{"report_id":"35f26d36-f5ca-40c0-93b2-56767c650c8f","version":6,"status":"done","tags":["phishing"],"date":"2026-01-07T00:34:28Z","url":{"schema":"http","addr":"argen-tu-s--argentabelg8.replit.app","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"title":"Home | Login","dom":{"size":70317,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (27534)","md5":"10a5e1dc10b46cbeaeda8b084c3c6649","sha1":"f4ea34eec796101146bd133f1fb8d50fc2aa6b2a","sha256":"3e9fedd21df99a9dca94d5d8ea1a3818bfeabba048219d10a164a639dd245c45","sha512":"dff25de947394d51707da98b050ed19249d2a2dd54798bc87fe0743d78a0be2d786f1a11283e46be84cbfee506801aaa38c88847bf308e5f9ec88148c2d071a4","ssdeep":"1536:RUmSmemSm8mSmRmSmNXmSm4mSmkmSmewspOO7BWlldYd/YgOVaOaMdTnrhYd/Yla:Ubh7BWbzDdvJph3vMZT","tlshash":"7c631a9d70a214b64a234b9553ee272c71390966ec068c58f59f052c2fd6ef8e3873b7","dom_hash":"domhashe922869c93ac1c79295926e6176aa16c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"argen-tu-s--argentabelg8.replit.app","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T00:34:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"summary":[{"fqdn":"argen-tu-s--argentabelg8.replit.app","ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2021-04-16","domain_rank":0,"first_seen":"2026-01-07T00:34:28.472912Z","last_seen":"2026-01-07T00:34:28.472912Z","alert_count":28,"request_count":28,"received_data":626630,"sent_data":22833,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"replit-cdn.com","ip":{"addr":"35.190.3.23","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2025-12-09","domain_rank":0,"first_seen":"2025-12-25T23:16:20.86796Z","last_seen":"2026-01-05T02:26:13.641276Z","alert_count":0,"request_count":1,"received_data":6776,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"replit-cdn.com/replit-pill/replit-pill.global.js","fqdn":"replit-cdn.com","domain":"replit-cdn.com","tld":"com"},"ip":{"addr":"35.190.3.23","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397bbc0bae7291681ecaf2670d33495b","sha1":"fe6739af48ca8274df95be4c48cef3360ae2dd75","sha256":"d1efece99c5d2795401690dd7366e797e4750d05f61820d3a64e08059294984d","sha512":"a3b48e87ad391206b0c4e6fa1f95cc734b7ff7e3225dc349d4a27c51da182400ca748dfe3528b24c444c22dc7ab2cb356ffe64cb0d84c0d4896f48d1f3056444","ssdeep":"96:rikclEBw9I0/Kf/yNM8r2S2CTpE+KKLKsWED9mEWpOW3u10rsyhhHyqsknymv:ryKO66Kf/GM8r2S2CTpE+J+sWED9mEWh","tlshash":"2dc1c77fa3931e29975701cdbfb977543234a0a38453c82eb6ce982daf05c59d4b0b86","size":6012,"data":"","first_seen":"2026-01-03T19:17:50.361086Z","last_seen":"2026-03-12T07:15:09.457016Z","times_seen":143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4c8bbc329a3eb32db4ae73e54308687","sha1":"7d67619c20e01a7590c406e712c5a8f7afdfe22c","sha256":"b775f51f5244aa368495f06cf158f965d014a7b8415e2fa242eacab98e1ced1b","sha512":"70c8fab8701eeeb039aac9d9b768384d60cd7484da5fc0598ec397d9846c2d36c2956c78f8c58e7cc7a366f3fd103f33192a6ad60d8b132bb0cf5fb33a81c3f9","ssdeep":"","tlshash":"5f11fc69a5f61c20062eb5fab7cf5011593601b73441cb88386c4a024fc5dc423b7ebf","size":1060,"data":"","first_seen":"2025-12-12T08:25:40.169798Z","last_seen":"2026-01-15T12:04:34.043169Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"294bf59db8a35e2fbbae14fdf0718c12","sha1":"863f0f04eb53478beb1d932cd7fee4fcb4422450","sha256":"d0d9514142c3f82515381f1b380504a3b9a3a33b54af5069c3c6e91df3114ea1","sha512":"636edf7d51c4d0152a4cd0a74e749fb205d83071045393b110bec9f57ecec91b36e774b872cc511070981f76cdcfda666fbd405a66bacf01852a2e744fdb9afb","ssdeep":"","tlshash":"09a0125e12770c6b8421d4010a00c55d2f059a58044d8d08010e4841c7da6e440cd590","size":83,"data":"","first_seen":"2025-12-12T08:25:40.184283Z","last_seen":"2026-01-15T12:04:34.044367Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8cc17c5ed69db62cae3400b1479196b2","sha1":"1cb1eceb698ea07e5fca1b7187983a87a630acbd","sha256":"5b03088200970e04a4c3703b8815359b2a78d825b2515f0bcf7c4e936587bf25","sha512":"80ce04debebcba56b6a5c4134819bba1670fb1cd09713aaa204d79a