| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashb5e3163e98f6875b57e67b1afdf57d65 0c6d206d4a48d16821f98ab70b4f887a054f690a 0710e81ad4870be99b292b822a67bb2069a0f45363705d40b41350fe8ba71054
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 29 Mar 2024 06:11:05 GMT
Server: ECAcc (amb/6B12)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u9sJ4YrzQX_lqq7uQcKYBbrNoIX3LNh46BBTE-F46j-4X_y7uFfb-A==
|
|
| galiciacgu.ar/images/galicia/logo-galicia.svg | 54.237.128.192 | 200 OK | 12 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/logo-galicia.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashff34f8818d46be9a803475951ff553c5 07ecee32da83a9bb4e4c51b0dfa98e8406d02e24 6ac22257f232a796c7532ed3cdc9eea5f8f9dad45d8124c591a6001b9206aad3
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/logo-galicia.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/svg+xml
content-length: 12547
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "3103-5de5c549b26cf"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-64187909-3 | 142.250.74.168 | 200 OK | 76 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-64187909-3 IP142.250.74.168:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash73cf1427f22a70e325f6864c343151c8 dfcce6fe666cefdd9606b410fde51773cbb13499 9b16ef9847671c71989f4657ff928565793a64b8cdf527e258ce75b9c7a52380
GET /gtag/js?id=UA-64187909-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 06:11:06 GMT
expires: Fri, 29 Mar 2024 06:11:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75586
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/move-app-cgu.png | 54.237.128.192 | 200 OK | 40 kB |
URL GET HTTP/2galiciacgu.ar/landing/images/move-app-cgu.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 258 x 498, 8-bit/color RGBA, non-interlaced Hash36bc1d0741de76a14731a7a3bb347cda 7c85d7eb1e2d6c408f603e7049dfccdd653765e6 2be987531e3186de6280d70b9504c1bb8580575e0b6b337fbf95330d145f78c8
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/move-app-cgu.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 40135
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 02 Mar 2021 16:05:31 GMT
etag: "9cc7-5bc8fe75a8e88"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/saving-piggy-dollars.svg | 54.237.128.192 | 200 OK | 2.9 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/saving-piggy-dollars.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashb3692760c0f69a5d93c84d88a39b1c67 04b34014b12c9e933321cb841d6b6613ac19a3a2 2cd0c5926e4ae7184b82936eba62ca4d57f7a4948ca0cb4a59ff153ec236b036
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/saving-piggy-dollars.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/svg+xml
content-length: 2886
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "b46-5de5c549b26cf"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/credit-card-1.svg | 54.237.128.192 | 200 OK | 1.4 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/credit-card-1.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashe5de0a2da9f032552a5407e4d7c45db0 4559a9e5722b1f87331d39d994c4c717ae6b4b41 8d2c9cad8aaa54c706da774d88db83a477ea421c407c6d19058d0824947a70b4
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/credit-card-1.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/svg+xml
content-length: 1368
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Wed, 13 Dec 2023 13:01:06 GMT
etag: "558-60c63c29a63ca"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/ordena-tus-gastos.png | 54.237.128.192 | 200 OK | 672 B |
URL GET HTTP/2galiciacgu.ar/landing/images/ordena-tus-gastos.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashf580112f044bdd55a060d2f7572f6a13 8b2fab0198578775f03c235199bd2972c1846aac 8a5aed71db62c95fd9d4c9bc09e232a944b247425c0d471791e007e10f79d118
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/ordena-tus-gastos.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 672
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "2a0-5a3ba40b704c5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/hace-todo-online.png | 54.237.128.192 | 200 OK | 474 B |
URL GET HTTP/2galiciacgu.ar/landing/images/hace-todo-online.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hasha3209b555015855444e13c19f0e4e451 833e060b06b85e84845132d4c1a3e9bd23639858 901b8df1c8efd9646a2ece1ff7157c27646e2ce9530d4f1f879530872f78b0e1
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/hace-todo-online.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 474
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "1da-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/css/landing/landing-galicia.css | 54.237.128.192 | 200 OK | 15 kB |
