Report - app.galpone.ar

Report Overview

Submitted URL
app.galpone.ar
IP
65.181.111.21
ASN
#14670 WHG Hosting Services Ltd
Submitted
2024-04-26 00:50:27
Access
public
Website Title
FearlessCapital Options
Final URL
app.galpone.ar/
Tags
botpanel malware
urlquery detections
Malware - Botnet panel

Detections

urlquery
13
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-25	849 B	558 kB	151.101.2.137
code.highcharts.com	11421	2009-10-27	2012-08-07	2024-04-25	2.5 kB	197 kB	104.18.8.9
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	1.6 kB	47 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	923 B	21 kB	142.250.74.106
cdn.canvasjs.com	unknown	2011-07-28	2023-05-05	2024-02-21	407 B	493 kB	104.26.12.77
app.galpone.ar	unknown	unknown	No data	No data	12 kB	2.3 MB	65.181.111.21
canvasjs.com	133583	2011-07-28	2013-07-24	2024-02-16	415 B	890 B	104.26.12.77

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	code.highcharts.com/modules/exporting.js	20 kB	2024-04-24	2024-04-28
Pretty URL code.highcharts.com/modules/exporting.js IP 104.18.8.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 11:09:23 Last Seen2024-04-28 05:43:22 Times Seen6 Hash 965efc316a702245dd18b5bcc124407b c19722c1a6dfd919a7cc5f45bb98195af9e48c10 d256904e95c4f774defd029499e7b9f9ddae18e22615947677d6331d8db8592c Loading...

	app.galpone.ar/AdminLte/plugins/datatables-responsive/js/dataTables.responsive.min.js	14 kB	2023-03-07	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-responsive/js/dataTables.responsive.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-05-02 15:46:05 Times Seen229 Hash 9c08197a623203cd1bf273541b694308 fa895deac972f0ca3d77169039aca0ee1a04f34e 94d8439fdad60af6fb881f9aa512fe6e2e12b14ac728ba29bd8f251399ec7322 Loading...

	app.galpone.ar/AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js	1.2 kB	2023-03-07	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-05-02 15:46:05 Times Seen284 Hash a730f5bddecca0c8889a2e91415cc30a a9aa68f014eb6986c467b859832327b46af6da26 69754ee3b45beece7c1613130b06ccdfd7a7ff55dc9b31a40a547305ee6dc4ab Loading...

	app.galpone.ar/js/site.js?v=OAqEHc7i42-vBlvBx15epkmb-cEX5SXKeAJnSKdh5g0	377 B	2023-09-26	2024-04-26
Pretty URL app.galpone.ar/js/site.js?v=OAqEHc7i42-vBlvBx15epkmb-cEX5SXKeAJnSKdh5g0 IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 04:37:55 Last Seen2024-04-26 02:50:35 Times Seen2 Hash 14ba5679482a65f3da8313ccceff9171 644c98403075e462dc702236bff7f434082f8675 582b3bc6ae0ca1efbb4143f7853077805dfc7612fa28b0041ff7d0be187d0ffd Loading...

	app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.colVis.min.js	2.8 kB	2023-03-07	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.colVis.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-05-02 15:46:06 Times Seen244 Hash 3305195e00cd4f7b288e4d1c38501146 c0522cdc03ddc90b931d65fee6721c3eb988e079 07be9aff38f58c96fc1e979aa5424b0fa8c5b79bbcab53ff1eefd18dfc97f8fe Loading...

	code.highcharts.com/stock/modules/data.js	16 kB	2024-04-10	2024-04-26
Pretty URL code.highcharts.com/stock/modules/data.js IP 104.18.8.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 16:04:14 Last Seen2024-04-26 02:50:36 Times Seen4 Hash b69192002c1ca96f1d1cc9da625434d4 815d6e2c0dea57e50cb5ff2d74003dae5629c7df 792db2217a4362b7fb104073604aa073245a52a954a0a731e3ee76d727e8e9c9 Loading...

	app.galpone.ar/AdminLte/plugins/jquery/jquery.min.js	90 kB	2023-03-07	2024-05-05
Pretty URL app.galpone.ar/AdminLte/plugins/jquery/jquery.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-05 21:00:07 Times Seen266123 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	app.galpone.ar/lib/bootstrap/dist/js/bootstrap.js	78 kB	2023-09-26	2024-04-26
Pretty URL app.galpone.ar/lib/bootstrap/dist/js/bootstrap.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 04:37:55 Last Seen2024-04-26 02:50:36 Times Seen2 Hash 78dcd2d1c8e9a4b0ee87fbca68c29ad6 d28430ed88a4f10f32012e65b1900492ee5c15d0 fb769700a9a026dbe58517bd8bade64b5d972d404e72adee1570c2a67f8bc39f Loading...

	app.galpone.ar/AdminLte/plugins/datatables/jquery.dataTables.min.js	84 kB	2023-04-15	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables/jquery.dataTables.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-15 01:45:31 Last Seen2024-05-02 15:46:05 Times Seen123 Hash 8d63c1aa494c220e5f1eb2d5b66caac9 2b1cd838dd90a99d3dc93eaeb7438e05f911a99b 9cdd4dc08826b97bb99ece5847d78e2aa3f94904a85cd92489ee5d15d3422c0b Loading...

