36ae0c8","sha1":"dd6ccd5d911190d452ffb116b0c7190af267cdb0","sha256":"b6240fdeaa15603be63d6ac1a5c80d84fe9f5351f715542042f7b4af51995453","sha512":"66a2d641ba676cda302a29458449ca4bcfaf012256c70d9094db9995a565fd0b7979b7e9f7a693455a106b3c3deac13db47e4e89b66e8c1c304272a075127af6","ssdeep":"12288:prGQnY4E4Wsy7ovzseAW7krJXIzaog1tN+/vWwESOTTLN+AYoIRJfIkTdGU4iSQO:prGoYwWbcvzsh9XIzaog4vWwESOX5FYQ","tlshash":"04f423dcc2b964f21dda21c0fc04566697359bc7e7da8063d462b528788faf8d8e3712","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.209345Z","times_seen":24,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/605aeb033ff771616571139.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.289Z","timestamp":1782872428289,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/605aeb033ff771616571139.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 25 May 2022 16:00:48 GMT\r\naccept-ranges: bytes\r\ncontent-length: 16110\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16110,"size_decoded":16376,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"f2cd4c92ae94815f67ec74b9c51b40c5","sha1":"c42dc5d129998c453d6edde4d4d1845295b41451","sha256":"ac46b9fce9e2160a98925625b33fd26e403617f58f97600e592ec3e8ebcf28f6","sha512":"bc3f6f021a21549d70764003f2f400506aa0aa7ad75fc37a74134ff489a010597159169e14a2001beb0b28bb5727b47b789995887b3421c2bb25f362067b6486","ssdeep":"384:et02UZoi/nFpNSNpFMOpX4dPlirZhdt2/ogE4jwD:Y0TFpINpFTpXcPmZhdwE3","tlshash":"9572cfae4c891a91c8e594f54cb3307f3289ac7e918529f53b3b04bcb74d7cd15ea611","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.212749Z","times_seen":44,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/images/shapes/shape-img-6.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.502Z","timestamp":1782872428502,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/images/shapes/shape-img-6.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/color.php?primaryColor=8080ff\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 03 Apr 2022 18:17:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10454\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10454,"size_decoded":10720,"mime_type":"image/png","magic":"PNG image data, 1110 x 581, 8-bit/color RGBA, non-interlaced","md5":"b01e96b3a535ddf0ddb7f82e8576744a","sha1":"e01e7a69a939fc838398344b1173ecca880b803f","sha256":"b354103c78c26fcd0825b79a96d7d4f6b818c219973500d3e2b2bcdc1dc9f721","sha512":"4aea936d5a6c25f0005c3134ffa3d5714e937041467e83c2fe2d2317e0efea75c0bfd4c01a390f19ddf0d1f5f28b0cd2e3eefea4231b826ed7ad906f50360c86","ssdeep":"192:scRqWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWm/MyLTbeYHte/o:lqWWWWWWWWWWWWWWWWWWWWWWWWWWWWWH","tlshash":"9322740f0bd5c1bff90bfb73c995210571eb31a4520d5b28706de4a3779b8aae167284","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:21:00.213327Z","times_seen":9,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/owl.theme.default.min.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.220Z","timestamp":1782872428220,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/owl.theme.default.min.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 375\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1013,"size_decoded":683,"mime_type":"text/css","magic":"ASCII text, with very long lines (846)","md5":"594b81805a98b267e47c70a8fad30d9f","sha1":"684d84ec40b305ca14efc88c91f12972cb6342b4","sha256":"924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac","sha512":"b0c5ed30d2f5cd1ce894760a12e8ccd80a822d447d1760b8ff4e5c75bc638cb491bcc40872210f090668fbe9e4ee0a3706d4ae2bd91f6bfb3e6b87f88b9a4b93","ssdeep":"","tlshash":"4d11abc5f189221d301781904aa842cb6b1e687e529d0ef5f8ee8160c22dd053a6fbf9","first_seen":"2023-04-05T06:03:14Z","last_seen":"2026-07-03T19:11:44.040874Z","times_seen":25046,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/perfect-scrollbar.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.223Z","timestamp":1782872428223,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/perfect-scrollbar.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 559\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2598,"size_decoded":867,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"6f36b1309fbbde634a5d54dd1734274a","sha1":"a94e730430930b2e048352996ff44bf28647669d","sha256":"7b6508c9e8e04de8ebfec5de2ce1c4303bc46a0a279283eff7e248c1c900a91b","sha512":"db1ce7084979cb94f986e2768429b086f56d206545d63fda354109c22fc1ce958f284cec64f1a9c273f526b20c9a33e941a56271639856ef10bc0220f61c2ff7","ssdeep":"","tlshash":"b151cfba969627c5321b569e2befe755333e00c2be47ca1cb69730c46b073ed1532584","first_seen":"2023-04-06T20:34:37Z","last_seen":"2026-07-03T12:39:30.267113Z","times_seen":2905,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/popper.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.233Z","timestamp":1782872428233,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/global/js/popper.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:17:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7212\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":21162,"size_decoded":7535,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20989)","md5":"e21a6649041ef6f5f1bf43f11946621f","sha1":"01bcaef811210de0ea58e55e47fbefd77be5c442","sha256":"7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5","sha512":"10d373506802082bb1121092294e2ac7cf5695024a2ac9ce3e5d0a83f71b8fe906c3d9b736c667ecbba5a340d73e284f1cf710f393a1614d051bf4ee21ac8d87","ssdeep":"384:kmQkLrwVOyzirV9nNbRGlB9D45HjiWZ8xpOxvRVgD75zBY5vImg3+zopL9TidOg4:vLsgyziJ/0D45sxpOxvYD73Y5v9zwL9F","tlshash":"c792a3dc3294b06643a791a7a0bf960eb2339875610e9410f19df2d97c30ef9917bc7a","first_seen":"2023-03-07T01:17:32Z","last_seen":"2026-07-03T13:58:49.476965Z","times_seen":2596,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac0faed0e511672220590.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.269Z","timestamp":1782872428269,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac0faed0e511672220590.