230d8dff0a2ff7c6caebd9abb6891d11f3fe2249e636ad21b285744fd04fdd1d5c5f9e04a","ssdeep":"","tlshash":"cc516a5a54b10ba40fe793f53bdbf682243500a36040da4dbcfe4a524f9a9d42376be7","size":2828,"data":"","first_seen":"2025-03-08T16:49:35.601891Z","last_seen":"2026-01-15T12:04:34.052328Z","times_seen":274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f8c208e6bc8b2c08b5d4cff8262ca738","sha1":"279e790467b735b2fbf3e73788f5e01bea561484","sha256":"36c9aef1539392c83dda7aaa7d4213751febb730fdf8ae6c9f9d74b79918164f","sha512":"e0560fb98e01df34eed800234575b51930f77718f7554334c8d3cbab2f8138ba157e60bd8dd8b36397ccb559cd11248d91f9fae8d3bb502c5b48ff33cf72d31d","ssdeep":"","tlshash":"cab02b1237200410d9e65084053813041060100e7ecad012140d84040add4e14417450","size":121,"data":"","first_seen":"2023-08-05T13:44:54Z","last_seen":"2026-05-10T07:07:07.288496Z","times_seen":464,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl_files/infos.js?OTQxNg==","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0974b6380da7c9527b2d25e32e130e31","sha1":"86ee512368a72973547f50a31351035639ff4c79","sha256":"31d6c83c556571fbd4cbac36e0319c9d9b9d275fbe6c8156ce39bb4e878193f4","sha512":"53986c84be09f7ed11856e4b2ed231ece8cd2d2840b8e132b30fcd327306fc36ff91d9e3d2c171d3b08962184d38406596d4238cb23ecd0df4e581af13c7736c","ssdeep":"1536:nFto4QztfysLKyCBWx1LsI3FNx+v7rrBl:H","tlshash":"ba935cfd237449f6ae8887d81ed114d5347630bb76e8826cf64ca31b7b050e958e4ec6","size":96865,"data":"","first_seen":"2023-03-08T16:00:25Z","last_seen":"2026-05-10T07:07:07.285206Z","times_seen":455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d942723d869dd07160fefcc534e37edf","sha1":"de2bcabb79bed54689d89bea93f2815237128b0b","sha256":"bb3b5af9fc1f46da48dc74c542256931edf07db80f041ba508b357d2d5adcfa6","sha512":"114e1cc98936b3cffa46996667d901b33407221b9ed624cc28871722207133ee565f6b1a84dc81304df72a4361b52dc864e7caf4dacd108f04233e0228a9df65","ssdeep":"","tlshash":"14f090fb30a51a704ddf2abf28b94388383086172d51a842bc3c24658b60f556a7ae78","size":564,"data":"","first_seen":"2023-08-05T13:44:54Z","last_seen":"2026-05-10T07:07:07.29002Z","times_seen":457,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl_files/jquery.min.js?MTc0Mg==","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-13T18:38:00.022352Z","times_seen":6912,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl_files/imask.min.js?NTUxNw==","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"79c82646b886e08184f7b9fff25e64ff","sha1":"804b4b0f8f3443ff05833e33fb5b76780ffafe25","sha256":"8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d","sha512":"97caf35f6666149f42d615488e113902833dbf5393714ffa014b513966c65393b4ec7ad10b2edb24c17e5db4ec6745e66329badcf6ce36cffbec2b1b2d0d3ebb","ssdeep":"768:mCrttI4hZ8f0FQBUmr3ujTd5Xei7k08LH:mC39CWQBUBTd5XeiB8LH","tlshash":"81238794f2d3b0618ba26068083b230be3777a9964c4c18cf639d9d56e79e496077f3d","size":45591,"data":"","first_seen":"2023-03-07T01:07:12Z","last_seen":"2026-06-11T22:31:11.180071Z","times_seen":4752,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/Home/13_075913.JPG","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:07.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/Home/13_075913.JPG HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 40452\r\ncontent-type: image/jpeg\r\ndate: Wed, 07 Jan 2026 00:34:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 334c9fdef1439b5ddad19553e0c2492c\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":40452,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], progressive, precision 8, 496x894, components 3","md5":"95d400fe7d37886c1fd5ee80124d96b6","sha1":"88772fca026ed29524dc55987a05296244df2987","sha256":"bf078bfd476487772bd3c096b47c6e9c2ecceb26b8d68f49b35e7c8dee8b9e5b","sha512":"d8c5a1d6118e274d22293376ace720a00c3078f3d59df9a321f43a2d3e14c3d0d29e17f61ad5e49571525cbf7f7ff6729302f458fea4373a1114766ac289c9f6","ssdeep":"768:2YyCuh2hcryCmHkid2yk/8w93S2Smoyq2pPAoPp80nbUisf5UV:2O1WeCkkPyk/j3Sioyq2xR80nbw6","tlshash":"5903f132af558e83e8d74239d5a1dd13b24a673dd3530ac7ab8caa123d476448f4d178","first_seen":"2025-12-12T08:25:40.14538Z","last_seen":"2026-01-15T12:04:33.991329Z","times_seen":9,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl_files/imask.min.js?NTUxNw==","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:07.