| www.galiciacgu.com.ar/css/landing/landing-galicia.css | 44.210.17.152 | 200 OK | 15 kB |
URL GET HTTP/2www.galiciacgu.com.ar/css/landing/landing-galicia.css IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (61503) Hash96a929052aff9897099e00ba8c394376 d45fe0672875fc0ebb7a44648a03d7222ae87127 0a3aa4c45914358e96355bcbde1a70b168a712a5193c83bfbab5c4aab4f5fa9e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /css/landing/landing-galicia.css HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: text/css
content-length: 14745
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 04 Mar 2024 13:46:14 GMT
etag: "15b89-612d5f2fd4aa5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/cgu | 44.210.17.152 | 200 OK | 76 kB |
URL User Request GET HTTP/2www.galiciacgu.com.ar/cgu IP44.210.17.152:443
CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash1983dfb47ffc8a7b3495187aba1e9f6f 30547c58583665ab84beccd090814111469692e5 c2fcc197de9e8bfd1302a7562c63d6d27a2762fb9deebe8f2131912a1ab37cba
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | PhishTank | phishing | Banco Real | Quad9 DNS | malicious | Sinkholed |
GET /cgu HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBHclhVaUt4SWVCWWNEYnlKUVJMOUE9PSIsInZhbHVlIjoieU8wSm5DazNQTnFqWEljeEVEQnVVQ2xseTFZRmg1ZnVOVEFOMUlpcWFZaVBXeTVIVXQzSmI4Z3ZqM0FncW1pTEl5VEpBamRidFFXMTFUUDhndWxXcW9uczRLU3FoSGlCdWlTMjVrcm1xVzJCanNMR2xleHI1dzVVT1dIYnNFcnkiLCJtYWMiOiI3Mzk5MjIzNDFjY2Q0YzM1MjliZDc3ZjY3ZWIxZTRkZmVjYzc3ZWMzOTg2MTdhMjM1MjU2ZjI5ZGNlZjc5NmFkIiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6Ilk0d2dQVXlSZGF5ZmducmpadmlIdUE9PSIsInZhbHVlIjoiVHNiaWJCSUs3S1N3c1NMNkR1SzQ3Z1FJN3FjUVlUSE4yeDhOSWRmN0p2Um1oamRxaG45OVZBdk94cWhzSzVjaDQzRktLZ28wNTFWbTcwelA2aWNNVTY3cVBSZDFFU2xsUm83RFZhVVRKVlRBTi9JcTRLaWN0bkVMWmRxQ1MzYWMiLCJtYWMiOiIwMGU2YmQ4ZmU0YzFkOWFiNTZiYmZlODk1ODc2ZGVmM2FmMjZjNTEyMDcyYjM0MzE4N2EyNDFhMTQ3OTI0MGEzIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:52 GMT
content-type: text/html; charset=UTF-8
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; expires=Fri, 26 Apr 2024 17:39:52 GMT; Max-Age=7200; path=/; secure; samesite=lax
galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D; expires=Fri, 26 Apr 2024 17:39:52 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/logo-galicia.svg | 44.210.17.152 | 200 OK | 12 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/logo-galicia.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashff34f8818d46be9a803475951ff553c5 07ecee32da83a9bb4e4c51b0dfa98e8406d02e24 6ac22257f232a796c7532ed3cdc9eea5f8f9dad45d8124c591a6001b9206aad3
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/logo-galicia.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/svg+xml
content-length: 12547
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "3103-5de5c549b26cf"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/move-app-cgu.png | 44.210.17.152 | 200 OK | 40 kB |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/move-app-cgu.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 258 x 498, 8-bit/color RGBA, non-interlaced Hash36bc1d0741de76a14731a7a3bb347cda 7c85d7eb1e2d6c408f603e7049dfccdd653765e6 2be987531e3186de6280d70b9504c1bb8580575e0b6b337fbf95330d145f78c8
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/move-app-cgu.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 40135
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 02 Mar 2021 16:05:31 GMT
etag: "9cc7-5bc8fe75a8e88"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/credit-card-1.svg | 44.210.17.152 | 200 OK | 1.4 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/credit-card-1.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashe5de0a2da9f032552a5407e4d7c45db0 4559a9e5722b1f87331d39d994c4c717ae6b4b41 8d2c9cad8aaa54c706da774d88db83a477ea421c407c6d19058d0824947a70b4
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/credit-card-1.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/svg+xml
content-length: 1368
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Wed, 13 Dec 2023 13:01:06 GMT