	app.galpone.ar/AdminLte/plugins/datatables-buttons/js/dataTables.buttons.min.js	20 kB	2023-04-15	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-buttons/js/dataTables.buttons.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-15 01:45:31 Last Seen2024-05-02 15:46:05 Times Seen111 Hash 18c45d7aaaf5ab4a3e743d987c14182e 31d0292fc0873b221f91be16af7747342c635b90 5ae5d55957a75c4d84c6fa0ab3ca83b23c823865b57844c60d2e5236a6d74ea4 Loading...

	app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.html5.min.js	25 kB	2023-03-07	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.html5.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-05-02 15:46:06 Times Seen231 Hash f005b2c8334ed73115c800f84065dde7 5b8aca189d9e6ffb95eef23b4742e58343c79cbc a272893a5e916e3e420effe9fb328cbeeef12232bf239755142f9ad8be371540 Loading...

	app.galpone.ar/AdminLte/plugins/bootstrap/js/bootstrap.bundle.min.js	84 kB	2023-03-07	2024-05-05
Pretty URL app.galpone.ar/AdminLte/plugins/bootstrap/js/bootstrap.bundle.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-05 00:25:27 Times Seen5423 Hash f81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Loading...

	app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.print.min.js	2.2 kB	2023-03-07	2024-05-05
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.print.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-05-05 12:53:56 Times Seen258 Hash dc359e6634a9b1b70b33f4709291ac52 890bfbb06a5a65103b16a3fe22de6dc62a3cd46d 43c9c663cdacecedbae7c913386783e1363bc8fbdc9a4c613b4d1abf98a83f95 Loading...

	app.galpone.ar/AdminLte/plugins/flot/jquery.flot.js	106 kB	2023-09-26	2024-04-26
Pretty URL app.galpone.ar/AdminLte/plugins/flot/jquery.flot.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 04:37:55 Last Seen2024-04-26 02:50:36 Times Seen4 Hash 1f31829c44e2cd54d9aff80995e11cfe 2252e407252885ae5d01e30c215cf8c28d34834a f4720d183347e65a21a9dc7777ed3e4d2b609452453a270a2cfab0777b64c1ee Loading...

	code.highcharts.com/stock/highstock.js	380 kB	2024-04-24	2024-04-26
Pretty URL code.highcharts.com/stock/highstock.js IP 104.18.8.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 08:28:48 Last Seen2024-04-26 02:50:36 Times Seen5 Hash cfa080c5c44fdf96532e131cd74184f4 78247c64ffe89c1408517359a523e416ded52645 ab347e0b48b7b4a73f5fccf21ef2770f4f7a6fbcc5a0ceacf5017e9f373bea54 Loading...

	code.highcharts.com/modules/accessibility.js	139 kB	2024-04-26	2024-04-28
Pretty URL code.highcharts.com/modules/accessibility.js IP 104.18.8.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 02:50:36 Last Seen2024-04-28 05:43:22 Times Seen4 Hash d4777a8bed87c88840fbd38bf824f203 96dc471bfb246441217cdaf1cd3056ccc0c83a9c d63ab0804f0cf21ecb51b37e45f2020d1b7feaa3dab01e0e66ca675373ec9882 Loading...

	code.jquery.com/ui/1.12.1/jquery-ui.js	521 kB	2023-03-07	2024-05-05
Pretty URL code.jquery.com/ui/1.12.1/jquery-ui.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-05-05 18:51:42 Times Seen6043 Hash ab5284de5e3d221e53647fd348e5644b 75c20acdc6cbc6334fe2b918ab7afeec007f969e 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Loading...

	app.galpone.ar/lib/jquery-validation/dist/jquery.validate.min.js	23 kB	2023-04-06	2024-05-04
Pretty URL app.galpone.ar/lib/jquery-validation/dist/jquery.validate.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 16:55:47 Last Seen2024-05-04 00:11:23 Times Seen330 Hash 146e83f3299d808104b4eff9b5d02150 308282674902bc02929c4ec1978d3a1ba7d5f2ad f909dd0bc5367dd15e530330204f5ef655e7c39610b47966a9a9f519c01ec981 Loading...

	app.galpone.ar/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js	5.8 kB	2023-03-07	2024-04-26
Pretty URL app.galpone.ar/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:44 Last Seen2024-04-26 02:50:36 Times Seen44 Hash 841e7db21ef9bf84457a143e27a423fd 9b4003d6ce2eff2b4f973e86c4239fec8ef9c5a4 a5aa31a5cb77de463d7e9425be00bc2289231aaf22a9869515ac2014f83ca33d Loading...

	app.galpone.ar/AdminLte/dist/js/adminlte.min.js	44 kB	2023-03-07	2024-05-02
Pretty URL app.galpone.ar/AdminLte/dist/js/adminlte.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:16 Last Seen2024-05-02 11:01:18 Times Seen202 Hash 2695ce7b6e4c03f3613657d5f2c3aa10 c91c7cb6f6433d957ff0812bcaace94cd016533d 755b3b63190824c756288c7e13867b28622bb07d8fecc1e3e160cdbf34f3b105 Loading...