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/nkl_files/imask.min.js?NTUxNw== HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 45591\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 00:34:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 8c57fd41c60fb9bddad19553e0c24fae\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":45591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (45552)","md5":"79c82646b886e08184f7b9fff25e64ff","sha1":"804b4b0f8f3443ff05833e33fb5b76780ffafe25","sha256":"8b76b3502583edddf22df0b9c6ee640053a2cdfeaa113ceff3ea9b61d1f6410d","sha512":"97caf35f6666149f42d615488e113902833dbf5393714ffa014b513966c65393b4ec7ad10b2edb24c17e5db4ec6745e66329badcf6ce36cffbec2b1b2d0d3ebb","ssdeep":"768:mCrttI4hZ8f0FQBUmr3ujTd5Xei7k08LH:mC39CWQBUBTd5XeiB8LH","tlshash":"81238794f2d3b0618ba26068083b230be3777a9964c4c18cf639d9d56e79e496077f3d","first_seen":"2023-03-07T01:07:12Z","last_seen":"2026-06-11T22:31:11.180071Z","times_seen":4752,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-Regular.99c9a48be684203fdf57.woff2","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-Regular.99c9a48be684203fdf57.woff2 HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-Regular.cf3dcd5c9c7b91d997ba.woff","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-Regular.cf3dcd5c9c7b91d997ba.woff HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/B612Mono-Regular.4ca3415dd63e4046647b.woff2","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/B612Mono-Regular.4ca3415dd63e4046647b.woff2 HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/heartbeat.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:10.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/heartbeat.php HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:11 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: f159b27e6895b478dad19553e0c24ee2\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/heartbeat.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:22.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/heartbeat.php HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:23 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 6e8461f466e6e216470e440a016683eb\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T00:34:06.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:06 GMT\r\nexpires: Wed, 07 Jan 2026 00:34:06 GMT\r\nserver: Google Frontend\r\nset-cookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; expires=Fri, 06-Feb-2026 00:34:06 GMT; path=/\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":781,"timings":{"blocked":284,"dns":16,"connect":24,"send":0,"wait":214,"receive":0,"ssl":240},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-Bold.ff184fecf504bf1f0eec.woff2","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-Bold.ff184fecf504bf1f0eec.woff2 HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-Bold.26ccebe5aefb89e98ed2.woff","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-Bold.26ccebe5aefb89e98ed2.woff HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"replit-cdn.com/replit-pill/replit-pill.global.js","fqdn":"replit-cdn.com","domain":"replit-cdn.com","tld":"com"},"ip":{"addr":"35.190.3.23","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:07.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit-cdn.