etag: "558-60c63c29a63ca"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/saving-piggy-dollars.svg | 44.210.17.152 | 200 OK | 2.9 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/saving-piggy-dollars.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashb3692760c0f69a5d93c84d88a39b1c67 04b34014b12c9e933321cb841d6b6613ac19a3a2 2cd0c5926e4ae7184b82936eba62ca4d57f7a4948ca0cb4a59ff153ec236b036
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/saving-piggy-dollars.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/svg+xml
content-length: 2886
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "b46-5de5c549b26cf"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/ordena-tus-gastos.png | 44.210.17.152 | 200 OK | 672 B |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/ordena-tus-gastos.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashf580112f044bdd55a060d2f7572f6a13 8b2fab0198578775f03c235199bd2972c1846aac 8a5aed71db62c95fd9d4c9bc09e232a944b247425c0d471791e007e10f79d118
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/ordena-tus-gastos.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 672
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "2a0-5a3ba40b704c5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/hace-todo-online.png | 44.210.17.152 | 200 OK | 474 B |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/hace-todo-online.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hasha3209b555015855444e13c19f0e4e451 833e060b06b85e84845132d4c1a3e9bd23639858 901b8df1c8efd9646a2ece1ff7157c27646e2ce9530d4f1f879530872f78b0e1
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/hace-todo-online.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 474
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "1da-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/cell.svg | 44.210.17.152 | 200 OK | 2.3 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/cell.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash995a32d3e7ae4fcfcca66bc1897210f6 6c23ed9b866a1987351776899b69849079f76af1 010ec2215ebce4e0dd8ed2a54637c1d52b70a023fc760461ef292dc5f23fb61e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/cell.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/svg+xml
content-length: 2327
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "917-5a94ee3c9a914"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/inverti-tus-ahorros.png | 44.210.17.152 | 200 OK | 1.1 kB |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/inverti-tus-ahorros.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hash5ac3ccbc6ea622097eb50c2486f072ea aeda5c1149482dc3001dda688abecf27e3c19c8a 2d384cb8f2aa36779b7d653b710490916b4ab2c5e88cf296c9a4f6dce4440b25
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/inverti-tus-ahorros.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 1132
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "46c-5a3ba40b704c5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/phone-app.png | 44.210.17.152 | 200 OK | 25 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/phone-app.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 192 x 341, 8-bit/color RGBA, non-interlaced Hash46a9ca4c609739cbfbfe476e3c68c874 9a5a74bd6d0f739b650698a0be8962ff1d15c2c3 53cba88cae85d2a11fc3693a15a10c1a9d5d2677b25f6f087a6b8ac2b29c1a2e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/phone-app.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 24601
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "6019-5a94ee3ca2614"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/galicia-visa-debito.jpg | 44.210.17.152 | 200 OK | 21 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/galicia-visa-debito.jpg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 270x170, components 3 Hashfb233fd714aed8fce24dbfe3b719d934 cb906a371bb2d1341bf367d41db2c11983a421b3 ca2f36c04d50457bb38a7ef445c87ef13f545f27d3c896b500b465b7c570975e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/galicia-visa-debito.jpg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/jpeg