URL GET HTTP/2galiciacgu.ar/css/landing/landing-galicia.css IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (61503) Hash96a929052aff9897099e00ba8c394376 d45fe0672875fc0ebb7a44648a03d7222ae87127 0a3aa4c45914358e96355bcbde1a70b168a712a5193c83bfbab5c4aab4f5fa9e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /css/landing/landing-galicia.css HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: text/css
content-length: 14745
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 04 Mar 2024 13:46:14 GMT
etag: "15b89-612d5f2fd4aa5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/inverti-tus-ahorros.png | 54.237.128.192 | 200 OK | 1.1 kB |
URL GET HTTP/2galiciacgu.ar/landing/images/inverti-tus-ahorros.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hash5ac3ccbc6ea622097eb50c2486f072ea aeda5c1149482dc3001dda688abecf27e3c19c8a 2d384cb8f2aa36779b7d653b710490916b4ab2c5e88cf296c9a4f6dce4440b25
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/inverti-tus-ahorros.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 1132
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "46c-5a3ba40b704c5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| | 54.237.128.192 | 302 Found | 2.7 kB |
URL User Request GET HTTP/2IP54.237.128.192:443
CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (333) Hash5c02aebc1bc59d645b12ea0060a6cabb 85946883b64566d4bd58c2ad2f015ddc8262e5f2 a8e498b79e3e371c9dfc6cecbc1b495b5ab4969c97383bf0bb160cc23ba7046f
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET / HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: text/html; charset=UTF-8
location: https://galiciacgu.ar/cgu
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InQ4VURFelRRVHJuamdWOXhhL3d1amc9PSIsInZhbHVlIjoiL2VoZThwQy9NRjV0YVpUTDBHc0pjTUxSMGlDQ1o4eis2YzE5UlJWM1RoOFB4SWhBbjFjUXZFa3RZcVEvYlZCWDJta1RRMzhSRmw5TWdHZ2dtSnFHb2xtZWtMTUthL1E1d1pRb3g4Y0ZabHhubkVWUmp4aUlmdGJ4YlBzNFErZmYiLCJtYWMiOiI3NDM4N2ZmZDg1MjU4ZjVhOWJhZThiOTBlMjMwNjM1ODIyYmVkYmY1MzBiODYwMzE4MDM1NTYyMGFmNWI0ZWFlIiwidGFnIjoiIn0%3D; expires=Fri, 29 Mar 2024 08:11:06 GMT; Max-Age=7200; path=/; secure; samesite=lax
galiciamove_session=eyJpdiI6IkkyTWExTlhsdktaTmFlOFJ4NllxTUE9PSIsInZhbHVlIjoiaERkckc3OEdsemRhQ1JQRVgveWlpNXp1SmpUbUpEdzBOSEozNk5iV21PTDFvN05ia0tySDc4SElWby9hbnNtQlVDU09MMmJDelFDSnkrVUY4OTRtOWY5alpTN3lHQVBqQzVpQk53bXMxSVR5Ull1TlRaK0VzbkU3VGVVcnNnZXciLCJtYWMiOiIyNDEzZDE4Njk2ODgzZTFkMzYxZDhjZGVhNDZhODE1ZjczZjMyMjk4MGJkMzhkNjllYWMxMzYwMmRlM2MzNmQzIiwidGFnIjoiIn0%3D; expires=Fri, 29 Mar 2024 08:11:06 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/phone-app.png | 54.237.128.192 | 200 OK | 25 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/phone-app.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 192 x 341, 8-bit/color RGBA, non-interlaced Hash46a9ca4c609739cbfbfe476e3c68c874 9a5a74bd6d0f739b650698a0be8962ff1d15c2c3 53cba88cae85d2a11fc3693a15a10c1a9d5d2677b25f6f087a6b8ac2b29c1a2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/phone-app.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 24601
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "6019-5a94ee3ca2614"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/hace-todo-sin-pisar-una-sucursal.png | 54.237.128.192 | 200 OK | 895 B |
URL GET HTTP/2galiciacgu.ar/landing/images/hace-todo-sin-pisar-una-sucursal.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashd0acc5b0bbdc43dd50dd2d0b2eb32576 1aa9e187b2b7b1557d4cfa5bcc3285c650a66ab7 d141b66bbaef43dff727297077b14a27847ea55d76a109fc86f8898933f84b02
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/hace-todo-sin-pisar-una-sucursal.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 895
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "37f-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/ahorros-en-tus-compras.png | 54.237.128.192 | 200 OK | 1.1 kB |
URL GET HTTP/2galiciacgu.ar/landing/images/ahorros-en-tus-compras.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashc9a0e05726cf3d0156c1de4cb4d34d9b c12b219279ef1815c4abb8d97c9af032ed4ec2e7 e9f11131ee8e8d2fe74520e48fd0b122dd79c658102cd50bd891d916553270df
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/ahorros-en-tus-compras.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 1077
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "435-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/formulario.png | 54.237.128.192 | 200 OK | 5.1 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/formulario.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 102 x 100, 8-bit/color RGBA, non-interlaced Hash72132733d0c28d23878a2284942111f1 84079069c8961c8312a4defc3dc624a8f899a803 ca9ad07fd6681ad311946634716f0ed45d7761cc56b78a6645dbb9039585a346