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 18:27:30 GMT","end":"Tue, 10 Mar 2026 19:23:24 GMT"},"fingerprint":{"sha1":"11:A5:83:9B:11:6E:3C:7F:79:C8:3B:91:8F:C0:FB:05:EF:C4:59:11","sha256":"05:73:F1:50:D2:39:5F:D6:4A:AD:9E:2F:C9:C0:10:FC:62:F5:C2:D4:FE:56:CC:94:1A:FF:AD:CB:16:11:33:1B"}}},"request":{"raw":"GET /replit-pill/replit-pill.global.js HTTP/1.1\r\nHost: replit-cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: AHVrFxORpq79XmXPhzR_xVCRiQsjV3Kw0NttfOmRhw4r5IVA0vQWJaqj6b3GmKDaxchgPbjBZK2i76M\r\nx-goog-generation: 1766465066685197\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 6012\r\nx-goog-hash: crc32c=5YYYHA==, md5=OXu8C65ykWgeyvJnDTNJWw==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\ncontent-length: 6012\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nserver: UploadServer\r\ndate: Wed, 07 Jan 2026 00:31:00 GMT\r\nage: 187\r\nlast-modified: Tue, 23 Dec 2025 05:00:30 GMT\r\netag: \"397bbc0bae7291681ecaf2670d33495b\"\r\ncontent-type: text/javascript\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":6012,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2159)","md5":"397bbc0bae7291681ecaf2670d33495b","sha1":"fe6739af48ca8274df95be4c48cef3360ae2dd75","sha256":"d1efece99c5d2795401690dd7366e797e4750d05f61820d3a64e08059294984d","sha512":"a3b48e87ad391206b0c4e6fa1f95cc734b7ff7e3225dc349d4a27c51da182400ca748dfe3528b24c444c22dc7ab2cb356ffe64cb0d84c0d4896f48d1f3056444","ssdeep":"96:rikclEBw9I0/Kf/yNM8r2S2CTpE+KKLKsWED9mEWpOW3u10rsyhhHyqsknymv:ryKO66Kf/GM8r2S2CTpE+J+sWED9mEWh","tlshash":"2dc1c77fa3931e29975701cdbfb977543234a0a38453c82eb6ce982daf05c59d4b0b86","first_seen":"2026-01-03T19:17:50.361086Z","last_seen":"2026-03-12T07:15:09.457016Z","times_seen":143,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":104,"dns":25,"connect":11,"send":0,"wait":13,"receive":1,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/Home/favicon.png","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/Home/favicon.png HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 1063\r\ncontent-type: image/png\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: c7aae590afb2ae89dad19553e0c24061\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1063,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c5092da771783f27b2a7a581d1cb2223","sha1":"3aa4ca1d9373da891f5b40e09f8048ae9ddbfa2a","sha256":"f5fa914217a12109a826446fc4a010eae5ab90a39866365ece6b24eb39761f86","sha512":"552e7778b33be7ce699b764796f0f81f15e82a6a2cf8c3daa32f43e894d6c109c238a62b3eaf2b3f0672b2c6b30a19497f5307bce0829aa896272937bd47b68b","ssdeep":"","tlshash":"fb11b5f2d95f7a9cc1caab11d2390470e97288c640294d4e3ff4d7d6548d9943081bd0","first_seen":"2024-08-20T11:28:01.905373Z","last_seen":"2026-04-18T15:40:48.252087Z","times_seen":290,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/B612Mono-Regular.4ca3415dd63e4046647b.woff2","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/B612Mono-Regular.4ca3415dd63e4046647b.woff2 HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-SemiBold.a16d8201b06a03c6c365.ttf","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-SemiBold.a16d8201b06a03c6c365.ttf HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-Regular.1b0809d519837cb7aad3.ttf","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-Regular.1b0809d519837cb7aad3.ttf HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/heartbeat.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:13.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/heartbeat.php HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:14 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: cf8479aae74167d8dad19553e0c240bb\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl_files/jquery.min.js?MTc0Mg==","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:07.