content-length: 21044
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "5234-5a94ee3c9a914"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/atencion-digital.png | 44.210.17.152 | 200 OK | 934 B |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/atencion-digital.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashfb76a8f496cd2acbb2bf04947568f2c1 31110fcf19b023ed14f76e8b3d3f0c3fcbaabe91 c5adbd67b274d543dd28f62116802080cf12dd9151bb122ff1bda1ad77976ec9
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/atencion-digital.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 934
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "3a6-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/hace-todo-sin-pisar-una-sucursal.png | 44.210.17.152 | 200 OK | 895 B |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/hace-todo-sin-pisar-una-sucursal.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashd0acc5b0bbdc43dd50dd2d0b2eb32576 1aa9e187b2b7b1557d4cfa5bcc3285c650a66ab7 d141b66bbaef43dff727297077b14a27847ea55d76a109fc86f8898933f84b02
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/hace-todo-sin-pisar-una-sucursal.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 895
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "37f-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/tu-dinero-en-todos-los-cajeros.png | 44.210.17.152 | 200 OK | 738 B |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/tu-dinero-en-todos-los-cajeros.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hash37ef7ecb588112b2d168d93c2b5154ab da44a7fba3b8cac5ffffaf8c0e25a502ac4c7011 8d3da633c04f44cb49d2dfc0057c220a77e08acad89d4f9d47bf1b3a8ec328b2
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/tu-dinero-en-todos-los-cajeros.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 738
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "2e2-5a3ba40b84ce5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/tarjeta.png | 44.210.17.152 | 200 OK | 7.4 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/tarjeta.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 102 x 121, 8-bit/color RGBA, non-interlaced Hash6929733eed2407ffaaab5b867c72ac05 535dd308b45858c182763e9fbdeb7da07c7a5ddd 70066ecd234880122706633877af842e79601e48ed87b90e553cd1612d5a4838
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/tarjeta.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 7383
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "1cd7-5a94ee3ca4554"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/ahorros-en-tus-compras.png | 44.210.17.152 | 200 OK | 1.1 kB |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/ahorros-en-tus-compras.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hashc9a0e05726cf3d0156c1de4cb4d34d9b c12b219279ef1815c4abb8d97c9af032ed4ec2e7 e9f11131ee8e8d2fe74520e48fd0b122dd79c658102cd50bd891d916553270df
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/ahorros-en-tus-compras.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 1077
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "435-5a3ba40b60ac5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/formulario.png | 44.210.17.152 | 200 OK | 5.1 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/formulario.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 102 x 100, 8-bit/color RGBA, non-interlaced Hash72132733d0c28d23878a2284942111f1 84079069c8961c8312a4defc3dc624a8f899a803 ca9ad07fd6681ad311946634716f0ed45d7761cc56b78a6645dbb9039585a346
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/formulario.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/png
content-length: 5130
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "140a-5a94ee3c9a914"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2 IP216.58.207.227:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21564, version 1.0 Hash73aaa95eab3115ea5a1e5c1cf16ea645 2f00c608a688cd2b2e6ad37637726b0e081da1c7 2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
