{"report_id":"cf92c26b-8c77-4fd8-90c7-5c6cef4e86f7","version":6,"status":"done","tags":["bancolombia","financial","phishing"],"date":"2023-11-24T17:33:55Z","url":{"schema":"http","addr":"portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"title":"BancoIombia SucursaI VrtuaI Personas"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:59:46Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"portal-transaccional.replit.app","ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":15,"request_count":18,"received_data":493958,"sent_data":10028,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images-cdn.info","ip":{"addr":"34.199.195.55","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2018-02-25","domain_rank":528156,"first_seen":"2020-06-20 01:31:03","last_seen":"2023-11-24 03:31:54","alert_count":1,"request_count":1,"received_data":296,"sent_data":442,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T22:09:28.753168Z","times_seen":14077014,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/js/jquery-3.6.0.min.js","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-22T22:00:58.117671Z","times_seen":453515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/js/jquery.jclock-min.js","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"71722c7314fed201941f23bc1fe9604e","sha1":"1d1c35c3b25ea4056bd39ba290523e70bd2f8038","sha256":"93bf1714fd8d4cad23861f0017d5b3335f8b009f59d2bd654dcf0c29b7f36031","sha512":"f0c56d414d56bcb50a3264783781dedfb7401a553069a2d96b6b62289fb4246dc1fe601a6fdb8acd069e43c382788592ceafcc31ce799f6c1cc1025ca89ce6ea","ssdeep":"","tlshash":"a671545a243cc2d16a96bc39287f1e73c63b5d36080ae46c794fd6c5682c83f556ba20","size":3337,"data":"","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-04-01T02:45:03.74237Z","times_seen":713,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"72c849f4e961e28f1b808e494aeb74fc","sha1":"fc8dac259db80d9b7726d9879c87bf215da0c998","sha256":"e9a8b6953d544e0ecbcaceb9bf82f0d6fff65278545f11d0ee580072e52a66b1","sha512":"8a7283ddd117af134b92deaeb88909e9a434a2675d0cbc5af60ca0bfb61a7f0d228c428e75f10f29e175c05eff4762b39b5f6dfc092c666bf257c0f0ce0bba5d","ssdeep":"","tlshash":"b0a0220b203e30e32002e0ec382f0020eeb2e0bf0c28cfc0800a0880b8802380232e8c","size":73,"data":"","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-04-01T02:45:03.867799Z","times_seen":792,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/js/run.js","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"716bac2107e89f5ba284c4cb77ba5a38","sha1":"a742ccf7ef44d0a617a469b3ae494a3809fa1bd7","sha256":"5983e00dc385cb8520537f04a1cbd4db290ff87ff501efa8b016aa3bb23a6304","sha512":"fffd2c1d10050fba473767fa6769bbef8f81e20ab9c406b73443cde5c8995d2c67d6f20a80dd00b73dd96c43deee7615ee89d1f631a312bdb15e70628b0e9b67","ssdeep":"","tlshash":"ed7129f8317770340e63663c084b2f01266b7c5636145f433b5d8ab9dbe836e6522fa5","size":3452,"data":"","first_seen":"2023-03-07T21:42:18Z","last_seen":"2024-08-21T09:28:44.12399Z","times_seen":166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/css/fonts.css","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.564Z","timestamp":1700847220564,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/css/fonts.css HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 2946\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 5b38c0138afabf6e8b3c40bd8f35aa9e\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2946,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (360)","md5":"a310982fb888be050fb3ab09d40d7ffc","sha1":"b4a86966fec0a29c9bae72c1279a762cc009bf21","sha256":"f27f79e97e6af6f6003291117a51ded4ac0271248d26e5acf840f666d12d38b2","sha512":"13df75f25b4827fa911f8700005d3c48d7acfb68ea4de57f244ac720b80e3bdfaf2fc4e36dfe795ca314a19cf4a38fb696d4501a934f91e21d11b9163b7d3b69","ssdeep":"","tlshash":"e1514960d14a799345583c5733db7f244f8d286670048457a23489afecf2a6a92d6f0f","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-04-01T02:45:03.740499Z","times_seen":606,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/js/run.js","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.570Z","timestamp":1700847220570,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/js/run.js HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 3452\r\ncontent-type: application/javascript\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 5b5bf9ddf791f089d3220559e1890684\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3452,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"716bac2107e89f5ba284c4cb77ba5a38","sha1":"a742ccf7ef44d0a617a469b3ae494a3809fa1bd7","sha256":"5983e00dc385cb8520537f04a1cbd4db290ff87ff501efa8b016aa3bb23a6304","sha512":"fffd2c1d10050fba473767fa6769bbef8f81e20ab9c406b73443cde5c8995d2c67d6f20a80dd00b73dd96c43deee7615ee89d1f631a312bdb15e70628b0e9b67","ssdeep":"","tlshash":"ed7129f8317770340e63663c084b2f01266b7c5636145f433b5d8ab9dbe836e6522fa5","first_seen":"2023-03-07T21:42:18Z","last_seen":"2024-08-21T09:28:44.12399Z","times_seen":166,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/css/layout.css","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.560Z","timestamp":1700847220560,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/css/layout.css HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 6011\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 9e8a02645cc3ea762223984a17269036\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6011,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"d79ff54ee23e99717eefa849ed5efedc","sha1":"4b3b3cb93fecd13503847c3ec9f7111312fa9433","sha256":"cdd689d975f0ba98a985ee3b01090e6fba56d3cc11876587a0b6b9fb55d89b22","sha512":"9ad5ab083ce0f49a9a60087a47158198a88d76c6506c465fad9c82a321cab47a8af3bfb3c40097a141df907086f9e8e690994eebd9a024ed179689efc2ea42a2","ssdeep":"96:7GgJeJbJpJUJnGngyrA1p2ghJhJ/JNmZRYJCCuz8/Jr1GDyTXeJbE/L02jl:vWtnQG43fBeSCF8Br1GyWQg2J","tlshash":"13c1de06ea4a028bb63618a9ff366ba7ed6c4003570747717ae077229fb507d5e907cc","first_seen":"2023-11-08T18:37:10Z","last_seen":"2024-08-20T20:23:17.332265Z","times_seen":34,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/error.jpg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.572Z","timestamp":1700847220572,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/error.jpg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 5363\r\ncontent-type: image/jpeg\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 2ace637626cfbbf1747e2b3fe7d2c484\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5363,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 195x194, components 3\\012- data","md5":"845eeed3b61d4c19ed0059c42fa7fc2e","sha1":"ace747921c0b92d8451a1562759c867296c31b44","sha256":"f68c633109e951014c6c401f878be7196c8894f6723215afb18388dbbbb83f1d","sha512":"f63bd639d06fe8aeb206af7cc08ab0804ac5649e5f3ca8f782ec8f758205b15ba3739942db1229675dfdd8913a9f77deab0756a8a9fc3190a951911efaf53496","ssdeep":"96:bAo7Z4BFz9xfjt0zwZhV3aeOZ35KoF+16ALzYT7+QLQNSWQvaUhu+t2:57ZXzwZn++ZQeo7hC","tlshash":"96b17d7845bbc8b5ff62067ba15984727350fc905c68d3ef6bd419bcf9c8a828dc4044","first_seen":"2023-04-30T17:56:26Z","last_seen":"2024-12-12T13:23:44.346199Z","times_seen":524,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/js/jquery.jclock-min.js","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.568Z","timestamp":1700847220568,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/js/jquery.jclock-min.js HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 3337\r\ncontent-type: application/javascript\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 6ac8f44a2e8736eab54b49acf6aa58d2\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3337,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2957), with CRLF line