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/formulario.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 5130
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "140a-5a94ee3c9a914"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/tu-dinero-en-todos-los-cajeros.png | 54.237.128.192 | 200 OK | 738 B |
URL GET HTTP/2galiciacgu.ar/landing/images/tu-dinero-en-todos-los-cajeros.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hash37ef7ecb588112b2d168d93c2b5154ab da44a7fba3b8cac5ffffaf8c0e25a502ac4c7011 8d3da633c04f44cb49d2dfc0057c220a77e08acad89d4f9d47bf1b3a8ec328b2
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/tu-dinero-en-todos-los-cajeros.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 738
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "2e2-5a3ba40b84ce5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/selfie.png | 54.237.128.192 | 200 OK | 5.8 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/selfie.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 101 x 109, 8-bit/color RGBA, non-interlaced Hash24ea8c02d7877e59adf1f7be4d4170e0 3050df0eea4740f64cd83a5f31fc6618eb0d5daa bbf29a2416b0152e6d76dff5d9c09d1bf203d6a60fe0b921c47ad28564de7681
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/selfie.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 5764
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "1684-5a94ee3ca35b4"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/atencion-digital.png | 54.237.128.192 | 200 OK | 934 B |
URL GET HTTP/2galiciacgu.ar/landing/images/atencion-digital.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashfb76a8f496cd2acbb2bf04947568f2c1 31110fcf19b023ed14f76e8b3d3f0c3fcbaabe91 c5adbd67b274d543dd28f62116802080cf12dd9151bb122ff1bda1ad77976ec9
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/atencion-digital.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 934
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "3a6-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/galicia-visa-debito.jpg | 54.237.128.192 | 200 OK | 21 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/galicia-visa-debito.jpg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 270x170, components 3 Hashfb233fd714aed8fce24dbfe3b719d934 cb906a371bb2d1341bf367d41db2c11983a421b3 ca2f36c04d50457bb38a7ef445c87ef13f545f27d3c896b500b465b7c570975e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/galicia-visa-debito.jpg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/jpeg
content-length: 21044
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "5234-5a94ee3c9a914"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/tarjeta.png | 54.237.128.192 | 200 OK | 7.4 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/tarjeta.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 102 x 121, 8-bit/color RGBA, non-interlaced Hash6929733eed2407ffaaab5b867c72ac05 535dd308b45858c182763e9fbdeb7da07c7a5ddd 70066ecd234880122706633877af842e79601e48ed87b90e553cd1612d5a4838
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/tarjeta.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/png
content-length: 7383
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "1cd7-5a94ee3ca4554"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-PXC7WZ | 142.250.74.168 | 200 OK | 103 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-PXC7WZ IP142.250.74.168:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (29208) Size103 kB (102877 bytes) Hash13ad7449d457841b9a8272713f095a9b 83b3ea923fe29aa65cce1397f64584455378402a 9b744d5aeefa9b8016a731482930735472ec820fe90e2c61f025ff604ab5baf1
GET /gtm.js?id=GTM-PXC7WZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 06:11:07 GMT
expires: Fri, 29 Mar 2024 06:11:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2 IP216.58.207.227:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21564, version 1.0 Hash73aaa95eab3115ea5a1e5c1cf16ea645 2f00c608a688cd2b2e6ad37637726b0e081da1c7 2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
GET /s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://galiciacgu.ar
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:34:35 GMT
expires: Fri, 28 Mar 2025 17:34:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 45392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 IP216.58.207.227:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35448, version 1.0 Hash5c138044f30b8c78119264cd744e686a 7605e014180d49087785350bd1906c16c389690d 47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