GET /s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.galiciacgu.com.ar
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:48 GMT
expires: Sat, 26 Apr 2025 06:04:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 34505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 IP216.58.207.227:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35448, version 1.0 Hash5c138044f30b8c78119264cd744e686a 7605e014180d49087785350bd1906c16c389690d 47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
GET /s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.galiciacgu.com.ar
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:39 GMT
expires: Sat, 26 Apr 2025 05:54:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
age: 35114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-PXC7WZ | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-PXC7WZ IP142.250.74.168:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (29208) Size101 kB (101333 bytes) Hash7348897ceb77fb2dd9ce5b5bcc8b507c c600a891fd29d6897548c923cfb8e1e575295c4f 608626af875ff8881468ba5f6939b4f593bf97c5fe8df6e11ca2e2ba70927f1a
GET /gtm.js?id=GTM-PXC7WZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 15:39:53 GMT
expires: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Quicksand:500 | 142.250.74.170 | 200 OK | 898 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Quicksand:500 IP142.250.74.170:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hash0f1a42e984de99f8bbd140e499544463 50088cb34a7b6aa80f440f35e2b434a75dff4491 daf91e4f7536547f9958cc2f4a6e2afaf8326bb61481ddfeed30c6ccdfa060a3
GET /css?family=Quicksand:500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 15:39:53 GMT
date: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/arrow-right.svg | 44.210.17.152 | 200 OK | 488 B |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/arrow-right.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash49ddb210a9a44896f8286dfa5a049157 a9e25e4066d77d44d8886f4039d8a346afe8c73f f1e2c27dcc925155adcaefa56b11b3b583c2c35ba76f48c46cad0edf5c5aaec4
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/arrow-right.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/svg+xml
content-length: 488
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "1e8-5de5c549b55af"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter&display=swap | 142.250.74.170 | 200 OK | 203 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Inter&display=swap IP142.250.74.170:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Size203 kB (202869 bytes) Hash6f0fa76a2b587d427114c8c8f02eaf1c 3617269f6114651f9995f1b924500ec3d596f37d 1a70782346fdf0cb6496b7067a8808598d76942fe82457935d96603d19ae3529
GET /css2?family=Inter&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 15:39:53 GMT
date: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-FX0Z8DW3TM&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-FX0Z8DW3TM&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (3020) Hash76630194d3ef2e554f788bd7c3576087 398d3bed487c94061d8f7025ff1b721038dece1c 00e623a67f254a3afcb0d1e0c15fdb25d3848668e6af6e5a1dd27536f304dcd9
GET /gtag/js?id=G-FX0Z8DW3TM&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 15:39:53 GMT
expires: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91644
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/destination?id=DC-9017705&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=DC-9017705&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1763) Hasha3e7242a203740c92c403c61b5e046ba 2734faa4b81752494179f8eeb709ef6e0453bf74 47a2208ae97386584c6eaf9bc84142024e0fac28e31980091ab6ff3a5969efab
GET /gtag/destination?id=DC-9017705&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 15:39:53 GMT
expires: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.galiciacgu.com.ar/images/galicia/landing/selfie.png | 44.210.17.152 | 200 OK | 5.8 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/selfie.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 101 x 109, 8-bit/color RGBA, non-interlaced Hash24ea8c02d7877e59adf1f7be4d4170e0 3050df0eea4740f64cd83a5f31fc6618eb0d5daa bbf29a2416b0152e6d76dff5d9c09d1bf203d6a60fe0b921c47ad28564de7681