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:47:36 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2415\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2415,"size_decoded":2680,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"819edbf7b478eb0706281bdbf442b0c7","sha1":"82ae5895b5cdc73691521791db4185660b38b51d","sha256":"9471dc9aa6b16fa61c4deeba7e0f28926acce65a8d0b7c2b8aead118276fe045","sha512":"c36d9b541842cf648277fb0a6dad20f48ae9a43718e7aaadb2e60a91a9aa67eccbf09e810278e7aa674e62ccaae755e66f8909bc1884f78f77a6d285992a2e9e","ssdeep":"","tlshash":"28415f0575057d934db4bba8e3cb29b101570792b80e1dcc2c6fac76630a471a7d4a3e","first_seen":"2023-05-17T00:21:50Z","last_seen":"2026-07-01T02:21:00.215917Z","times_seen":57,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac104f998a11672220751.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.277Z","timestamp":1782872428277,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac104f998a11672220751.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:50:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4072\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4072,"size_decoded":4337,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"15a96c8c086280ff4da105b7fe8d8246","sha1":"980f380ed22def169f16b899bbd470d91f7e2963","sha256":"59a28dbeb3188f439dc1308d438e9a0ee1823741eff924658aaf2b7d428f7511","sha512":"00de5696b340cf43c348fff283e5e83ed95a7c7de7aa9429dc17473e57d025d216bf1cdef9e4f88c711c569b2fed5458114962eb16a252118a6018154392cf42","ssdeep":"","tlshash":"8b817e5082bf18dfb833ac1f6d37a6d35412269b6834e8994213f7495196ac5cb8062e","first_seen":"2023-05-17T00:21:50Z","last_seen":"2026-07-01T02:21:00.225256Z","times_seen":55,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/admin/images/default.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.281Z","timestamp":1782872428281,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/admin/images/default.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 03 Apr 2022 18:17:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5937\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5937,"size_decoded":6202,"mime_type":"image/png","magic":"PNG image data, 1500 x 1500, 8-bit colormap, non-interlaced","md5":"a36832a1e392634b93b1f2e54dc81960","sha1":"b32a1485bf7885154e525b8ec498a1b3369e6a1e","sha256":"d4d86a697b4c4a0386df1404e02c1d9c5330a5b0a3a043695e2ee4e3911adced","sha512":"e4158e60b940377a885cd1dad7bda615a9dcd781b609b8b361568ffd7cc4140f9cd4ad45bf5e32e26fc18767efab879e8ef573f6686ac45f124d867b54fd1d05","ssdeep":"96:vJqpim7WMJKKKQaB81qxqwGAyz4dklxFu0VVVhI1PRhRPKKceUz9r:vJAtCMJXaB+V0dMFu0VVzxD9r","tlshash":"86c13c15c28ce457cebf9f3ca8f32620e23a74d1868a1c03e661b4d7567ce1d1ac4584","first_seen":"2023-07-29T21:50:12Z","last_seen":"2026-07-01T02:21:00.231683Z","times_seen":86,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/605aeaf009ddb1616571120.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.287Z","timestamp":1782872428287,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/605aeaf009ddb1616571120.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 25 May 2022 16:00:48 GMT\r\naccept-ranges: bytes\r\ncontent-length: 16848\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16848,"size_decoded":17114,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"559b9ce6a384780864adaf0d40c0d6d1","sha1":"d16e79a7116fcc9c6288b4a581eaca246ae1f85f","sha256":"5035d24e9fbf756c8a717e2f199f539c53e460f0db17c831fef5a978b4d9e315","sha512":"0720153d3cdbe8e7bbbd81df9805a285db6e30ef02eef8ee219da72e9d6ce20d744c24e6f7b85da6dbfe60655d3d499f079a2188703999e243e20f19a841eb8f","ssdeep":"384:nIwNIlO0FkjEJsSReF8kZtmVaVFNHuxUVDqsQT7Jn:nIw7OkYJR+w0Ru+ws47V","tlshash":"c372c0ccf9b25851def6149b7b3cb050e7d02d1af0b2b94961193d7e306a2fd180aad1","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.233171Z","times_seen":41,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/animate.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.213Z","timestamp":1782872428213,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/animate.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4156\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":59839,"size_decoded":4465,"mime_type":"text/css","magic":"ASCII text, with very long lines (460), with CRLF line terminators","md5":"fcb641a126ce1c2ea8fbb3efec7c347a","sha1":"c800c155b0092c11bf6087661db805037a3c52c1","sha256":"81cdaee2dedfc313ccf35708edb03491d4c79b5c7fb97563cd2400778fd04ee9","sha512":"91b86e738e884dd0d52404313b78a713386b46b97e8425546e13315de6970ddb10db6253f2d2dcdc71f6bd0519808bbdb4ecaba59c1a2c2042520bf8888a3113","ssdeep":"192:FDvQHnvHQvFpjIBz+a+pjxm7YfPZBWgQc95YKm/0kLyJgprWXhOX8yRTeVSqwMbO:FbWq7M","tlshash":"ff43ea662c91114457720b25d7de8f6ceb3ca17318226efab3c2548b8f61bac13cda57","first_seen":"2023-04-07T13:37:00Z","last_seen":"2026-07-03T01:15:48.520268Z","times_seen":1641,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/bootstrap.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.234Z","timestamp":1782872428234,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/global/js/bootstrap.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:17:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 14320\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":63241,"size_decoded":14644,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (62961)","md5":"702b3a2e879ea8528a526a970d6e7fdd","sha1":"6054beee168e3ccf3d05540b38ddd27d48c76dbd","sha256":"5ee2ebf07e7d323cf5460469dc9a1956a53c38f0003acd80f3e7db323cb4f718","sha512":"057a5092e4f2e9cb8568341a98330ba977351f58c1ebaafc5a24096eef0ba3917afe312fff638be94a18ac85181b18b67d8403aa5b381e99b48765ef607c304e","ssdeep":"768:dKD1OQYUhHVvO1Nnng76Tq8mrIIeoBAiAHFcQqK8jXLb6mH/3fn57hCQ:dG1r7CDVBUXv/VhCQ","tlshash":"d653750672a4f472059fa176803b0a0bb7362c9de506b16cbad998dd1f7cd443267f3a","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.234385Z","times_seen":25,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/logo/logo.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.264Z","timestamp":1782872428264,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/logo/logo.