terminators","md5":"71722c7314fed201941f23bc1fe9604e","sha1":"1d1c35c3b25ea4056bd39ba290523e70bd2f8038","sha256":"93bf1714fd8d4cad23861f0017d5b3335f8b009f59d2bd654dcf0c29b7f36031","sha512":"f0c56d414d56bcb50a3264783781dedfb7401a553069a2d96b6b62289fb4246dc1fe601a6fdb8acd069e43c382788592ceafcc31ce799f6c1cc1025ca89ce6ea","ssdeep":"","tlshash":"a671545a243cc2d16a96bc39287f1e73c63b5d36080ae46c794fd6c5682c83f556ba20","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-04-01T02:45:03.74237Z","times_seen":713,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/demo.jpg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.576Z","timestamp":1700847220576,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/demo.jpg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 1465\r\ncontent-type: image/jpeg\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 25656b5620ce57c543a997b31180e447\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1465,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"992039d1b794268d688a19b3563b7cd2","sha1":"9116dbfe0fe620a6351952c1053017501537002f","sha256":"61541605fc80557ad8cbc03b7d7ea64e94732198e536d4618dea0cb70191eb48","sha512":"61deb0ee1e8a821e974ac81295fa0f883ad2873fcbea69ada699dd18e34723068905c205bf72f6603fc328a63859436cbaaa5bb4cdae00d92fa5852c6c0e1a5a","ssdeep":"","tlshash":"3031b66befd77845d9fa0c31a8a10be5b302abc08e735bc93a647e15a5203c858222c4","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.350971Z","times_seen":436,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/seguridad.jpg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.579Z","timestamp":1700847220579,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/seguridad.jpg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 1935\r\ncontent-type: image/jpeg\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 580c6feea281b52d1f9cd55d23c8290b\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1935,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"1aa9d62d948208093b507e8e1439b309","sha1":"72f701f1204320b47d9966d5d0ed496a733adb80","sha256":"1800e5e993450b4f547840ccb7abf5cd1f285f6cf9784b3ec23675528a49ff8c","sha512":"4acfb26832ef8591c9013f0ac40205be89767f961b84d7219c22d96b6d513abb705f9c8ea6fc159e9236667e7c6e39760dd635518764a641c8801a1cd16b3728","ssdeep":"","tlshash":"be41192747ef40a8cbc90035093529bb3755bf46dbb043933a113f2cb804048ba5e880","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.352874Z","times_seen":436,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/info.jpg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.574Z","timestamp":1700847220574,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/info.jpg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 3438\r\ncontent-type: image/jpeg\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 9481b0c1d1f752556b8acf2ac33f6336\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3438,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 62x61, components 3\\012- data","md5":"72f07f88a708281bb165235fb88649ee","sha1":"d2e7284036b30a170dc68c2ad476d664234ed66c","sha256":"13df691e5ad1109013261983ff6272aa37353f3b28525a9e8b0b29355a1ebec4","sha512":"f04ad8b3fb72d2b4e9f9c655dd14a2e4e192fabae1965a019461fa1797233e39d0de55a333e0d2213ea42037d5ee3d4bd0516d353f9a7f2471ccf99234dec116","ssdeep":"","tlshash":"85614dcdbe248441e07e1ebde2440941d615f895f4f0875f9162aa2ff86a70d47d4716","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.348738Z","times_seen":515,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/logo.svg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.571Z","timestamp":1700847220571,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/logo.svg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 7020\r\ncontent-type: image/svg+xml\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: d76ecc1d8b35367e6a92a8ba50ed77f3\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7020,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (667)","md5":"c049dccd21049cb237daabdb645ec648","sha1":"e29af3f65a8312efd3ea4c3b66d4bd86657dde1b","sha256":"2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0","sha512":"844c7a9d9b8863e1b7b7cd5aadee4ee65f7ac48a8b4b603ca57bf18662c0d331057dc19f5c72ca69f6cabe402f20bd7cc9ad8cad7717ea17ba0d89e63f2bc24d","ssdeep":"192:T2qGoTy+MilvndjzUy+3TIq9YCdXkY/rPCu:TQKgw6/D","tlshash":"04e176ed33b0c6d06c43e7f5ca2a11f9316a68fd5bc7d69582b0ed8575502b9488ccc6","first_seen":"2023-05-03T14:04:56Z","last_seen":"2026-04-18T12:28:59.520149Z","times_seen":829,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/reglamento.jpg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.586Z","timestamp":1700847220586,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/reglamento.jpg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 1764\r\ncontent-type: image/jpeg\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 6e93107ceac6a79d9d946dc792eed7af\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1764,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"be3af886cffea048856b7fc77eaeebfc","sha1":"96c0ec1895b5544070fd9c3ff371812ea04c7932","sha256":"4d31c93eab87267a6e5e827fedd488a02c824a79ded4f00ef19f7431eaedab12","sha512":"f5e242594fe65a593da901ba2e108ab31b886661f613eed6c6d05b28f816fea2d3c0ce022c6b0cad0ffebc56c04809f129c07fbbfb9e6373367a7c16a260e7f8","ssdeep":"","tlshash":"d931b61aefb904e9eca44235696461303ba9fde151f3375f609a0e921e371f148f4448","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.355515Z","times_seen":436,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/politica.jpg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.587Z","timestamp":1700847220587,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/politica.jpg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 2615\r\ncontent-type: image/jpeg\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: bb1b5a48e6ffbd1c67c84f4c6c2215dc\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2615,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"7bb6c2ef23b43c8b8723d9e68ddf2fec","sha1":"351b75536ef2c3244b7ba1eec7fe13215990a177","sha256":"7b4d681b13b2beeab7a0dbd807eac72b762dec8e3bb18410776270a51860ac86","sha512":"1455bbe49598927606b8e3089503a1096a580119410a60043a24cb4abc9a96f7c97c6907f4faecc68b91d9ce26c68db0de4a9ef605e8b7cfe0833eb5e3e377da","ssdeep":"","tlshash":"5d5119867f3ef84af23d207f096064143b6c152299f527c4b8010551bf787a8f58970a","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.357773Z","times_seen":436,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/inicio.jpeg","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.588Z","timestamp":1700847220588,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/inicio.jpeg HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 15284\r\ncontent-type: image/jpeg\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 600365234a524864764a568ce048f67f\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15284,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 482x241, components 3\\012- data","md5":"76f9e6d544d55acfeea0a59d098266b8","sha1":"d0e998823186114e3350a35e078389909287608f","sha256":"1b02b5d9303f41b6a492a5e801b30069b2da90a4c0de9ff7e8d983bf26b54f1c","sha512":"4efd9fd07f7227e7c7062d0331a5858abac382b230128587c0dea11107081908bba1fa41232dc650cebd8249c9c2a4465d7e309971435dd549a884ef18a051de","ssdeep":"","tlshash":"","first_seen":"2023-11-16T05:07:07Z","last_seen":"2023-11-25T03:56:46Z","times_seen":3,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/js/jquery-3.6.0.min.js","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.566Z","timestamp":1700847220566,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/js/jquery-3.6.0.min.js HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 89501\r\ncontent-type: application/javascript\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 5952ec222a26fae0c57b6ecf9de51b29\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-22T22:00:58.117671Z","times_seen":453515,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/user.png","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.919Z","timestamp":1700847220919,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/user.png HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/src/css/layout.