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/selfie.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:54 GMT
content-type: image/png
content-length: 5764
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "1684-5a94ee3ca35b4"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/instagram-icon.svg | 44.210.17.152 | 200 OK | 1.5 kB |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/instagram-icon.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash91fb25c88daf08ea717c914847eb21da 96572fb6797f358637369b59e1673d092a33474b 32a75ee067f6cd74a341d9b6b93259307909fb5f8de22bbeffa2345b0e1285ca
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/instagram-icon.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:54 GMT
content-type: image/svg+xml
content-length: 1503
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 20 Apr 2020 15:07:08 GMT
etag: "5df-5a3ba40b704c5"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/mail-icon.svg | 44.210.17.152 | 200 OK | 381 B |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/mail-icon.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2b2a0b4775d353e8215c008f7339b33c 03cd47b51ae4e0480934b2886b7674ce5e5dd637 8c27c66a166fe876ac24ba61980a2b779a8d95e0e1cab9ea4c1971495f515fbd
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/mail-icon.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:55 GMT
content-type: image/svg+xml
content-length: 381
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "17d-5a94ee3ca2614"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-FX0Z8DW3TM>m=45je44o0v9122498733za200&_p=1714145993391&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1643266408.1714145994&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714145993&sct=1&seg=0&dl=https%3A%2F%2Fwww.galiciacgu.com.ar%2Fcgu&dt=Galicia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1347 | 216.239.32.36 | 204 No Content | 0 B |
URL GET HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-FX0Z8DW3TM>m=45je44o0v9122498733za200&_p=1714145993391&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1643266408.1714145994&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714145993&sct=1&seg=0&dl=https%3A%2F%2Fwww.galiciacgu.com.ar%2Fcgu&dt=Galicia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1347 IP216.239.32.36:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g/collect?v=2&tid=G-FX0Z8DW3TM>m=45je44o0v9122498733za200&_p=1714145993391&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1643266408.1714145994&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714145993&sct=1&seg=0&dl=https%3A%2F%2Fwww.galiciacgu.com.ar%2Fcgu&dt=Galicia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1347 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
date: Fri, 26 Apr 2024 15:39:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/css/landing/ajax-loader.gif | 44.210.17.152 | 404 Not Found | 4.6 kB |
URL GET HTTP/2www.galiciacgu.com.ar/css/landing/ajax-loader.gif IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
Hashc9a1bfffe798a80dbda06317fbb706a2 205dfec7e53e0aaf0f44f3dfce66983d4a7f16ee da7bdb821cf472c69002b00a614a2db1ba0066dfd18d6a03d41aab0395020b4e
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /css/landing/ajax-loader.gif HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D; _gcl_au=1.1.24331095.1714145994; _ga_FX0Z8DW3TM=GS1.1.1714145993.1.0.1714145993.60.0.0; _ga=GA1.1.1643266408.1714145994
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 15:39:55 GMT
content-type: text/html; charset=UTF-8
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
cache-control: no-cache, private
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/favicon.png | 44.210.17.152 | 200 OK | 1.6 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/favicon.png IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hashb700b544f2fa87e37e6b728fef00fcb0 c0735fa743392c2f3032c22d241854b88832cdb7 f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/favicon.png HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D; _gcl_au=1.1.24331095.1714145994; _ga_FX0Z8DW3TM=GS1.1.1714145993.1.0.1714145993.60.0.0; _ga=GA1.1.1643266408.1714145994