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 17 May 2026 16:48:29 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1730\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1730,"size_decoded":1995,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"cb7b4fca5c381cc076a340d81d8b98e4","sha1":"d881bed63d8d147896617a768099d7ade1af8d0a","sha256":"39afa6816357091867c4869c24ff9fb8f1d45605e2af632cc428ea2cdd118df8","sha512":"317525499d12add92859c150384383113b9cf4c8289c190ce6804cbbe30d417f7000d42813ddcfc7c886204ca8814befd0d11afdf799a7c386ecdd907c148080","ssdeep":"","tlshash":"a431fa866b0fe16c4fc191fb70752eb378e8fe75563441697222a78d3470996545130b","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:28:05.061848Z","times_seen":21,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/fonts/fa-brands-400.woff2","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.508Z","timestamp":1782872428508,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/fonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/all.min.css\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sun, 03 Apr 2022 18:19:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 78472\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":78472,"size_decoded":78739,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78472, version 331.-31327","md5":"0c9f225e8f69c622f681cf1ed973cc3d","sha1":"9e355abda14ee62a7987b2ba7e2e887d33337e25","sha256":"529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794","sha512":"ab6968d2e995e406148a50890cc48a0a1902c53c1f9dc97ddf76916fbf147631e3f9bd62f73d9b48a8f9060abb7fb882fc5e629f2c8567db994079fc4f4245a7","ssdeep":"1536:BJ17nTff1+TpxMqELoOpsY9uSWoknO1lIf2xP3aZHKd5:BnzgTplELoO79km1lIf2xSQb","tlshash":"8a7302dd4f7bfcc246652218c371cd37cd3ad45aaf890286e5ec663303a2e5d8966a43","first_seen":"2023-04-08T01:44:26Z","last_seen":"2026-07-03T17:47:58.868615Z","times_seen":4141,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/ubuntu/v21/4iCv6KVjbNBYlgoCxCvjsGyN.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.512Z","timestamp":1782872428512,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/ubuntu/v21/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mail.beyondinvestmentcapitals.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29844\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 01:49:00 GMT\r\nexpires: Fri, 25 Jun 2027 01:49:00 GMT\r\ncache-control: public, max-age=31536000\r\nage: 520288\r\nlast-modified: Wed, 27 Aug 2025 19:19:15 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":29844,"size_decoded":30657,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29844, version 1.0","md5":"9418887ae687a640730a62da6d5cef56","sha1":"c82ce6b645275be73a81d3c9027f540c0add912f","sha256":"3658a0717e347c1db8d80dd565584b9dc56769fbf87909c50a4a7740206ec5f7","sha512":"c700f698292446c2f7b8c6ab8d44eedc78ef1a0053faec159ef3f67d321bc5c9b0c24b8860ca15dcd02b24da947a32f2640bd00b4ba2c6729f3a7810ba441487","ssdeep":"768:8K/8hhK5wKRT6RxuABYd47Sm56257a/1MePoWvV6:88Sh3eTzABYdkR5b5SPoEI","tlshash":"bad2f160971a7d67dfe1de267811eb4f43aa36df0f515a4918da35cc231e38920b43e4","first_seen":"2025-09-02T19:57:23.466991Z","last_seen":"2026-07-03T19:03:55.507226Z","times_seen":15638,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":24,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/images/ajax-loader.gif","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.731Z","timestamp":1782872428731,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/images/ajax-loader.gif HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/slick-theme.css\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/gif\r\nlast-modified: Sun, 03 Apr 2022 18:18:36 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4178\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4178,"size_decoded":4443,"mime_type":"image/gif","magic":"GIF image data, version 89a, 32 x 32","md5":"c5cd7f5300576ab4c88202b42f6ded62","sha1":"7a1aa43614396382bb15e5fde574d9cdcd21698f","sha256":"e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b","sha512":"f0d7ada22a3eb3b2758198a71472fb240c74ce4ca09028076e23690c70b2339c6b2a40f9158dd71c52d953ef27bbcc0105b061bdc74fbb0ad0b304c7c6a04a38","ssdeep":"48:32e4MxZKDtivGOFkoajWKOwD2s4UYX034Hk4zHdwt4zeoAF5oM4JTp3uVj4gBFyj:32e4ZtyiqsdWAXWwXPF5oMcdUjVsmuS","tlshash":"e2810b9ce8a0f631c59936b78dd92d1a9adc5796ac3ccf5215986808f91f223028735d","first_seen":"2023-04-05T22:52:05Z","last_seen":"2026-07-03T18:51:12.132896Z","times_seen":43713,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/axios.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.251Z","timestamp":1782872428251,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/global/js/axios.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:17:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4756\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":14355,"size_decoded":5079,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14271)","md5":"70489d9432ef978db53bebda3e9f4c14","sha1":"f24d0bcc36027bce45c86acfba57b248edb6a3f9","sha256":"24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1","sha512":"6d94b8ed2eec3cec648d4ff806dd33ae112d5b1d32d02464844a7c21c9332be96d89f20813d10c20c4ee4ff984ce820c7b050836bb8304847f8c99db82ea27a9","ssdeep":"384:4tuDoBdyteApZXfgHH7MsMRrVkkaFW4Um6kxTF6T9eeM:p0kvRrVwWQ6k5F6T9eJ","tlshash":"eb5295ceb4a1b09747f721f0809f4a0fb2ba552a644dc4a0fa60e8e66c7552d8733f5d","first_seen":"2023-03-07T01:06:54Z","last_seen":"2026-07-02T16:14:36.799727Z","times_seen":4566,"resource_available":true,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/script.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.253Z","timestamp":1782872428253,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/script.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2860\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":21731,"size_decoded":3183,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"67c4536344791e7962a3745766741510","sha1":"89a7066b50ac8f874139f6f16bd62bcad3c0794d","sha256":"d1e6f6211ce0690e28d2372412542d09c0b7811626899a97434f293bdab0ac4a","sha512":"6c0595ca213ec4dd15b787d983e4478c41cff583ea4076a750e23797d5400fdbdbf23528c6795fc712c49768bc6d10aa5df12787976068a780663854eb0e698d","ssdeep":"384:ZCPUf7jHikc0UmW4loYlDoDwDIIDIUDEDACYYQ1nYO:ZCPUf7jHin0UmssDoDwDIIDIUDED6N93","tlshash":"8ea2fe0a68791072507b703e5fbfd6003a6a500b9d19fd60b9ac1ac41f1c76eb6f27e9","first_seen":"2023-03-11T19:17:39Z","last_seen":"2026-07-01T02:21:00.238548Z","times_seen":17,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac0f992a32b1672220569.