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/nkl_files/jquery.min.js?MTc0Mg== HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 88145\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 00:34:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: edc6054ee363b8b1dad19553e0c24c6d\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88145,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-13T18:38:00.022352Z","times_seen":6912,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/RobotoSlab-Regular.6b5aeda0ff4ad271e1d0.woff2","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/RobotoSlab-Regular.6b5aeda0ff4ad271e1d0.woff2 HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-SemiBold.5708a985947a036761c9.woff","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-SemiBold.5708a985947a036761c9.woff HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/RobotoSlab-Regular.d8da8ee9a0cfad98b8dc.woff","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/RobotoSlab-Regular.d8da8ee9a0cfad98b8dc.woff HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/RobotoSlab-Regular.25b38cf89b4f06b9849d.ttf","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/RobotoSlab-Regular.25b38cf89b4f06b9849d.ttf HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/heartbeat.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:16.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/heartbeat.php HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:17 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: af21572255a9905e470e440a016687ab\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":381,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":381,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T00:34:06.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/ HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:06 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"7c9a77482d602436174be4be33638d66","sha1":"7ff17b885b7915625816e497886a4a6300329bdb","sha256":"f36b3b9da9dfb6a76817c7437d03f64ad45f0867f361c4369681d9b72a821123","sha512":"00d204aaf7335f0b28ffacc20d566396f713a66136cadbbc8e8565d99d589eb9e22f852275014ab2a9c636a1c81df2b705ab1dc1e872973ca46c467fa1bda80a","ssdeep":"","tlshash":"5ba002716e14583753726a30647a286b9511a82399080671d15959ed04bdf08c547a23","first_seen":"2025-12-12T08:25:40.155864Z","last_seen":"2026-01-15T12:04:34.008938Z","times_seen":7,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-Bold.dbb97fd982ce1b96b6de.ttf","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-Bold.dbb97fd982ce1b96b6de.ttf HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/heartbeat.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:19.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/heartbeat.php HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:20 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 536d8d41c134d523470e440a01668dbb\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T00:34:07.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/nkl-log.php HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-store, no-cache, must-revalidate\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:07 GMT\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\nserver: Google Frontend\r\nset-cookie: PHPSESSID=e091d67cca9635d6d5266c97ee411de3; path=/\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":70286,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (27552)","md5":"d5a7ae215019d2f752e002e690ad2dc9","sha1":"d3582866018f8f5d1f6aa5538b027807c7f5f2ad","sha256":"945902d6783e88df9d22b99fb4f8234f7a8c3cea4e15e320745e7b0bb21ce316","sha512":"5a8d68471d61ea25bd24de0f388688fd4ebc3284a42a25c628a8f8b334367b2392a34b223570e8211b2f2d13e3efb00448e553c369a5d5818bb6a376deea7202","ssdeep":"1536:rUmSmemSm8mSmRmSmNXmSm4mSmkmSmewspOO7BWl0dYd/YNOVaOaMZTnrhYd/YwL:Kbh7BWKYDZvuph3vMGL","tlshash":"9b631a9d70a214b64a234b9553ee272c71390966ec068c58f59f012c2fd6ef8e3873b7","first_seen":"2026-01-07T00:34:30.909376Z","last_seen":"2026-01-07T00:34:30.909376Z","times_seen":1,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":214,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/nkl_files/infos.js?OTQxNg==","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:07.