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:55 GMT
content-type: image/png
content-length: 1559
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "617-5de5c549b26cf"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/landing/images/arrow-left.svg | 44.210.17.152 | 200 OK | 454 B |
URL GET HTTP/2www.galiciacgu.com.ar/landing/images/arrow-left.svg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash5a28cb365a071eeea16816846cebf9cf 4c51bf274e247a5541dc436773ac756f4665ec26 47718b9dfbf6f96770b8d96dc41b104568402fbd24ae27246804c1d2aea2fe26
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /landing/images/arrow-left.svg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/svg+xml
content-length: 454
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Fri, 06 May 2022 18:50:21 GMT
etag: "1c6-5de5c549b55af"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-K56P7CZ&l=dataLayer | 142.250.74.168 | 200 OK | 209 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-K56P7CZ&l=dataLayer IP142.250.74.168:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (3020) Size209 kB (208586 bytes) Hash76630194d3ef2e554f788bd7c3576087 398d3bed487c94061d8f7025ff1b721038dece1c 00e623a67f254a3afcb0d1e0c15fdb25d3848668e6af6e5a1dd27536f304dcd9
GET /gtm.js?id=GTM-K56P7CZ&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 15:39:53 GMT
expires: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Inter:Regular | 142.250.74.170 | 200 OK | 2.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Inter:Regular IP142.250.74.170:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (2436), with no line terminators Hash65362f802af56b92e51b2874e0d2c139 c6232bdf3efea218a2a404695044ae0cd735fec0 130efe18bbe5d7c483d0439f41f5906ed13765837c8f41777ef79bad13be42c4
GET /css?family=Inter:Regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 15:39:53 GMT
date: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Rubik:300,400,500,700 | 142.250.74.170 | 200 OK | 9.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Rubik:300,400,500,700 IP142.250.74.170:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (9636), with no line terminators Hash1550e9934ae538ab3fc803a753824478 412dc5882d91a1e2add602112e0c2e281098c160 fc0aa6c6ba464f8b1a18f6bfba070d7e881c9d5c10813abecd9548e227b86056
GET /css?family=Rubik:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 15:39:53 GMT
date: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/images/galicia/landing/img-top.jpg | 44.210.17.152 | 200 OK | 202 kB |
URL GET HTTP/2www.galiciacgu.com.ar/images/galicia/landing/img-top.jpg IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1441x726, components 3 Size202 kB (202259 bytes) Hash1bb3acd88c03ee2e23a75d2c8b049a15 28177d238fb1313f98158ac974c4085aba715eac dc316347050e65f842e21ec73c7b0c7a62a2696c60c7966b2e912f82f55a31e7
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /images/galicia/landing/img-top.jpg HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/css/landing/landing-galicia.css
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:53 GMT
content-type: image/jpeg
content-length: 202259
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Tue, 30 Jun 2020 15:32:57 GMT
etag: "31613-5a94ee3c9b8b4"
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-64187909-3 | 142.250.74.168 | 200 OK | 202 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-64187909-3 IP142.250.74.168:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size202 kB (202447 bytes) Hashf0032f6d2af3a88e3e8bc042d1e03eda 72fae89b873f0c0609729a75ca06a8496db8497c 2e5b63e25f7cac308040fa11b26ae13f1a9661ac6b7a774dc207cd6b311f4251
GET /gtag/js?id=UA-64187909-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 15:39:53 GMT
expires: Fri, 26 Apr 2024 15:39:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 44.210.17.152 | 302 Found | 14 kB |