	canvasjs.com/assets/script/canvasjs.min.js	492 kB	2024-04-26	2024-04-26
Pretty URL canvasjs.com/assets/script/canvasjs.min.js IP 104.26.12.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 02:50:36 Last Seen2024-04-26 02:50:36 Times Seen2 Hash 2755ec4fafe413f575c0a38b414db4b4 f6f0c9b82df8a83845ee691ee76eed89083bb9c8 9731f6cfbfc767c49fd22e4c222151d55fedd8941c39fa47eede69bd6298219a Loading...

	app.galpone.ar/AdminLte/plugins/datatables-bs4/js/dataTables.bootstrap4.min.js	2.1 kB	2023-03-07	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-bs4/js/dataTables.bootstrap4.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-05-02 15:46:05 Times Seen239 Hash f6efabd85fb5c418a848f5f0e0ba0f9f fb6d36d07455c93fb3e3f6543b2f2e6e2cd7f89c c7b7abf54cc3c6d4c454c090efb0446086b32f4398bd1d17b398116c2f5aec53 Loading...

	app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.bootstrap4.min.js	1.0 kB	2023-03-07	2024-05-02
Pretty URL app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.bootstrap4.min.js IP 65.181.111.21 ASN #14670 WHG Hosting Services Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-05-02 15:46:05 Times Seen240 Hash 8e408dcb8dd84d21b97885b1675eca9a f7e12468c6c350e87856c822de464e971bdbf8dc c9580b9667720a8755d81eb5d10c7ea8f44580958ff77c86148e2924d781acff Loading...

	code.highcharts.com/modules/series-label.js	9.2 kB	2024-04-24	2024-04-26
Pretty URL code.highcharts.com/modules/series-label.js IP 104.18.8.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 11:09:22 Last Seen2024-04-26 02:50:36 Times Seen4 Hash 1faec1d7d0b2f4fe8cf609e8f6c1309a 5a7171e2f56f5ed154eae62bed519182c53c9b03 f7524d4a3e6ee6aa7a8709354c7fbd7d4dc1a0f0c61581edb37f5879c0ec2e0e Loading...

	code.highcharts.com/modules/export-data.js	12 kB	2024-04-26	2024-04-26
Pretty URL code.highcharts.com/modules/export-data.js IP 104.18.8.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 02:50:36 Last Seen2024-04-26 02:50:36 Times Seen2 Hash 5e6fa4fba5f4edb3901f27c3e2234fbe 3cb96d797ed87ee840b0822e3dbd8629ba5b4889 8af1541844188709425f1ab202522af022ef8a2a368220f2d93f3edbbf418f03 Loading...

HTTP Transactions (41)

URL IP Response Size

app.galpone.ar/

65.181.111.21

200 OK

1.2 kB

URL User Request GET HTTP/2
app.galpone.ar/
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1233 bytes)
Hash
11ca4578cb026a23713aea6781b8ece3
a05ae51b4a3e2e0076222cbcbe9c58833cdef108
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

HTTP Headers

GET / HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Fri, 26 Apr 2024 00:50:02 GMT
Content-Length: 1233

canvasjs.com/assets/script/canvasjs.min.js

104.26.12.77

301 Moved Permanently

167 B

URL GET HTTP/2
canvasjs.com/assets/script/canvasjs.min.js
IP
104.26.12.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectcanvasjs.com
FingerprintBA:2A:52:D1:5D:6E:95:44:B4:78:1A:80:20:6B:62:D6:45:E8:9A:02
ValiditySun, 03 Mar 2024 01:38:01 GMT - Sat, 01 Jun 2024 01:38:00 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /assets/script/canvasjs.min.js HTTP/1.1
Host: canvasjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 00:50:03 GMT
content-type: text/html
content-length: 167
location: https://cdn.canvasjs.com/canvasjs.min.js
cache-control: max-age=3600
expires: Fri, 26 Apr 2024 01:50:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nR3XaV5c92zve5p8MvBIqvwOne%2BAVzm3uUpn3yLTwIb%2BlM7B6N8vBLmVeB5iqI57oKcgqRFT0gOXsDL513X9XTeNghsxMrOsdlBsk2kmu3Qvcg7vQOuk3FBUzGJZWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 87a293956cb37129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css

151.101.2.137

200 OK

36 kB

URL GET HTTP/2
code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://app.galpone.ar/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2363)
Size
36 kB (35973 bytes)
Hash
c4a88ec0cb998929a670c0c58d7dc526
03135a88e8dbc36020dd453d1e7407ce9a3a2cc2
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

HTTP Headers

GET /ui/1.12.1/themes/base/jquery-ui.css HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-8c85"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 26 Apr 2024 00:50:03 GMT
age: 1620519
x-served-by: cache-lga21981-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 2650, 17831
x-timer: S1714092604.757520,VS0,VE0
vary: Accept-Encoding
content-length: 35973
X-Firefox-Spdy: h2

code.highcharts.com/modules/series-label.js

104.18.8.9

200 OK

3.7 kB

URL GET HTTP/2
code.highcharts.com/modules/series-label.js
IP
104.18.8.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerCloudflare, Inc.
Subjecthighcharts.com
Fingerprint4B:29:12:1B:43:1B:D7:5E:F0:0B:3B:12:5E:A7:8E:8B:C5:95:BC:79
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (9113)
Size
3.7 kB (3711 bytes)
Hash
1faec1d7d0b2f4fe8cf609e8f6c1309a
5a7171e2f56f5ed154eae62bed519182c53c9b03
f7524d4a3e6ee6aa7a8709354c7fbd7d4dc1a0f0c61581edb37f5879c0ec2e0e