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.266Z","timestamp":1782872428266,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac0f992a32b1672220569.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:44:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3372\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3372,"size_decoded":3637,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"b6f11f0f81ff6f61e4c98ecb0c618b43","sha1":"50be4693db6b4f45126f33624961cd2f488b4872","sha256":"83f236ad2516225942f4fde933ed63cb2aac0a75a7052da86aab3f366d2bcc3e","sha512":"9f606e7884ca2d8cea422f7252f6010ab0a9033eef0c42e5e262fd37076e694b3d640dbefedace3b1181c7cf42301299031c3ea09d8c990a33cb6b5742bcbda8","ssdeep":"","tlshash":"64616eb0abfb44fcf156c85518fb9913b476c393f59af13944904326479f5113525400","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.23901Z","times_seen":53,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/62778cfbc88651652002043.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.284Z","timestamp":1782872428284,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/62778cfbc88651652002043.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 May 2022 14:27:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7480\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7480,"size_decoded":7745,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"3d6ef6a20a9941da086a73657085eed9","sha1":"eb689b5f3c3660400a43fcac84a416fd984391e4","sha256":"dba3e95b2e63b62e0593e1aa68f7087ee24e752639566fb2e6ce0d6dfe2b6cbe","sha512":"713801480b4f31813181b13350e366c48433a86be33087c4ca96d11f1c8396c4573451dcb4da05a2d18476f59dc0014efb2d46643b28ffe556c72ca6b0bbba33","ssdeep":"192:VuN1OfQ9hgPJiUuXQ2i1nxF4c0a0AuxphSBgUlGuy2XG:M0fQnUuXQ2yz4PVAu/hOvl1yaG","tlshash":"09f1af37afe3a929c1ebbe864760f69fc058721b365e10e6e58d9e5c648504a83f01a4","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.242785Z","times_seen":45,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.515Z","timestamp":1782872428515,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mail.beyondinvestmentcapitals.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 28 Jun 2026 10:07:19 GMT\r\nexpires: Mon, 28 Jun 2027 10:07:19 GMT\r\ncache-control: public, max-age=31536000\r\nage: 231189\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":23040,"size_decoded":23853,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-07-03T19:05:09.527679Z","times_seen":175828,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":53,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/logo/logo.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.680Z","timestamp":1782872428680,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/logo/logo.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 17 May 2026 16:48:29 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1730\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1730,"size_decoded":1995,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"cb7b4fca5c381cc076a340d81d8b98e4","sha1":"d881bed63d8d147896617a768099d7ade1af8d0a","sha256":"39afa6816357091867c4869c24ff9fb8f1d45605e2af632cc428ea2cdd118df8","sha512":"317525499d12add92859c150384383113b9cf4c8289c190ce6804cbbe30d417f7000d42813ddcfc7c886204ca8814befd0d11afdf799a7c386ecdd907c148080","ssdeep":"","tlshash":"a431fa866b0fe16c4fc191fb70752eb378e8fe75563441697222a78d3470996545130b","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:28:05.061848Z","times_seen":21,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/images/shapes/shape-img-5.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.499Z","timestamp":1782872428499,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/images/shapes/shape-img-5.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/color.php?primaryColor=8080ff\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 03 Apr 2022 18:17:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3705\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3705,"size_decoded":3970,"mime_type":"image/png","magic":"PNG image data, 540 x 200, 8-bit/color RGBA, non-interlaced","md5":"720b4dde4809ca902162f67961772628","sha1":"8704ecd1a0036d051385946594be7b55ca1472e6","sha256":"3b4f6ab4d3866e8bc59e6d0dc3c166382eb419e3ad9ad8af86024751af20c4ed","sha512":"c97221f4a3509929803aff68dde588591445fc3ba873150f7d9eefcf2fc3acf8bfe7f04fb0a68e99dea0cec6851f7169de48e3c846b467a0142d3476ca7cf8f5","ssdeep":"","tlshash":"af71f8fafae27bc8541d448194f86e0543805ae9fdc16b57a89e880e145337c1fdd09f","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:21:00.245102Z","times_seen":15,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/icofont.min.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.211Z","timestamp":1782872428211,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/icofont.min.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 15410\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":92230,"size_decoded":15720,"mime_type":"text/css","magic":"ASCII text, with very long lines (65364)","md5":"9ac11e700aa00cf636e9025e995d1eaa","sha1":"50882b401740f9566f5dfcfb73fdb51bbdbf12b7","sha256":"8dd4b38de20b9d52e2b4b074a7dfc263376af09c0b2d7891c57dee8facf4ae13","sha512":"6c024514385cd8b571a288cf66738f5e9ede1f58df589a5065168125f22e953f60e3c49fe664b3b90b5b3cb42a1ae1299088ad431d524e545e7b2a7f5ffa2285","ssdeep":"1536:jVN69xXFF7NJ0H3ZuRW5x3IE3+7IIQinB:jy9xXFKuR03IsSIIQyB","tlshash":"1d93c6a4d78a55cd7b32cc0aa385a628ec96fd33c5e10e21f01f951d18f7626a3c5b78","first_seen":"2023-04-07T13:37:00Z","last_seen":"2026-07-01T02:21:00.246271Z","times_seen":17,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/jquery-3.5.1.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.230Z","timestamp":1782872428230,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/jquery-3.5.1.