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 447\r\ncontent-type: image/png\r\ndate: Fri, 24 Nov 2023 17:33:38 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: f2cee1558affe1b8004c3b6b6619fe08\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":447,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0e3457ed5ea858d1e9287ef66dcbbfe4","sha1":"006c99b62e141ebbc69f6e06cab757995d3f7417","sha256":"75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83","sha512":"b9015382ea09da89f6d18a8dc50d07f1b3b8d740627bd276e63f5333bb478a5cb71edb556c113e2d80fd27a7ad72f7877b081c658db8efa2c89dad2960acb5e4","ssdeep":"","tlshash":"e6f023e3938a2c7c5a2885e9a9773d68b5ff0b383c0400bf9c417b2cbc1c5006b58202","first_seen":"2023-04-30T20:28:03Z","last_seen":"2026-04-08T10:30:59.621053Z","times_seen":601,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/fonts/opensans/CIBFontSans-Light.ttf","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.933Z","timestamp":1700847220933,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/fonts/opensans/CIBFontSans-Light.ttf HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/src/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 110612\r\ncontent-type: font/ttf\r\ndate: Fri, 24 Nov 2023 17:33:38 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 5b93e8dbecb328f7b3c3f5eaeb025695\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110612,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved.\\011CIBFont SansLight1.300;UKWN;CIBFont\\012- data","md5":"69096387df83ff65381f8ee25006b0aa","sha1":"89689ed7f7547a3815d9fa2d0a2c11513480086e","sha256":"decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc","sha512":"37aac063f5b5fb01f5e02497ec70e01ea7837feeb4167c5e8820cf02167445f4df90305db680568f45137de3e70c90a15bac5b723df0d83c6fdf390d0ce59d35","ssdeep":"3072:Po1/vxSHr+yjrdSiQTuicg4D47RiDEU3nlKXjY:PolO+8jiBDRiDE3X8","tlshash":"5ab37d07f353e609d41a8e381472d766f7e5b43aaf7b034b657a6539fcca5e08c2a180","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-04-22T15:37:21.592494Z","times_seen":981,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":148,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"images-cdn.info/444/image.gif","fqdn":"images-cdn.info","domain":"images-cdn.info","tld":"info"},"ip":{"addr":"34.199.195.55","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.891Z","timestamp":1700847220891,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images-cdn.info","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Sep 2023 14:32:27 GMT","end":"Thu, 21 Dec 2023 14:32:26 GMT"},"fingerprint":{"sha1":"88:93:F5:C8:53:76:D3:B8:44:CB:1E:F9:F2:4F:90:51:4C:69:12:80","sha256":"6C:EC:FC:BB:EA:02:51:A1:81:9A:56:92:6A:54:61:7E:D4:A2:4F:3F:20:10:14:4D:20:25:DC:50:0A:E9:5B:D1"}}},"request":{"raw":"GET /444/image.gif HTTP/1.1\r\nHost: images-cdn.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\nserver: envoy\r\nvary: Origin\r\ndate: Fri, 24 Nov 2023 17:33:38 GMT\r\ncontent-length: 42\r\nx-envoy-upstream-service-time: 56\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-22T22:06:32.234542Z","times_seen":813985,"resource_available":true,"data":null}},"time_used":572,"timings":{"blocked":205,"dns":1,"connect":100,"send":0,"wait":157,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/img/logo.png","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:41.399Z","timestamp":1700847221399,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/img/logo.png HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 9489\r\ncontent-type: image/png\r\ndate: Fri, 24 Nov 2023 17:33:38 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: dea1b90495cb342139f71a76fb75670d\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9489,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 521 x 520, 8-bit/color