HTTP Headers

GET /modules/series-label.js HTTP/1.1
Host: code.highcharts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 00:50:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 3711
x-amz-id-2: 60c3Q9fKeoSt6b6I4iKcLt5S8Gay9KXOZg1EW+9laFGhfcvR13OQnQ4TOdxX8sYtWuM4U4RMLNQ=
x-amz-request-id: YT07PSDVMCN5XSS2
cache-control: public, max-age=2678400
content-encoding: gzip
expires: Mon, 27 May 2024 00:50:03 GMT
last-modified: Thu, 04 Apr 2024 13:12:27 GMT
etag: "540b11dab0f51b3f46fe94cf3ea8a53a"
cf-cache-status: HIT
age: 1855833
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: _cfuvid=uYujIOvz3Wa_sFB6FrL6iuGTdzxO5pCG5wJf4aET9ac-1714092603838-0.0.1.1-604800000; path=/; domain=.highcharts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a29395e8a4b503-OSL
X-Firefox-Spdy: h2

code.highcharts.com/modules/export-data.js

104.18.8.9

200 OK

5.2 kB

URL GET HTTP/2
code.highcharts.com/modules/export-data.js
IP
104.18.8.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerCloudflare, Inc.
Subjecthighcharts.com
Fingerprint4B:29:12:1B:43:1B:D7:5E:F0:0B:3B:12:5E:A7:8E:8B:C5:95:BC:79
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12244)
Size
5.2 kB (5173 bytes)
Hash
5e6fa4fba5f4edb3901f27c3e2234fbe
3cb96d797ed87ee840b0822e3dbd8629ba5b4889
8af1541844188709425f1ab202522af022ef8a2a368220f2d93f3edbbf418f03

HTTP Headers

GET /modules/export-data.js HTTP/1.1
Host: code.highcharts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 00:50:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 5173
x-amz-id-2: NvSpwY7hMkG8LdIdP1FIZU2QK5iVy8cOniJ5J+cbYS9MzUwganzvZDbGU0MO1Yr6q8DGba81Qk8=
x-amz-request-id: YT0C0XPSDT1726TR
cache-control: public, max-age=2678400
content-encoding: gzip
expires: Mon, 27 May 2024 00:50:03 GMT
last-modified: Thu, 04 Apr 2024 13:12:25 GMT
etag: "0ce6e00e899cf50e5dfef7c19ee916ae"
cf-cache-status: HIT
age: 1855856
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: _cfuvid=eEJEz.WaxjuHpta56fm8LhjBY0NC9PwrRuHfKKPj1Q4-1714092603847-0.0.1.1-604800000; path=/; domain=.highcharts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a29395f8a8b503-OSL
X-Firefox-Spdy: h2

code.highcharts.com/modules/exporting.js

104.18.8.9

200 OK

7.3 kB

URL GET HTTP/2
code.highcharts.com/modules/exporting.js
IP
104.18.8.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerCloudflare, Inc.
Subjecthighcharts.com
Fingerprint4B:29:12:1B:43:1B:D7:5E:F0:0B:3B:12:5E:A7:8E:8B:C5:95:BC:79
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19397)
Size
7.3 kB (7282 bytes)
Hash
965efc316a702245dd18b5bcc124407b
c19722c1a6dfd919a7cc5f45bb98195af9e48c10
d256904e95c4f774defd029499e7b9f9ddae18e22615947677d6331d8db8592c

HTTP Headers

GET /modules/exporting.js HTTP/1.1
Host: code.highcharts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 00:50:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 7282
x-amz-id-2: /tIRQ0H6mITzGv5YyHoHSFpk4bHTI1UgF33quyUcQHcPb0GtJoTKK4iG37J/Lje9XWTfHLCo4s0=
x-amz-request-id: YT01MQBK4ZMHKBZN
cache-control: public, max-age=2678400
content-encoding: gzip
expires: Mon, 27 May 2024 00:50:03 GMT
last-modified: Thu, 04 Apr 2024 13:12:25 GMT
etag: "8ee46182438e7abad95c4b4263c1db1b"
cf-cache-status: HIT
age: 1855857
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: _cfuvid=g_DFIrnTq_sMrRfjper45S5EX1X0iiLlJgjhOhlEBQQ-1714092603864-0.0.1.1-604800000; path=/; domain=.highcharts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a2939618abb503-OSL
X-Firefox-Spdy: h2

code.highcharts.com/modules/accessibility.js

104.18.8.9

200 OK

38 kB

URL GET HTTP/2
code.highcharts.com/modules/accessibility.js
IP
104.18.8.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerCloudflare, Inc.
Subjecthighcharts.com
Fingerprint4B:29:12:1B:43:1B:D7:5E:F0:0B:3B:12:5E:A7:8E:8B:C5:95:BC:79
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65366)
Size
38 kB (38395 bytes)
Hash
d4777a8bed87c88840fbd38bf824f203
96dc471bfb246441217cdaf1cd3056ccc0c83a9c
d63ab0804f0cf21ecb51b37e45f2020d1b7feaa3dab01e0e66ca675373ec9882