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 30282\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":89478,"size_decoded":30606,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"b61aa6e2d68d21b3546b5b418bf0e9c3","sha1":"9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7","sha256":"f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b","sha512":"5882735d9a0239c5c63c5c87b81618e3c8dc09d7d743c3444c535b9547b9b65defa509d7804552c581cb84b61dd1225e2add5dca6b120868ec201fa979504f4b","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvaks:/Yh8eip3huuf6IidlrvakdtQ47GK8","tlshash":"3193f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-07-03T15:09:53.952187Z","times_seen":17213,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac10576a5051672220759.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.279Z","timestamp":1782872428279,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac10576a5051672220759.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:50:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3264\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3264,"size_decoded":3529,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"96e98f63655d8f159233a27701214b3c","sha1":"86fc6a220965a66a512c8b2eaaf8f43a93f8865b","sha256":"33a7cb28c0f7e3e802b2722440f1b0874561738dec67ff3cde0f2e3f3008df83","sha512":"a906ede81b289485e1d272e10e980adafbb781fcb6424a7b0c7bd3b418a5f04585a9e6d992a47b97e529b251fbe710f4c700fd1df687bfa0cfd47e9e47e6cd4c","ssdeep":"","tlshash":"1a619dc83cde6c0a8a97f19f222b2bed26b3f4d6121d0c31c311f6169980d5d003f514","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.248556Z","times_seen":51,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/fonts/icofont/icofont.woff2","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.505Z","timestamp":1782872428505,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/fonts/icofont/icofont.woff2 HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/icofont.min.css\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sun, 03 Apr 2022 18:18:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 537868\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":537868,"size_decoded":538136,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 537868, version 1.0","md5":"50a4ab76e700a83e649be213f820fbbd","sha1":"28ad9e9ac82f86c50eb4dd3d713a0698473bdbb3","sha256":"242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1","sha512":"e698f438120cecf681411fa628412d1130e02637c6f76831db8d9c26ea1f4993eea86ce8d4c3477a63229f98fc23d53106158a4f6e70bcc8e61a7d154bdc4ae4","ssdeep":"12288:4Y98HRgVm/SfjXnb1lAPe0RUHw530XniGHpd2J+fCxN8GzOgqWcd1pIU4:39Y+jXb1ePeCcXisd2of6iRI7","tlshash":"c1b423e10192499e2ca4825ced35afa481e7cff938bb73616f97dfd0549972a84800df","first_seen":"2023-04-14T08:39:51Z","last_seen":"2026-07-03T13:58:39.421934Z","times_seen":6467,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/ubuntu/v21/4iCs6KVjbNBYlgoKfw72.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.513Z","timestamp":1782872428513,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/ubuntu/v21/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mail.beyondinvestmentcapitals.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 34924\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 28 Jun 2026 10:08:14 GMT\r\nexpires: Mon, 28 Jun 2027 10:08:14 GMT\r\ncache-control: public, max-age=31536000\r\nage: 231134\r\nlast-modified: Wed, 27 Aug 2025 19:19:11 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":34924,"size_decoded":35737,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34924, version 1.0","md5":"4a8b9af22b314f408f66a17f71e28908","sha1":"6b5600d84c178cd28b23b583bbcaa4eb12efff25","sha256":"dabae363ac0ae6c3b2a137a32f7132b42520a8af252f87aa6c2198f2a79cf91c","sha512":"17dbf975ba4d4a818f25bb52dfdec52ff0ad6291c37981bce0313075c13751180a30ec81db40e1b2092a92e9491d275fa253e879e3e62d97ba235295da4ddd74","ssdeep":"768:C4rzLlWA+tpuAdMEUDz1whQjKgz63b6G8tWbxfw6abvdNwGFbML:xz+/uAdMEUDZKYI3bqtMY6WvkGFML","tlshash":"e3f2f1d39beb766c5e3fa89c32b3d2653969580430737119b0a2674842e274c56e6d03","first_seen":"2025-09-02T19:57:23.465236Z","last_seen":"2026-07-03T19:03:55.501953Z","times_seen":19844,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":38,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/ubuntu/v21/4iCv6KVjbNBYlgoCjC3jsGyN.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.516Z","timestamp":1782872428516,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/ubuntu/v21/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://mail.beyondinvestmentcapitals.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30508\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 03:03:35 GMT\r\nexpires: Fri, 25 Jun 2027 03:03:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 515813\r\nlast-modified: Wed, 27 Aug 2025 19:19:15 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":30508,"size_decoded":31321,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 30508, version 1.0","md5":"c6bd3f0bf07f006f394988f7ec53b24d","sha1":"1ed27190e58308bbc4f0f14339c9672e841ff42a","sha256":"428ec293d3b79af16abdca704f630c6c951744f572eddbc80e970bc9a94a33d2","sha512":"c60a4f61b6c53f44c53f3c58e19c67ecb04f01f21656ebc27e4f8f26288e75367ea598420086da791f0e840e14b5979e3a773d32748a39e688ee1cc563e26e5a","ssdeep":"768:LvTtYZduSuUagqNr6VTkl6yuwBNFOHqAr5OO8t7:LvJaBt9qNr6V4syuwrFOKXO2","tlshash":"e0d2f15cfee3912e549bcd70befbcbc08c836d251cd579ac2ecd424649a78883909667","first_seen":"2025-09-02T21:16:23.972354Z","last_seen":"2026-07-03T18:05:09.734489Z","times_seen":10675,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":51,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/images/flags/currency/flags.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.703Z","timestamp":1782872428703,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/images/flags/currency/flags.