RGBA, non-interlaced\\012- data","md5":"2903c67701750d246b77ee1c1c9188f1","sha1":"028e6e88d6563e81eb77807c38f401cf5e7f2be0","sha256":"c2fd3f9e79070fdbcb7ed3270a428a6ecd22ae089ab6e573eb4dfe91079c41fb","sha512":"69d91b5ec22b115e7a04bbde1ac0a2cd5363ec43b31c2306db750fc633b09f200747134d64fa65ae08878022da83528c7dfd85e52cf8414682384e63320d6392","ssdeep":"192:RHdLF/vqjt+4Ax2zv7OSrsA115FfQXlJeY2hyPjNpD6zQc4HXht4:RNJv8tFTxsA11PfQXX+hyXDk4Hxq","tlshash":"4312aef04e8261c76e65e98c50e2bec8fef56ff71634c1bf8076656443dc25aa5084b2","first_seen":"2023-04-30T20:28:03Z","last_seen":"2026-03-01T16:00:33.823557Z","times_seen":589,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/src/fonts/opensans/OpenSans-Regular.ttf","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","date":"2023-11-24T17:33:40.926Z","timestamp":1700847220926,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/src/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://portal-transaccional.replit.app/mua/src/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 217276\r\ncontent-type: font/ttf\r\ndate: Fri, 24 Nov 2023 17:33:38 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-cloud-trace-context: 3883a33b89d4b2ad2288575e81dc052b\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":217276,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 19 tables, 1st \"DSIG\", 26 names, Macintosh, Digitized data copyright \\251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\\012- data","md5":"d7d5d4588a9f50c99264bc12e4892a7c","sha1":"513966e260bb7610d47b2329dba194143831893e","sha256":"13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8","sha512":"ce9f98208cd818e486a12848b2d64bd14e12d42d84b2e47436a3c4420a242583eefc4a9b42401b51cc204146c6133645975682e4bb5d48527b3796770efa3397","ssdeep":"6144:GLpzdD/rIJXiQTutgCNktQFvmnoxXTS4u8sl:c9FrIJJaqCNktA+SXfJsl","tlshash":"62242879b20139e6df11d4b7c261fe80281a7863a73f802b64e3477a88575cdbe53e49","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-04-22T14:08:39.654785Z","times_seen":3683,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":156,"receive":524,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"portal-transaccional.replit.app/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index","fqdn":"portal-transaccional.replit.app","domain":"replit.app","tld":"app"},"ip":{"addr":"34.117.33.233","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-24T17:33:40.049Z","timestamp":1700847220049,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"replit.app","organization":""},"issuer":{"commonName":"GTS CA 1D4","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 08:05:37 GMT","end":"Sun, 21 Jan 2024 09:01:32 GMT"},"fingerprint":{"sha1":"0E:9F:7D:5C:98:A4:F7:0F:11:D5:84:9C:A5:36:01:79:14:64:00:71","sha256":"6D:4E:3B:D9:57:99:A9:16:DA:ED:B6:BC:7E:2E:56:8D:44:8C:58:63:75:B2:B0:D1:B6:90:B8:15:50:6C:71:22"}}},"request":{"raw":"GET /mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/index HTTP/1.1\r\nHost: portal-transaccional.replit.app\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Fri, 24 Nov 2023 17:33:37 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nx-powered-by: PHP/8.2.0RC7\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6194,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, Unicode text, UTF-8 text, with very long lines (7538), with no line terminators","md5":"462a367fbcf198a5f250ce988cbf8d25","sha1":"e99c750e9e6a43d10883016c5e7696d7aa660acc","sha256":"a2ddd1ff704cc2305953b05ff407f1c7850bd6d8cd44965b9a3ba32b589eab40","sha512":"5b6fcf47f1bc3b5e290c9f20d5cf2633d4b87714a58c9c2aa382f60da3a2a2bf690ee35d0f017e1603c2aa174de5bf0f3fadf95c9e8e76a88959d98d3c631409","ssdeep":"192:dXNLV7dvRszTO/1vqDnlfNHbqvtisSBvHUxO6s:TVBvRszTO/1vqDnlfNHOvhSBvHT3","tlshash":"c9f1883a986cb12137036ba414e66d7b6697780cbf728f1433ee1a69e3ccd50cda6c10","first_seen":"2023-11-24T18:34:02Z","last_seen":"2023-11-24T18:34:02Z","times_seen":1,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":39,"dns":1,"connect":7,"send":0,"wait":147,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}