HTTP Headers

GET /modules/accessibility.js HTTP/1.1
Host: code.highcharts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 00:50:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 38395
x-amz-id-2: Udny4Ny31Ap/ix/BYpnNrWZIWyXOKQkVI3fwVlOmkdLsvRBzFd65iuCWgv0zA1zqOEDJlYrAWeE=
x-amz-request-id: YT0AGKAJEDPAYMAQ
cache-control: public, max-age=2678400
content-encoding: gzip
expires: Mon, 27 May 2024 00:50:03 GMT
last-modified: Thu, 04 Apr 2024 13:12:24 GMT
etag: "eddd5c106a76b4502201aa907edd2ce7"
cf-cache-status: HIT
age: 1855854
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: _cfuvid=WlP.HaJfXjmvC9UONcs.IE01rsb6zXWqA1uniTky9eo-1714092603868-0.0.1.1-604800000; path=/; domain=.highcharts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a2939618aeb503-OSL
X-Firefox-Spdy: h2

code.highcharts.com/stock/highstock.js

104.18.8.9

200 OK

132 kB

URL GET HTTP/2
code.highcharts.com/stock/highstock.js
IP
104.18.8.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerCloudflare, Inc.
Subjecthighcharts.com
Fingerprint4B:29:12:1B:43:1B:D7:5E:F0:0B:3B:12:5E:A7:8E:8B:C5:95:BC:79
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (63317)
Size
132 kB (131786 bytes)
Hash
cfa080c5c44fdf96532e131cd74184f4
78247c64ffe89c1408517359a523e416ded52645
ab347e0b48b7b4a73f5fccf21ef2770f4f7a6fbcc5a0ceacf5017e9f373bea54

HTTP Headers

GET /stock/highstock.js HTTP/1.1
Host: code.highcharts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 00:50:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 131786
x-amz-id-2: bAd276l/zLVbNiwYtEpXEfbfDhk5KKuM71LY0DcApFbAvVUa/Bd9URYAmeG7RsNfIL0W4MIIAp4=
x-amz-request-id: YT09VDWRP6BBZ873
cache-control: public, max-age=2678400
content-encoding: gzip
expires: Mon, 27 May 2024 00:50:03 GMT
last-modified: Thu, 04 Apr 2024 13:12:25 GMT
etag: "043e08820d9109123fbf88b5b7d84a06"
cf-cache-status: HIT
age: 1855843
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: _cfuvid=26t.wJm7wDI54uE8NuL07PX9rCJkbJxdEXsHcvSuFu0-1714092603871-0.0.1.1-604800000; path=/; domain=.highcharts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a2939628afb503-OSL
X-Firefox-Spdy: h2

code.jquery.com/ui/1.12.1/jquery-ui.js

151.101.2.137

200 OK

521 kB

URL GET HTTP/2
code.jquery.com/ui/1.12.1/jquery-ui.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://app.galpone.ar/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1002)
Size
521 kB (520714 bytes)
Hash
ab5284de5e3d221e53647fd348e5644b
75c20acdc6cbc6334fe2b918ab7afeec007f969e
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

HTTP Headers

GET /ui/1.12.1/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-7f20a"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 26 Apr 2024 00:50:03 GMT
age: 6894029
x-served-by: cache-lga21932-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 1595, 18624
x-timer: S1714092604.859800,VS0,VE0
vary: Accept-Encoding
content-length: 520714
X-Firefox-Spdy: h2

code.highcharts.com/stock/modules/data.js

104.18.8.9

200 OK

6.4 kB

URL GET HTTP/2
code.highcharts.com/stock/modules/data.js
IP
104.18.8.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerCloudflare, Inc.
Subjecthighcharts.com
Fingerprint4B:29:12:1B:43:1B:D7:5E:F0:0B:3B:12:5E:A7:8E:8B:C5:95:BC:79
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15743)
Size
6.4 kB (6350 bytes)
Hash
b69192002c1ca96f1d1cc9da625434d4
815d6e2c0dea57e50cb5ff2d74003dae5629c7df
792db2217a4362b7fb104073604aa073245a52a954a0a731e3ee76d727e8e9c9

HTTP Headers

GET /stock/modules/data.js HTTP/1.1
Host: code.highcharts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 00:50:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 6350
x-amz-id-2: MSBCBItI6EWrFUCiGa3p//STC8sCF8fiIsCGu9J4ZusKXFPVjPd2xE098SoMksUyGIHvkm63oM0=
x-amz-request-id: YT026CYTZWSNV17F
cache-control: public, max-age=2678400
content-encoding: gzip
expires: Mon, 27 May 2024 00:50:03 GMT
last-modified: Thu, 04 Apr 2024 13:12:27 GMT
etag: "fc23e27e7fd6ef9fccc26e19efba41b7"
cf-cache-status: HIT
age: 1855775
accept-ranges: bytes
vary: Accept-Encoding
set-cookie: _cfuvid=Q4xSVEfEKzP1zqc0Vf5kiVoM8dKjqmUV62Dqd2cdIDk-1714092603874-0.0.1.1-604800000; path=/; domain=.highcharts.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a2939628b0b503-OSL
X-Firefox-Spdy: h2

app.galpone.ar/images/FC.png

65.181.111.21

200 OK

170 kB

URL GET HTTP/2
app.galpone.ar/images/FC.png
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
PNG image data, 640 x 640, 8-bit/color RGB, non-interlaced
Size
170 kB (169671 bytes)
Hash
4c7495d2717c6d9d0efb5dbd94cfa2a5
005fb76ba915fea9832e02f6c1e59c5d27e2864a
99e3464443d88882a331cae95e758847be5709b2a41739ba0f62a3b9699f8d39