URL User Request GET HTTP/2IP44.210.17.152:443
CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 15:39:52 GMT
content-type: text/html; charset=UTF-8
location: https://www.galiciacgu.com.ar/cgu
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjBHclhVaUt4SWVCWWNEYnlKUVJMOUE9PSIsInZhbHVlIjoieU8wSm5DazNQTnFqWEljeEVEQnVVQ2xseTFZRmg1ZnVOVEFOMUlpcWFZaVBXeTVIVXQzSmI4Z3ZqM0FncW1pTEl5VEpBamRidFFXMTFUUDhndWxXcW9uczRLU3FoSGlCdWlTMjVrcm1xVzJCanNMR2xleHI1dzVVT1dIYnNFcnkiLCJtYWMiOiI3Mzk5MjIzNDFjY2Q0YzM1MjliZDc3ZjY3ZWIxZTRkZmVjYzc3ZWMzOTg2MTdhMjM1MjU2ZjI5ZGNlZjc5NmFkIiwidGFnIjoiIn0%3D; expires=Fri, 26 Apr 2024 17:39:52 GMT; Max-Age=7200; path=/; secure; samesite=lax
galiciamove_session=eyJpdiI6Ilk0d2dQVXlSZGF5ZmducmpadmlIdUE9PSIsInZhbHVlIjoiVHNiaWJCSUs3S1N3c1NMNkR1SzQ3Z1FJN3FjUVlUSE4yeDhOSWRmN0p2Um1oamRxaG45OVZBdk94cWhzSzVjaDQzRktLZ28wNTFWbTcwelA2aWNNVTY3cVBSZDFFU2xsUm83RFZhVVRKVlRBTi9JcTRLaWN0bkVMWmRxQ1MzYWMiLCJtYWMiOiIwMGU2YmQ4ZmU0YzFkOWFiNTZiYmZlODk1ODc2ZGVmM2FmMjZjNTEyMDcyYjM0MzE4N2EyNDFhMTQ3OTI0MGEzIiwidGFnIjoiIn0%3D; expires=Fri, 26 Apr 2024 17:39:52 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|
| www.galiciacgu.com.ar/js/landing/landing.js | 44.210.17.152 | 200 OK | 250 kB |
URL GET HTTP/2www.galiciacgu.com.ar/js/landing/landing.js IP44.210.17.152:443
Requested byhttps://www.galiciacgu.com.ar/cgu CertificateIssuerAmazon Subjectwww.galiciacgu.com.ar Fingerprint8E:38:4E:A4:4F:87:B7:53:E6:11:1B:D9:A1:DE:61:D9:D9:ED:A0:C3 ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
Size250 kB (249874 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Banco Galicia | Quad9 DNS | malicious | Sinkholed |
GET /js/landing/landing.js HTTP/1.1
Host: www.galiciacgu.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.galiciacgu.com.ar/cgu
Cookie: XSRF-TOKEN=eyJpdiI6InFNa0pYei83VzJhYnJDU2wxcE5XSXc9PSIsInZhbHVlIjoiekIyWHM5MHBwTnhDNHpOYjU0Uk1ja2FDdWpRYklqdzhrYzJyTFBJOVUzMTZuOVFzOUloVDE5ZFJyMW03WVpzaVNQU09CcEFkOXdHZDltZG1SYWNidVJ6K296Y2JCdGZweWt1dVN6QjNTcmRSSldTNlh4R2xkeDcyTWRnaDVuTnAiLCJtYWMiOiIxNzRlNTdiMDU0ZDlmNWM0NjQ1NTQ5NDI0YzlkMWUzNmQxNTkzNTQ2OWUzN2Y5MGQwNDU0ODZiMjZkNzA0Y2E3IiwidGFnIjoiIn0%3D; galiciamove_session=eyJpdiI6IlJMR2xWeXE5SFNPV1UzRU5WZC9HN3c9PSIsInZhbHVlIjoidHROVCtUUHRPU25zNnZ0T25mN1RTWTc3bHVnL0haakQybTlrNzRkdUVyMFhKVTVXc3EzSmFhR0wyZEp4NnNTbFplaEhxby95VVpQZ1lkY0N1TndSL3REcUdGeFV4YnZkWFBmKzRDSUtSeDl2a09VL0x2RDRHVlhZODE0dzVqYjMiLCJtYWMiOiJkNDZjMDE1ZDQ4MTZlZGNkZDgxMTFhNjQ5NTdlNDYwZDcwNWRkNDBmN2VkODhiMmI0MTVmM2E1NGI0ZTU2NmE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:39:55 GMT
content-type: text/javascript
server:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
feature-policy: fullscreen 'none'; microphone 'none'; geolocation 'self'; camera 'self'
last-modified: Mon, 04 Mar 2024 13:46:15 GMT
etag: "3d012-612d5f30f1d1f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;media-src 'self' data:; default-src 'self' https://*.fls.doubleclick.net https://script.hotjar.com https://vars.hotjar.com;font-src 'self' https://script.hotjar.com fonts.gstatic.com;style-src 'unsafe-inline' 'self' fonts.googleapis.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.zoomauth.com https://www.googleadservices.com https://*.twitter.com https://static.ads-twitter.com https://maps.googleapis.com https://script.hotjar.com https://static.hotjar.com https://www.facebook.com/ https://www.facebook.net/ https://connect.facebook.net https://connect.facebook.com https://www.googletagmanager.com https://www.google-analytics.com;img-src 'self' data: https://t.co https://googleads.g.doubleclick.net https://googletagmanager.com https://*.gstatic.com https://*.googleapis.com https://*.google.com.ar https://*.google.com https://www.facebook.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://*.facebook.net https://www.googletagmanager.com https://script.hotjar.com ;connect-src 'self' https://galiciamove-tmp-uploads.s3.amazonaws.com https://api.zoomauth.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net, frame-ancestors 'self';
X-Firefox-Spdy: h2
|
|