GET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://galiciacgu.ar
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:27:03 GMT
expires: Fri, 28 Mar 2025 17:27:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
age: 45844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Quicksand:500 | 142.250.74.106 | 200 OK | 203 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Quicksand:500 IP142.250.74.106:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typegzip compressed data, max compression Size203 kB (202703 bytes) Hash41985ef9c69303a38a4a3e03400488fc c05ba9ccdf667818c04b536681ca399b922614a6 1c3c10e0d627d3c6e9a7d7cfbe75b19ea74c785d865fc83a1b0d72439855cf73
GET /css?family=Quicksand:500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 06:11:07 GMT
date: Fri, 29 Mar 2024 06:11:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-FX0Z8DW3TM&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 93 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-FX0Z8DW3TM&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7853) Hash34789fdf098da54f84941c233d6fcebc 1747c8159c960ed1e716e07272ea182a4572f4e1 815d1e91060da672769322ec1cfa9bafa2c006cf389f54f0a88cdcabd6872f87
GET /gtag/js?id=G-FX0Z8DW3TM&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 06:11:07 GMT
expires: Fri, 29 Mar 2024 06:11:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93057
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| galiciacgu.ar/landing/images/arrow-left.svg | 54.237.128.192 | 200 OK | 454 B |
URL GET HTTP/2galiciacgu.ar/landing/images/arrow-left.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash3f909aca073d985964b951990e9a757a db28d082f6a271f80633e9466661402a84065be8 427f0671e2b9a9c219de75cb01934c155cd86e94ddabc650b5f944fe093d189d
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/arrow-left.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:07 GMT
content-type: image/svg+xml
content-length: 454
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "1c6-5de5c549b55af"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/landing/images/arrow-right.svg | 54.237.128.192 | 200 OK | 488 B |
URL GET HTTP/2galiciacgu.ar/landing/images/arrow-right.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash49ddb210a9a44896f8286dfa5a049157 a9e25e4066d77d44d8886f4039d8a346afe8c73f f1e2c27dcc925155adcaefa56b11b3b583c2c35ba76f48c46cad0edf5c5aaec4
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/arrow-right.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:07 GMT
content-type: image/svg+xml
content-length: 488
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "1e8-5de5c549b55af"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-K56P7CZ&l=dataLayer | 142.250.74.168 | 200 OK | 77 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-K56P7CZ&l=dataLayer IP142.250.74.168:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (3020) Hashad021ffec13f3a859cb78ef6dc713ed6 df7af54ba3a83bc2dc5090c8be5a7fc6b361b9e3 f6da9e5b66c4cbf3128d54b815a2c4aee61225a16b59b4e92c4e230cd037774d
GET /gtm.js?id=GTM-K56P7CZ&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 06:11:07 GMT
expires: Fri, 29 Mar 2024 06:11:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/destination?id=DC-9017705&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=DC-9017705&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File typeJavaScript source, ASCII text, with very long lines (2614) Hashfd759769c139c46726ac08fdb47641d1 e77f70a78115af4065b99274ddbbc563fdbbab49 cbe1130dc971bbb0a67852d1f8d47dc09aea0bbbf22673eca3ab7f6badd87d2c
GET /gtag/destination?id=DC-9017705&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 06:11:07 GMT
expires: Fri, 29 Mar 2024 06:11:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| galiciacgu.ar/landing/images/instagram-icon.svg | 54.237.128.192 | 200 OK | 1.5 kB |
URL GET HTTP/2galiciacgu.ar/landing/images/instagram-icon.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash91fb25c88daf08ea717c914847eb21da 96572fb6797f358637369b59e1673d092a33474b 32a75ee067f6cd74a341d9b6b93259307909fb5f8de22bbeffa2345b0e1285ca
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /landing/images/instagram-icon.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:07 GMT
content-type: image/svg+xml
content-length: 1503