HTTP Headers

GET /images/FC.png HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 169671
content-type: image/png
last-modified: Wed, 29 Apr 2020 15:59:08 GMT
accept-ranges: bytes
etag: "1d61e3f1d77b8c7"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/fontawesome-free/webfonts/fa-solid-900.woff2

65.181.111.21

200 OK

78 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/fontawesome-free/webfonts/fa-solid-900.woff2
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/AdminLte/plugins/fontawesome-free/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 78196
content-type: font/woff2
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484ec074"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-bs4/js/dataTables.bootstrap4.min.js

65.181.111.21

200 OK

1.7 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-bs4/js/dataTables.bootstrap4.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (510)
Size
1.7 kB (1722 bytes)
Hash
f6efabd85fb5c418a848f5f0e0ba0f9f
fb6d36d07455c93fb3e3f6543b2f2e6e2cd7f89c
c7b7abf54cc3c6d4c454c090efb0446086b32f4398bd1d17b398116c2f5aec53

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-bs4/js/dataTables.bootstrap4.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484ff932"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://app.galpone.ar/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.galpone.ar
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:59:00 GMT
expires: Fri, 25 Apr 2025 02:59:00 GMT
cache-control: public, max-age=31536000
age: 78664
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-buttons/js/dataTables.buttons.min.js

65.181.111.21

200 OK

9.5 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-buttons/js/dataTables.buttons.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (560)
Size
9.5 kB (9481 bytes)
Hash
ce1c42a949303738ab70169d21456bd7
e737541ee14e75d59678382292e648d3431ec995
13baf10b24bc6d992af9b590b1c7d9be2ab0421bf6eb8623ba34457a3d0f9c81

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-buttons/js/dataTables.buttons.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484fbe57"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://app.galpone.ar/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.galpone.ar
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 20:22:13 GMT
expires: Wed, 23 Apr 2025 20:22:13 GMT
cache-control: public, max-age=31536000
age: 188871
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.galpone.ar/css/ion.rangeSlider.min.css

65.181.111.21

200 OK

18 kB

URL GET HTTP/2
app.galpone.ar/css/ion.rangeSlider.min.css
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
Unicode text, UTF-8 text, with very long lines (11083), with no line terminators
Size
18 kB (18311 bytes)
Hash
b57dd9f7b124f55f61a72b9b025cd560
449dbb3c20ee9a73750e4069cd35e10d95ec4a05
9efe6f481240ccfcbed3bf85bd1be157650fa47f3b1ff52758cac0ea76c483b5

HTTP Headers

GET /css/ion.rangeSlider.min.css HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 01 Apr 2020 23:06:26 GMT
accept-ranges: bytes
etag: "1d6087a2b54ae4c"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/favicon.ico

65.181.111.21

200 OK

5.4 kB

URL GET HTTP/2
app.galpone.ar/favicon.ico
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
9200225b96881264e6481c77d69c622c
27608d84e28f926b740038252240f715eeb9d2bd
26dc5ff4bfb9213291735808465e156d4a4691135f3815e3613761243e1f69c3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 5430
content-type: image/x-icon
last-modified: Sat, 09 Dec 2023 19:21:14 GMT
accept-ranges: bytes
etag: "1da2ad4dffa2436"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:04 GMT
X-Firefox-Spdy: h2

app.galpone.ar/lib/jquery-validation/dist/jquery.validate.min.js

65.181.111.21

200 OK

23 kB

URL GET HTTP/2
app.galpone.ar/lib/jquery-validation/dist/jquery.validate.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type

Size
23 kB (23267 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lib/jquery-validation/dist/jquery.validate.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Thu, 23 Apr 2020 17:46:50 GMT
accept-ranges: bytes
etag: "1d619972aa1fbe3"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://app.galpone.ar/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14780, version 1.0
Size
15 kB (14780 bytes)
Hash
8dae809192c44690275a3624133293e7
969c98c4d7eb00386ebbd61a63288972d138ecb8
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.galpone.ar
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:46:19 GMT
expires: Fri, 25 Apr 2025 17:46:19 GMT
cache-control: public, max-age=31536000
age: 25425
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/fontawesome-free/css/all.min.css

65.181.111.21

200 OK

59 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/fontawesome-free/css/all.min.css
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
ASCII text, with very long lines (59158)
Size
59 kB (59344 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/fontawesome-free/css/all.min.css HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484f16d0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/jquery/jquery.min.js

65.181.111.21

200 OK

90 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/jquery/jquery.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/jquery/jquery.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484eac9d"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.print.min.js

65.181.111.21

200 OK

2.2 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.print.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (2332), with no line terminators
Size
2.2 kB (2212 bytes)
Hash
ccc1c2651ca33c596cfa1a445f0cfd2e
a78601c74e1ee84320f018cc1c449159b366be39
9b507f31a944e108610c42126ff2b9951eee9b2a25f6d6bd2a49f2e81137acd5