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/flags.css\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 03 Apr 2022 18:17:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 78853\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":78853,"size_decoded":79119,"mime_type":"image/png","magic":"PNG image data, 256 x 176, 8-bit/color RGBA, non-interlaced","md5":"f5b212817cdbcc5081276507371ce9a8","sha1":"257a9e008a4b7c45408d5186f665226600c5633e","sha256":"741d041006cc84ccbd1e919d25e1474ff78865857cc2ad4ba7485683481087c2","sha512":"531b23bb35722b9a83330b6c30579c76c55705c004f382fd8921b6452921cc29e3c1fc6b9ffde2104add332f4715ad986133034b1c6e6f7a386a8803d9d3b6a3","ssdeep":"1536:1Y8IMjg1tD1NxXJ1SVkixwuxIEh4KhAXA+Bet6FEb:1Y1MjgrD31dmHmErPBa0","tlshash":"a473025929f2b7ca771a889464fc6728fab73ac8c565c0c9000dc5c62b46f87bf553a4","first_seen":"2023-05-23T15:21:17Z","last_seen":"2026-07-01T02:21:00.251396Z","times_seen":372,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/modernizr.custom.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.225Z","timestamp":1782872428225,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/modernizr.custom.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3547\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8489,"size_decoded":3870,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8296)","md5":"e7499c5d8505eb7b8491d57535e626d8","sha1":"4082a467c069917a1bf0788a633809f9b92a1b72","sha256":"b80ac06974a5ff61f944f0f7fe3ccff1e38510f24243b0b25fd050ba608beeb7","sha512":"e4b542b9c19bb9c88fb251ccf849eb9030efe6122c7f5955b53873e718f22d26a50393a2220505b7020ddb967f29eb31b64230a3d782030db85aa962f5986a77","ssdeep":"192:Iwf7l2TmZyeKQob1dHYPeIny6L8LDDhWwpy8b7z:hf7l2SZyeKQoZRY5y6SHh1pz","tlshash":"8d02b6c87642f216879710ba907f410bf279e8aab84c8d50e045d9e8bd709b8467bf1d","first_seen":"2023-03-10T08:40:48Z","last_seen":"2026-07-01T02:21:00.252422Z","times_seen":94,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/63ac1031952101672220721.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.273Z","timestamp":1782872428273,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/63ac1031952101672220721.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 28 Dec 2022 16:49:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1737\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1737,"size_decoded":2002,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"f83985c9f0402352631ba09895c4c295","sha1":"01b4d1cb3f69d00c383537505e7747ec0b134951","sha256":"aeb2cb1ff1bf3b94473ff042fe02056a710f104019fd9fc3e0ca1af8e10437e5","sha512":"4a53e0ad0a636b4a891ca0662888807437da9e218c516f5a9dacf02667c2106b3f2cf2e6eaf6adece21d203df287c0f5f1d7e09bd8591f6ec9c8e90c539c580d","ssdeep":"","tlshash":"5a314ad652872cbbeb3f6848600f10951c0ecad9dd3a3908d109d6a3968933d3c0ee33","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.253435Z","times_seen":57,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/62e7df341d6fe1659363124.jpg","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.497Z","timestamp":1782872428497,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/62e7df341d6fe1659363124.jpg HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 01 Aug 2022 19:12:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 829580\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":829580,"size_decoded":829848,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 2880x1800, components 3","md5":"e3bb44485825a1fa717425062265c12d","sha1":"b03405d65b5d8fd4519d90d1e24732ef172534fc","sha256":"cc85bff67f9bfc6687b7a9a1ad4c24da7f37dc82f8cc64f4c7b3a2766cd93e2e","sha512":"d781e4813e9fb6c89ae5b75344497fd4df5d36b0631ce8026711bd66a481c89e4346cd00b2c5397bd0414cd83e8e72158b792ea5b028e7e3bd28db376d76185c","ssdeep":"12288:gQV3WDPMvv2NB1VLoB4+TtkaFeVNDBikJ/QbyJ+9ONuc/YMYKG/EPnpsw/NIJmH:REyONzdosasVNDBikHN75GpwFbH","tlshash":"750533cf504681c7f686187a4ad910fd10876aad90057a8cb5f3afc37a242fe30657cb","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.254479Z","times_seen":28,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.202Z","timestamp":1782872428202,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 01 Jul 2026 02:20:28 GMT\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":1025,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-07-03T18:32:59.151835Z","times_seen":50174,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":48,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/slick-theme.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.217Z","timestamp":1782872428217,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/slick-theme.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 765\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3158,"size_decoded":1073,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"35cc771e2ae0417bee7deb479f1f2c92","sha1":"c0493704bf84b472d438be38bcd626c4528b6586","sha256":"4f8fb0e23ba6eab72a9870e13f9efdabd39edd8db83e01d30134ce9f7d9944ec","sha512":"94c07e44c8424d9df1f2e7255df2edf2b283421f12b55866ac3d7189c5556bb92734a2d0b592cb4ba2f0c0fec8334068963feeee51664decae914ea7efae0989","ssdeep":"","tlshash":"4251e09856b3b742101694943be7472477cb70131629d8acff95638d8fcd0d8ead934e","first_seen":"2023-04-16T17:31:58Z","last_seen":"2026-07-03T03:16:49.034379Z","times_seen":1362,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/owl.carousel.min.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.219Z","timestamp":1782872428219,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/owl.carousel.min.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 915\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3351,"size_decoded":1223,"mime_type":"text/css","magic":"ASCII text, with very long lines (3184)","md5":"b2752a850d44f50036628eeaef3bfcfa","sha1":"fba46353cf90450ef3d362a123f1e7af3e8c561e","sha256":"521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc","sha512":"b52dd2e6a1b40658674113b2257bcd8de10ce14a4c5c7ad07d31a66d0d602a67a50b195210151ac614418ff1054f3a5b3f84554aba448a46e6749a1b0af844de","ssdeep":"","tlshash":"9161bbe5314a225f480f83121dd81e86393dcc52d8660a5a92bbd71447dae6d213ffcf","first_seen":"2023-04-05T13:49:19Z","last_seen":"2026-07-03T19:11:44.013449Z","times_seen":40553,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/6059d2c2654921616499394.jpg","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.501Z","timestamp":1782872428501,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/6059d2c2654921616499394.jpg HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 03 Apr 2022 18:17:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 78546\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":78546,"size_decoded":78813,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 960x500, components 3","md5":"4ce662585645c1772bfd908a9f01765d","sha1":"c99e6d18f177a3845be455a7b37521e954fc6139","sha256":"74ab27ff26705f255b3e8a0899536ea65926259828af73b40e67eca2c87554ae","sha512":"c0ed6eaf535f38ba43d3ad2a0e4e59cec6c2aa189b44fcc1a2921ce594d5c915dc4b11afee16acbcdc88e95ab51ffb8848c8f5027ee67b45b634d825230c0149","ssdeep":"1536:NxC+gmXquOI7iqAOco21Q+VC946QqvJYc+VGB41ZcVoNiJXeQy6j:vgmXmeAOPg6Sc+uBV/M+","tlshash":"637302dd68b6cff1d9670dbd20270ebc37c62a365faf63af61de09241a48414283694d","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.257231Z","times_seen":17,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/global/js/notiflix-aio-2.7.0.