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "5df-5a3ba40b704c5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/mail-icon.svg | 54.237.128.192 | 200 OK | 381 B |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/mail-icon.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2b2a0b4775d353e8215c008f7339b33c 03cd47b51ae4e0480934b2886b7674ce5e5dd637 8c27c66a166fe876ac24ba61980a2b779a8d95e0e1cab9ea4c1971495f515fbd
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/mail-icon.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:07 GMT
content-type: image/svg+xml
content-length: 381
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "17d-5a94ee3ca2614"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/js/landing/landing.js | 54.237.128.192 | 200 OK | 84 kB |
URL GET HTTP/2galiciacgu.ar/js/landing/landing.js IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65469) Hash4bd3c1fbe943fbb82748dbad1f25ee6b 22bf6706e9b51835c2e5c89bc2e8719ac25a47bb f92712808c7546c2c1f00abdf03c754e4366be232a3251e016c81a3e6d1e7d35
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /js/landing/landing.js HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:08 GMT
content-type: text/javascript
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 04 Mar 2024 13:46:15 GMT
etag: "3d012-612d5f30f1d1f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/css/landing/ajax-loader.gif | 54.237.128.192 | 404 Not Found | 4.6 kB |
URL GET HTTP/2galiciacgu.ar/css/landing/ajax-loader.gif IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
Hashc9a1bfffe798a80dbda06317fbb706a2 205dfec7e53e0aaf0f44f3dfce66983d4a7f16ee da7bdb821cf472c69002b00a614a2db1ba0066dfd18d6a03d41aab0395020b4e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /css/landing/ajax-loader.gif HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1928709371.1711692667; _ga_FX0Z8DW3TM=GS1.1.1711692667.1.0.1711692667.60.0.0; _ga=GA1.1.306282707.1711692667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Fri, 29 Mar 2024 06:11:09 GMT
content-type: text/html; charset=UTF-8
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
cache-control: no-cache, private
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/img-top.jpg | 54.237.128.192 | 200 OK | 202 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/img-top.jpg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1441x726, components 3 Size202 kB (202259 bytes) Hash1bb3acd88c03ee2e23a75d2c8b049a15 28177d238fb1313f98158ac974c4085aba715eac dc316347050e65f842e21ec73c7b0c7a62a2696c60c7966b2e912f82f55a31e7
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/img-top.jpg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:07 GMT
content-type: image/jpeg
content-length: 202259
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "31613-5a94ee3c9b8b4"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/favicon.png | 54.237.128.192 | 200 OK | 1.6 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/favicon.png IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashb700b544f2fa87e37e6b728fef00fcb0 c0735fa743392c2f3032c22d241854b88832cdb7 f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/favicon.png HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D; _gcl_au=1.1.1928709371.1711692667; _ga_FX0Z8DW3TM=GS1.1.1711692667.1.0.1711692667.60.0.0; _ga=GA1.1.306282707.1711692667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:09 GMT
content-type: image/png
content-length: 1559
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "617-5de5c549b26cf"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Rubik:300,400,500,700 | 142.250.74.106 | 200 OK | 9.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Rubik:300,400,500,700 IP142.250.74.106:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeASCII text, with very long lines (9636), with no line terminators Hash1550e9934ae538ab3fc803a753824478 412dc5882d91a1e2add602112e0c2e281098c160 fc0aa6c6ba464f8b1a18f6bfba070d7e881c9d5c10813abecd9548e227b86056
GET /css?family=Rubik:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 06:11:06 GMT
date: Fri, 29 Mar 2024 06:11:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| galiciacgu.ar/images/galicia/landing/cell.svg | 54.237.128.192 | 200 OK | 2.3 kB |
URL GET HTTP/2galiciacgu.ar/images/galicia/landing/cell.svg IP54.237.128.192:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashb55c46b7206e49c03ae1bab3a2ea004b 5f6d8d01ac5aafa63613d34ba54dfb0e5419435c ca33505d8e4c437169d0ec3db6befd7a9aafef1831be67125a93576dd9fd1429
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /images/galicia/landing/cell.svg HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: image/svg+xml
content-length: 2327
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "917-5a94ee3c9a914"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-FX0Z8DW3TM>m=45je43r0v9122498733za200&_p=1711692667072&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=306282707.1711692667&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692667&sct=1&seg=0&dl=https%3A%2F%2Fgaliciacgu.ar%2Fcgu&dt=Galicia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1841 | 216.239.34.36 | 204 No Content | 0 B |
URL GET HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-FX0Z8DW3TM>m=45je43r0v9122498733za200&_p=1711692667072&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=306282707.1711692667&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692667&sct=1&seg=0&dl=https%3A%2F%2Fgaliciacgu.ar%2Fcgu&dt=Galicia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1841 IP216.239.34.36:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g/collect?v=2&tid=G-FX0Z8DW3TM>m=45je43r0v9122498733za200&_p=1711692667072&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=306282707.1711692667&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692667&sct=1&seg=0&dl=https%3A%2F%2Fgaliciacgu.ar%2Fcgu&dt=Galicia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1841 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
date: Fri, 29 Mar 2024 06:11:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 54.237.128.192 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP54.237.128.192:443
CertificateIssuerAmazon Subjectwww.galiciacgu.ar FingerprintA7:F8:FF:B9:7D:B3:2D:33:35:E2:0B:CD:A8:05:11:6D:8B:E1:22:C8 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia |
GET /cgu HTTP/1.1
Host: galiciacgu.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InQ4VURFelRRVHJuamdWOXhhL3d1amc9PSIsInZhbHVlIjoiL2VoZThwQy9NRjV0YVpUTDBHc0pjTUxSMGlDQ1o4eis2YzE5UlJWM1RoOFB4SWhBbjFjUXZFa3RZcVEvYlZCWDJta1RRMzhSRmw5TWdHZ2dtSnFHb2xtZWtMTUthL1E1d1pRb3g4Y0ZabHhubkVWUmp4aUlmdGJ4YlBzNFErZmYiLCJtYWMiOiI3NDM4N2ZmZDg1MjU4ZjVhOWJhZThiOTBlMjMwNjM1ODIyYmVkYmY1MzBiODYwMzE4MDM1NTYyMGFmNWI0ZWFlIiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IkkyTWExTlhsdktaTmFlOFJ4NllxTUE9PSIsInZhbHVlIjoiaERkckc3OEdsemRhQ1JQRVgveWlpNXp1SmpUbUpEdzBOSEozNk5iV21PTDFvN05ia0tySDc4SElWby9hbnNtQlVDU09MMmJDelFDSnkrVUY4OTRtOWY5alpTN3lHQVBqQzVpQk53bXMxSVR5Ull1TlRaK0VzbkU3VGVVcnNnZXciLCJtYWMiOiIyNDEzZDE4Njk2ODgzZTFkMzYxZDhjZGVhNDZhODE1ZjczZjMyMjk4MGJkMzhkNjllYWMxMzYwMmRlM2MzNmQzIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 06:11:06 GMT
content-type: text/html; charset=UTF-8
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ik40a3FRQzhEYVVjank3QU5BSUVsVEE9PSIsInZhbHVlIjoiQVpReVMyVGs4YXZUYkFvZFJiMVNlSmFNNzNLeDFONmpqNjgvcWFJTi9NRGx3RWRXZlRqM1lKOVI0QURyTGw2b0hBbjQ4akpvZnZON2hxaVpINTJrSzh3eCtyS1lkUGZBaENxVkVoWldoRU5VQUlhR3lyVitrajhVRDhVY1NBN3QiLCJtYWMiOiIzOGY2YjY4YWY3MDNiZGFhOWQ2OTNhYjU1OGUxZmE5NDcxYjc2MzI3MGJiOTcwYTc2Mjg0ZTVjNWQ5MTMwNTY4IiwidGFnIjoiIn0%3D; expires=Fri, 29 Mar 2024 08:11:06 GMT; Max-Age=7200; path=/; secure; samesite=lax
galiciamove_session=eyJpdiI6Im1aOU94M0dwc2EvampGQmRNc291WHc9PSIsInZhbHVlIjoiTnpxeTEvTzAwNTF1Qng0c1Bpd0F6WFZJaHJKKzZDVnVzMmJGNkdrcHdyNFVrWW9Ed2kvY3dHaEJjRWRRczBSbUdDd0d3UmtabW5kNytnMy9lOWhNZUJHMFlsWG9hZ3gxUmI0UXhqMnJUMUpRT0V6WmZudklrM1Jnb2N0T1BmWkciLCJtYWMiOiJjNDQ1YWUwMTEwYzk5ZmE5MzMzOGE4ZmEzNjQ4NjE3NTAyN2Y1OWEzNWQwZTg1NjgzMTU2NzA5MWNlOWY4ZDliIiwidGFnIjoiIn0%3D; expires=Fri, 29 Mar 2024 08:11:06 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Inter:Regular | 142.250.74.106 | 200 OK | 2.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Inter:Regular IP142.250.74.106:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeASCII text, with very long lines (2436), with no line terminators Hash65362f802af56b92e51b2874e0d2c139 c6232bdf3efea218a2a404695044ae0cd735fec0 130efe18bbe5d7c483d0439f41f5906ed13765837c8f41777ef79bad13be42c4
GET /css?family=Inter:Regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 06:11:06 GMT
date: Fri, 29 Mar 2024 06:11:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter&display=swap | 142.250.74.106 | 200 OK | 2.5 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Inter&display=swap IP142.250.74.106:443
Requested byhttps://galiciacgu.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeASCII text, with very long lines (2597), with no line terminators Hashac63b64ec7437b1c3d021cd9bc74409a a4ed901cfda1a43f675d2e91e45b213033db8f7f 97ef63fd7e749e589c410943a72dce0b87d04223b3cf7196809b9edae28f16c6
GET /css2?family=Inter&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galiciacgu.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 06:11:06 GMT
date: Fri, 29 Mar 2024 06:11:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|