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-buttons/js/buttons.print.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484ff9a4"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700&display=fallback

142.250.74.106

200 OK

10 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700&display=fallback
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://app.galpone.ar/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text
Size
10 kB (10237 bytes)
Hash
05bbe51e1797c27b6fce27a9938ab68c
04a03c665c9bf575928b393472bbb8f4f3c80f65
825492ba40e6bc3038f338f50ae5a96789325a8d1dfb6606faf2542b51283413

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,400i,700&display=fallback HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 00:50:03 GMT
date: Fri, 26 Apr 2024 00:50:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.galpone.ar/js/site.js?v=OAqEHc7i42-vBlvBx15epkmb-cEX5SXKeAJnSKdh5g0

65.181.111.21

200 OK

380 B

URL GET HTTP/2
app.galpone.ar/js/site.js?v=OAqEHc7i42-vBlvBx15epkmb-cEX5SXKeAJnSKdh5g0
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
380 B (380 bytes)
Hash
6525ba26c8e83dee21225e194922e428
dc98435469f63af736ffc585159cffd0d2969ec1
5e9162b018fd73939274822e7c0352e6e349bdbb0123973e0145e00f414b1c74

HTTP Headers

GET /js/site.js?v=OAqEHc7i42-vBlvBx15epkmb-cEX5SXKeAJnSKdh5g0 HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Fri, 09 Jul 2021 15:51:38 GMT
accept-ranges: bytes
etag: "1d774da4d57a07c"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables/jquery.dataTables.min.js

65.181.111.21

200 OK

84 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables/jquery.dataTables.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type

Size
84 kB (83602 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AdminLte/plugins/datatables/jquery.dataTables.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484eb792"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js

65.181.111.21

200 OK

1.2 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1299), with no line terminators
Size
1.2 kB (1244 bytes)
Hash
6c85b045f2e0a6dd65cb0d16a548f3a7
5e17588d569c8509d6d27adac7b5f1307dbc2cff
39a290adea9689ca39a1b3a45fea43b794e21d13a08423cca1830a6c007518ac

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484ff5dc"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.colVis.min.js

65.181.111.21

200 OK

2.8 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.colVis.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (2918), with no line terminators
Size
2.8 kB (2838 bytes)
Hash
2284bc8d705da3e0d0940dc93ffa2b3e
09090fceb9ff375da4985760cae85d3ca9426d2f
3eded91010c9a8b83008638e153a4284f86a011b6a513971e83206e48b7a2d1b

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-buttons/js/buttons.colVis.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484ffa16"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/css/site.css

65.181.111.21

200 OK

113 B

URL GET HTTP/2
app.galpone.ar/css/site.css
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
ASCII text, with no line terminators
Size
113 B (113 bytes)
Hash
5f8fb934a710ab44c0a2a4efa3790304
0e9ddef0416d734c994bdbc63d6e58ef6156fb52
45f8cccd3b9686336e56e43ab57b78faa2a38dc891e3b12cab2004536c9f5375

HTTP Headers

GET /css/site.css HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 22 Dec 2021 22:25:12 GMT
accept-ranges: bytes
etag: "1d7f782c8f49471"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/lib/bootstrap/dist/js/bootstrap.js

65.181.111.21

200 OK

78 kB

URL GET HTTP/2
app.galpone.ar/lib/bootstrap/dist/js/bootstrap.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type

Size
78 kB (77953 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lib/bootstrap/dist/js/bootstrap.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Fri, 09 Jul 2021 15:51:50 GMT
accept-ranges: bytes
etag: "1d774da547f9f81"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.bootstrap4.min.js

65.181.111.21

200 OK

1.0 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.bootstrap4.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1084), with no line terminators
Size
1.0 kB (1043 bytes)
Hash
d70e0a58547ce7939329b6b3eb473693
82362339abae437b3f2ef0dc6533b0e2c8f68cc9
30ddb3e4b50566d650326615a7d83570381145c464c508b1a945bd824d35c7ae

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-buttons/js/buttons.bootstrap4.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484ff513"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.html5.min.js

65.181.111.21

200 OK

25 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-buttons/js/buttons.html5.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type

Size
25 kB (24834 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AdminLte/plugins/datatables-buttons/js/buttons.html5.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484f9002"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/dist/js/adminlte.min.js

65.181.111.21

200 OK

44 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/dist/js/adminlte.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (44016)
Size
44 kB (44244 bytes)
Hash
2695ce7b6e4c03f3613657d5f2c3aa10
c91c7cb6f6433d957ff0812bcaace94cd016533d
755b3b63190824c756288c7e13867b28622bb07d8fecc1e3e160cdbf34f3b105

HTTP Headers

GET /AdminLte/dist/js/adminlte.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484f5dd4"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-responsive/js/dataTables.responsive.min.js

65.181.111.21

200 OK

14 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-responsive/js/dataTables.responsive.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (554)
Size
14 kB (14006 bytes)
Hash
9c08197a623203cd1bf273541b694308
fa895deac972f0ca3d77169039aca0ee1a04f34e
94d8439fdad60af6fb881f9aa512fe6e2e12b14ac728ba29bd8f251399ec7322

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-responsive/js/dataTables.responsive.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484fc7b6"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/flot/jquery.flot.js