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/nkl_files/infos.js?OTQxNg== HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 96865\r\ncontent-type: application/javascript\r\ndate: Wed, 07 Jan 2026 00:34:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: ab98bc8534d92e1bdad19553e0c24fdc\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":96865,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (18129)","md5":"0974b6380da7c9527b2d25e32e130e31","sha1":"86ee512368a72973547f50a31351035639ff4c79","sha256":"31d6c83c556571fbd4cbac36e0319c9d9b9d275fbe6c8156ce39bb4e878193f4","sha512":"53986c84be09f7ed11856e4b2ed231ece8cd2d2840b8e132b30fcd327306fc36ff91d9e3d2c171d3b08962184d38406596d4238cb23ecd0df4e581af13c7736c","ssdeep":"1536:nFto4QztfysLKyCBWx1LsI3FNx+v7rrBl:H","tlshash":"ba935cfd237449f6ae8887d81ed114d5347630bb76e8826cf64ca31b7b050e958e4ec6","first_seen":"2023-03-08T16:00:25Z","last_seen":"2026-05-10T07:07:07.285206Z","times_seen":455,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/webapp/static/media/OpenSans-SemiBold.3267ae658068fe839ae7.woff2","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:08.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /webapp/static/media/OpenSans-SemiBold.3267ae658068fe839ae7.woff2 HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:08 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.4.10\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"PHP:8.4.10","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7a2c9566043ef383c9e6175b5b806799","sha1":"9825b12451e21faf7d0e2a60955451b23f53a5e8","sha256":"e193f66da63e5932fa91f73762fe77bdab85c5d944c8e5062e1c5bfe5f4ae42f","sha512":"a3b6762c116d7d9f394d199e39125f40f8ddb1e8463462fc2249f4f956241d54c2d962e08f0fb10d76d16ba92c457674e110da2f7ac7a44193afc77ed38e7fb9","ssdeep":"","tlshash":"a2c02b812f19c21081c48323ccb4340c902bc0700c85de013190cc02543bbdf949ccce","first_seen":"2024-08-20T08:00:20.545701Z","last_seen":"2026-01-07T05:40:42.338727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"argen-tu-s--argentabelg8.replit.app/home/Home/main.4393a533.css","fqdn":"argen-tu-s--argentabelg8.replit.app","domain":"argen-tu-s--argentabelg8.replit.app","tld":"replit.app"},"ip":{"addr":"34.117.33.233","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php","date":"2026-01-07T00:34:07.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 02 Dec 2025 17:53:58 GMT","end":"Mon, 02 Mar 2026 18:49:53 GMT"},"fingerprint":{"sha1":"32:37:CB:6E:45:12:99:F1:58:A3:50:2E:34:37:C8:80:C1:FB:80:10","sha256":"E9:A3:AE:20:A5:17:F0:9D:80:D5:9D:48:80:E3:D6:FF:7E:5B:1A:2A:D7:12:59:BF:EA:C5:9E:8D:79:4F:DE:0A"}}},"request":{"raw":"GET /home/Home/main.4393a533.css HTTP/1.1\r\nHost: argen-tu-s--argentabelg8.replit.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://argen-tu-s--argentabelg8.replit.app/home/nkl-log.php\r\nCookie: GAESA=CqABMDAwN2UyNmQ2ODEwYWJiZjc5YjU4YmI5ZWEyNWM4NTczZTQ1YmI3NTg3NmQwMjAzNjQxOGU4NGQ2YmNmNzIzNmMwNmMwOTk3MTc3YmJiYmJiNzJiOTdiMWViOWUzYTUzZTVjMjk4ODViOTIzY2E1ZjM5NjdmNTU3NjIzYzAyZjFhMWIxYjM0NDdkZjM5YzJlYmU1ODBlZTJiOWZlNzMwORC-lYCvuTM; PHPSESSID=e091d67cca9635d6d5266c97ee411de3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 272842\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Wed, 07 Jan 2026 00:34:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 358c191cbe17d4aadad19553e0c248d0\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":272842,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"93cbbc5a3f13472c63be6608ea96dfaf","sha1":"9a0e89771c314cbfdef690acefb11970af642b21","sha256":"ce51594eeb6af5877624714146be1133728a45030c11103474c81ddf08b1b423","sha512":"e33d63ffb1d4b9c941cb1bd0e38b9aaa95ce7088a3bf951c0681bf500d56be80fe9ffa391e0851d4dad36d48516024f1651f5fb1802a31ec9155114b3d081f78","ssdeep":"1536:5nGbGKlz+bC7HqkYrUhK+KgNDeX0LdfLqMwQlJfQjShsuiLVL/fyQaaN:HgNDC0LdfLI","tlshash":"f744a602360015ffb9278d2bf0e2b54d7738ce71d05fd5aaa611a918879a38ed5b33c9","first_seen":"2025-04-07T11:11:50.759226Z","last_seen":"2026-03-25T22:59:15.033568Z","times_seen":231,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":175,"receive":401,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}}]}