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.235Z","timestamp":1782872428235,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/global/js/notiflix-aio-2.7.0.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:17:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 14905\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":91821,"size_decoded":15229,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65351)","md5":"8af26288f542ff1238a4594619c8e756","sha1":"32b1c52b33deb139c704b9af9b22ce7ad8d7b67a","sha256":"4755591f914733379059fd738192be747a78c20dd681087108b205896423d792","sha512":"d290a936aeed461c4da6a72607b93140f28df7b210fb093fbd6699918100ad51152f05a5f498e97ff3d102243f7cfa393d198bb9d8213a1fbecd4fda8908a9f7","ssdeep":"768:967T2Zhtifr2SNf4zlNkdFEiWjDDVv5c4JEwn2BaHNr5NvD4UcfidUC8b8wFwBPg:IUigRc43l74Uhq8dUtpBJgMPum","tlshash":"3a93f9eb5140111d82178be36bce4548763ab896b1160cdeb3b82c2a87d5bcd17e772f","first_seen":"2023-03-10T22:21:03Z","last_seen":"2026-07-01T02:21:00.259132Z","times_seen":143,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/js/jquery.flagstrap.min.js","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.239Z","timestamp":1782872428239,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/js/jquery.flagstrap.min.js HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 03 Apr 2022 18:18:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3405\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7449,"size_decoded":3728,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4358)","md5":"f88337f2499c12f689630bfac328c9f3","sha1":"857763052335b4ca57331755a6ea7d2dc92670b3","sha256":"f09afaed8fc889a576eb770b4deb8b0ac6531ec9c12239a7d7200f031fd2697a","sha512":"bd2d02a7980d67f299893b880a1e392cfd7f66eedeb29490cc92ee324ed68e67c65fbfdd1282526770dd7cc5155e0386dbf9211d8ceff2353335ac0141ce19b1","ssdeep":"192:+yIEoFjGXgUXUGTyroZ487wlIH2cyrR3POXwAQhT2:+coFqLX5Tyrq8lQyrR3POmhy","tlshash":"e0e1c80ce231123ec6f586beb4db2a62f43a91168124d8739a6f89bc0b15cc76176d77","first_seen":"2023-03-07T13:10:50Z","last_seen":"2026-07-01T02:21:00.260767Z","times_seen":54,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/content/62778d06d1a991652002054.jpg","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.286Z","timestamp":1782872428286,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/content/62778d06d1a991652002054.jpg HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 08 May 2022 14:27:36 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2910\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2910,"size_decoded":3176,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 88x88, components 3","md5":"e0c47c74032cbb77c34ac14f3753082c","sha1":"5137b004344fe7a5f714eed2df576c18e6445f65","sha256":"2561ea14fd52bbc03c9359b05b260232b1d88295457bd00a1c3e82d302f4acf6","sha512":"7bc376905734be7d374ef33b1eb2f240c670efd5fcd66cda3f82c2bf82eeee4a8b47ff6b82070d4252caf5615e096e0444dad42464df4172e06b73b817c18be0","ssdeep":"","tlshash":"73511a1aeb91cbf0fc4bf0a584473de6e6ee8a413048454d1ed480a3ca64eb55dcc55c","first_seen":"2023-05-23T15:21:19Z","last_seen":"2026-07-01T02:21:00.262237Z","times_seen":40,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/images/shapes/shape-img-2.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.498Z","timestamp":1782872428498,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/images/shapes/shape-img-2.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/color.php?primaryColor=8080ff\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 03 Apr 2022 18:18:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6210\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6210,"size_decoded":6475,"mime_type":"image/png","magic":"PNG image data, 350 x 270, 8-bit/color RGBA, non-interlaced","md5":"1b1e81b890fb7684fed6a0b477048359","sha1":"a90d188fae980265e661fe07796166d79ef3e8ad","sha256":"c2422fb72cca72f20284bcc15c8e0dc3a419c5d7b333da719b062b255b7b68b8","sha512":"a558cd86930bcb9d28296285fe24074a984875ec95455dd50ea512ecf05b05db57ea6e2ed1b9bd980c642b0f7231c3e74fd8b269a531ccd047a316a44fd77540","ssdeep":"192:8IIHUCD4waUuCjrbDM2XM2XM2GXM2XM2XMb2qs14GrhsxeK:i0w3fzy4GtsgK","tlshash":"24d1494bd602a74b3c6139aba1f25196e6339d9491b2ef07f4cdc8063c20564ed29edb","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:21:00.263573Z","times_seen":15,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/uploads/logo/favicon.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.682Z","timestamp":1782872428682,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/uploads/logo/favicon.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 03 Jan 2023 18:17:30 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1730\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1730,"size_decoded":1995,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"cb7b4fca5c381cc076a340d81d8b98e4","sha1":"d881bed63d8d147896617a768099d7ade1af8d0a","sha256":"39afa6816357091867c4869c24ff9fb8f1d45605e2af632cc428ea2cdd118df8","sha512":"317525499d12add92859c150384383113b9cf4c8289c190ce6804cbbe30d417f7000d42813ddcfc7c886204ca8814befd0d11afdf799a7c386ecdd907c148080","ssdeep":"","tlshash":"a431fa866b0fe16c4fc191fb70752eb378e8fe75563441697222a78d3470996545130b","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:28:05.061848Z","times_seen":21,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/images/shapes/shape-img-4.png","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.500Z","timestamp":1782872428500,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/images/shapes/shape-img-4.png HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/color.php?primaryColor=8080ff\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 03 Apr 2022 18:17:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4264\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4264,"size_decoded":4529,"mime_type":"image/png","magic":"PNG image data, 350 x 420, 8-bit/color RGBA, non-interlaced","md5":"2d3cc862cdc9a9b1a9f1e56bd5ab9840","sha1":"3e73d35e776f5ce934f00412d3e7a50e4a5e45b6","sha256":"e0d884cb869485e10936f7f8c269ecc5df57f453142a0f42aea62a21d4b57ea4","sha512":"bd5c5015842030999a0ea2a2752f813af6b0229c89cbecaf4798e74fd908c295b5b64a025ce8c1b3837ecc337bba705e8417ca8e38bf4a1d07270e7f97ba1ef7","ssdeep":"96:9BNTKE4pkyHSa2XM2XM2XMXM2XM2XM2M2XM2XM2Xi2XM2XM2VUChGpet0UnUMQ5q:9rwy9XM2XM2XMXM2XM2XM2M2XM2XM2XH","tlshash":"51910c1bc75b474bbe367d8b92e61182f3232968c4a2da97e0cdac06685b319c814cc7","first_seen":"2023-10-13T02:20:19Z","last_seen":"2026-07-01T02:21:00.26497Z","times_seen":12,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/flags.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.214Z","timestamp":1782872428214,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/flags.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 927\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":18277,"size_decoded":1235,"mime_type":"text/css","magic":"ASCII text","md5":"31e3a7055a7e2f0cd6b67e7a3a825b94","sha1":"37935d7cd5056024b5fbd27e4d50717041640ac1","sha256":"70649294f9b712bce6861fff134de33155a99167299047c4917962a2e2f2657c","sha512":"2ab28ee1689b8acef3a65d5ab7d67a60e8b16a5acab8f10e24371c58944b0789843289e951db3fe40c7e22565f4b1c988d4907eb7f171eaedfc1068a3e802ddd","ssdeep":"192:ACXmculEMtxfSOheqq81818y8H8n8x8J8W8r8H8a8J8QV4fAr5mj:ScMtxfSOheqrmmjc8KyPocbyk5mj","tlshash":"1882183c8bd12d9b7a3f9310797c564417b6b081eb360eac1bda7f981ad25934532fa0","first_seen":"2023-07-14T20:13:25Z","last_seen":"2026-07-01T02:21:00.268771Z","times_seen":17,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.beyondinvestmentcapitals.com/assets/themes/deepblue/css/radialprogress.css","fqdn":"mail.beyondinvestmentcapitals.com","domain":"beyondinvestmentcapitals.com","tld":"com"},"ip":{"addr":"86.107.77.57","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.221Z","timestamp":1782872428221,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.beyondinvestmentcapitals.com.assets-capital.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 14:15:21 GMT","end":"Fri, 14 Aug 2026 14:15:20 GMT"},"fingerprint":{"sha1":"8C:8D:55:07:68:C3:DB:45:4F:BE:39:DF:63:88:7E:49:43:88:24:71","sha256":"7A:AD:2D:21:EC:0F:55:D0:E1:FD:C4:A8:E5:9E:5A:09:F8:75:D3:90:8B:30:FC:54:EF:CA:15:1A:91:B5:EB:F3"}}},"request":{"raw":"GET /assets/themes/deepblue/css/radialprogress.css HTTP/1.1\r\nHost: mail.beyondinvestmentcapitals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6ImpJUS9vK29mTXVWSEhVZ0hwOVpoelE9PSIsInZhbHVlIjoieUdvYStGTDlkMnFadEc0VnUvTGpHcnVOZjlOek9zU3pJaHlkVERNR1ZWOXpXeXBCR3JDWnFuYWJ4V01LelVIVnBMck5Pc2NTRmVZQ0xNamlweDRBTzkra2tBbWEvWlUrYzFySDRJb0RpcnJtZHNBTWVZYW5SbktsbitCdEdobS8iLCJtYWMiOiI3OTY2N2Q4NTJiNzQ0YWU3NjEwMTE5ZmJmOTcwOWJkMDc3MjkwYmY3OTFkZmI3YTcwZjUzMDcxMmE0OGFmOTcxIiwidGFnIjoiIn0%3D; beyondinvestmentcapitals_session=eyJpdiI6IjNNRWxiYUFLQktYQ29LSlNFdHZnaXc9PSIsInZhbHVlIjoiZXVJRXl4aWxYWGR1ZFRtV2VWc0M5SWVCOG1xWTdTSUxXMkU0TkRQdHFUaXprMW9DQ29tQk5mUVR5MWZYWFdQc0NKalBhejQ2K2xGNWhUU25XYnNqTVVKNVljRXUwZW1LSG5oZUl5Wkh1bnNxc3J6OXdsVHg5bGdYUi8xZG9TRjciLCJtYWMiOiI2MTkwNWZmMDYyNzcwZmQxMTU2MTQ2NDJjNzU2ZTUzZGE2ZThkZmI4ZjExNGQzNGJiNmUzZDE3ZmQ2Yjg4ZmNjIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Jul 2026 02:20:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 03 Apr 2022 18:17:52 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 377\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":916,"size_decoded":685,"mime_type":"text/css","magic":"ASCII text","md5":"48bb6a1ff931c21249aa71b9932a455e","sha1":"bad70d238854a0a4da896a852e63c277b9a4bcdd","sha256":"cf0717a1b0d2a0ccd1d2023b0029cb48eda9eef96b7a57bef3658924ca8118e6","sha512":"d0997772cf4efeda66d712f6c65e446ab625419752f185f20f10a9805251233346477b8eb2755997b00676057c3330bd2e3bb8830e6bf65fa1d0560f208c1fb6","ssdeep":"","tlshash":"c4116f215ae6292c745184ffdb363a2a36173077274faa507d59c038df8439a48b3bdd","first_seen":"2023-05-30T04:41:43Z","last_seen":"2026-07-01T02:21:00.270937Z","times_seen":36,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-01","alert":"Sinkholed","trigger":"mail.beyondinvestmentcapitals.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900\u0026family=Open+Sans\u0026family=Ubuntu:wght@300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mail.beyondinvestmentcapitals.com/","date":"2026-07-01T02:20:28.205Z","timestamp":1782872428205,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Lato:wght@300;400;700;900\u0026family=Open+Sans\u0026family=Ubuntu:wght@300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://mail.beyondinvestmentcapitals.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 01 Jul 2026 02:20:28 GMT\r\ndate: Wed, 01 Jul 2026 02:20:28 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17493,"size_decoded":2668,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"ac15ddd7650025295ee522acdb0bf8cf","sha1":"4ac5304d1edc2d58618e835dc60dd70dca3115ac","sha256":"c7ef1ebb012b727b05c3dc1443f34ac1e8cf4c35c348faa9be05aa6b9397f9b1","sha512":"226f0dea0f025899faf041aae91f6315167e5952ce0d540f85cff17bf3acd992f3e87ca36736648e189f41e5a70b0206df151028aebb2b48cf0d5105dedfb4bf","ssdeep":"192:NRIu71D5Mp7629KkjzFXCNqJCbqGIwV4jRlY/bRA3HLg3bg8i5xq7eMVDUn5ZKd3:8l3sqY4I2aJl","tlshash":"fa72eb92045b9404eb470cc223cfbf36ee4f61516444c5baaffe18c8acead295366b5d","first_seen":"2025-09-22T10:16:22.959783Z","last_seen":"2026-07-01T02:21:00.27184Z","times_seen":41,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":14,"send":0,"wait":33,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