65.181.111.21

200 OK

106 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/flot/jquery.flot.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
106 kB (105744 bytes)
Hash
1f31829c44e2cd54d9aff80995e11cfe
2252e407252885ae5d01e30c215cf8c28d34834a
f4720d183347e65a21a9dc7777ed3e4d2b609452453a270a2cfab0777b64c1ee

HTTP Headers

GET /AdminLte/plugins/flot/jquery.flot.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484e6c10"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

cdn.canvasjs.com/canvasjs.min.js

104.26.12.77

200 OK

492 kB

URL GET HTTP/3
cdn.canvasjs.com/canvasjs.min.js
IP
104.26.12.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectcanvasjs.com
FingerprintBA:2A:52:D1:5D:6E:95:44:B4:78:1A:80:20:6B:62:D6:45:E8:9A:02
ValiditySun, 03 Mar 2024 01:38:01 GMT - Sat, 01 Jun 2024 01:38:00 GMT

File type
JavaScript source, ASCII text, with very long lines (2024), with CRLF, LF line terminators
Size
492 kB (491657 bytes)
Hash
2755ec4fafe413f575c0a38b414db4b4
f6f0c9b82df8a83845ee691ee76eed89083bb9c8
9731f6cfbfc767c49fd22e4c222151d55fedd8941c39fa47eede69bd6298219a

HTTP Headers

GET /canvasjs.min.js HTTP/1.1
Host: cdn.canvasjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.galpone.ar/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 00:50:04 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 05:07:24 GMT
etag: W/"78089-616a869b49e30-gzip"
cache-control: public, max-age=7200, must-revalidate, proxy-revalidate
expires: Tue, 30 Apr 2024 05:09:08 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15552000
pragma: public
x-content-type-options: nosniff
cf-cache-status: HIT
age: 330053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zew7x4b%2Fs9lEoWhSjbzvQqglHJRUtHC4l8c8btvKySMKf4M%2BUAuSTFxBigoy5l%2FGHwr7EnSoEgys17Aw%2BwvpxSFEVrxxTUsfAaC56ToWv6lESJEVYrbGIS9%2FScpDn%2BBEj78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a29398c94c56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

app.galpone.ar/AdminLte/dist/css/adminlte.min.css

65.181.111.21

200 OK

1.4 MB

URL GET HTTP/2
app.galpone.ar/AdminLte/dist/css/adminlte.min.css
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type

Size
1.4 MB (1382975 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AdminLte/dist/css/adminlte.min.css HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed485aeb3f"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/bootstrap/js/bootstrap.bundle.min.js

65.181.111.21

200 OK

84 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/bootstrap/js/bootstrap.bundle.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
84 kB (84378 bytes)
Hash
f81d0a1705048649befc8b595e455a94
aec551e4d573463088fca7d14fb644eb389f1839
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484eb89a"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js

65.181.111.21

200 OK

5.8 kB

URL GET HTTP/2
app.galpone.ar/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, ASCII text, with very long lines (6028), with no line terminators
Size
5.8 kB (5766 bytes)
Hash
18a95d1a76f0a2528c0c3a26b097415e
77841ac57cf12fff186d86ceccd4f779830bed87
4e2bed928985558785cfb6bbe6f4b6f126c69cd0586ad5f2d914b04a356904c3

HTTP Headers

GET /lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Thu, 23 Apr 2020 17:46:50 GMT
accept-ranges: bytes
etag: "1d619972aa1b786"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:03 GMT
X-Firefox-Spdy: h2

app.galpone.ar/AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js

65.181.111.21

200 OK

1.2 kB

URL GET HTTP/2
app.galpone.ar/AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js
IP
65.181.111.21:443
ASN
#14670 WHG Hosting Services Ltd

Requested by
https://app.galpone.ar/
Certificate
IssuerLet's Encrypt
Subjectapp.galpone.ar
FingerprintAC:6B:FE:68:41:42:87:72:7C:88:5C:A4:A6:F2:7F:5C:E9:70:59:99
ValidityWed, 31 Jan 2024 13:11:27 GMT - Tue, 30 Apr 2024 13:11:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1299), with no line terminators
Size
1.2 kB (1244 bytes)
Hash
6c85b045f2e0a6dd65cb0d16a548f3a7
5e17588d569c8509d6d27adac7b5f1307dbc2cff
39a290adea9689ca39a1b3a45fea43b794e21d13a08423cca1830a6c007518ac

Detections

Analyzer	Verdict	Alert
urlquery	malware	Malware - Botnet panel

HTTP Headers

GET /AdminLte/plugins/datatables-responsive/js/responsive.bootstrap4.min.js HTTP/1.1
Host: app.galpone.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 22 Mar 2021 07:30:50 GMT
accept-ranges: bytes
etag: "1d71eed484ff5dc"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 26 Apr 2024 00:50:04 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

142.250.74.106

200 OK

9.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://app.galpone.ar/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (9733), with no line terminators
Size
9.5 kB (9509 bytes)
Hash
bdda5a3a4603330a56c4dfc9eef017a1
3a9538c488abd3076771c696d82b5c30384b25dc
e0743b660689e512f7ecb7d99cb7fc23f08f2211ee510b66f43525e4e286f5e0

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,400i,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.galpone.ar/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 00:50:03 GMT
date: Fri, 26 Apr 2024 00:50:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML