personas.hgdsa.com/panel/mua/img/error.jpg
200 OK
5363
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/error.jpg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 195x194, components 3\012- data
Hash
845eeed3b61d4c19ed0059c42fa7fc2e
ace747921c0b92d8451a1562759c867296c31b44
f68c633109e951014c6c401f878be7196c8894f6723215afb18388dbbbb83f1d
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/error.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/jpeg
content-length: 5363
etag: "14f3-5fce05bf2a362"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljWWEBmeTqamQaz8mJhFBtuWlDJwBf5z3aImpLQzxUTcSVwi55d4cKon4SlcZLHggRcmuzyoxxH0To5ySHu3MpXgMl9juiao%2FvDjeYym0edAI21bFJxkO%2BUZ4LrlMQ7RW3zooMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb85ebbb4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/info.jpg
200 OK
3438
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/info.jpg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 62x61, components 3\012- data
Hash
72f07f88a708281bb165235fb88649ee
d2e7284036b30a170dc68c2ad476d664234ed66c
13df691e5ad1109013261983ff6272aa37353f3b28525a9e8b0b29355a1ebec4
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/info.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/jpeg
content-length: 3438
etag: "d6e-5fce05bea749e"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyQpCtLDP4ykLc30RfoTjqGBgP9ULTLXI9zPap4ngA67eQkwxjLxS5Wur0bQGka3%2BUjlgPwGH%2ByonqVfX17W9Izcn4tejmoEDkmrJ%2BdSWldCNU4y9ct8r%2FVZpWa5J2qK6ukT%2Fqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb86ed2b4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/demo.jpg
200 OK
1465
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/demo.jpg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash
992039d1b794268d688a19b3563b7cd2
9116dbfe0fe620a6351952c1053017501537002f
61541605fc80557ad8cbc03b7d7ea64e94732198e536d4618dea0cb70191eb48
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/demo.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/jpeg
content-length: 1465
etag: "5b9-5fce05bef55d5"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G9om6tcThZsHq5Oph15V31KDg2UXffvaWZEYrdrLLnkwULPiW4JobigMngHCThQ7w0TSsuhgPLi7dAl%2BQh2Y7DhBd3gDfE9w6PcPq%2BKwCRbqHt8qK7zRfyTs%2BFxI8j0O66Jl%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb86ed9b4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/seguridad.jpg
200 OK
1935
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/seguridad.jpg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash
1aa9d62d948208093b507e8e1439b309
72f701f1204320b47d9966d5d0ed496a733adb80
1800e5e993450b4f547840ccb7abf5cd1f285f6cf9784b3ec23675528a49ff8c
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/seguridad.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/jpeg
content-length: 1935
etag: "78f-5fce05bef9e4d"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVR7CNfCW3TmlnPkfdEpntyHRU6t0i7DeoDQ0JPVSDzpgUkeJ2jH21S7qraWNI%2FHC4UQ38UE%2BQA6WJ5doFAYQOS%2BOutkyKUJ1CH%2FUr1gUwCIa9GsyVOkZwL6zS2opSDzybW1YKo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb87eddb4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/reglamento.jpg
200 OK
1764
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/reglamento.jpg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash
be3af886cffea048856b7fc77eaeebfc
96c0ec1895b5544070fd9c3ff371812ea04c7932
4d31c93eab87267a6e5e827fedd488a02c824a79ded4f00ef19f7431eaedab12
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/reglamento.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/jpeg
content-length: 1764
etag: "6e4-5fce05bf3d6ed"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJ1cXy6SDU%2BT6Bmc0TpPI38OfFk%2BQ1FGQpJu8xgF%2BPzo6vzecIrLEn6N3aFFUKCBo5RDWwOGr1ywyyAV%2B1uWvesw19gjhtMohGKjzsToSfwbYNTfpwUSOE74tnkcsVFSQn%2BuJww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb87edfb4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/politica.jpg
200 OK
2615
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/politica.jpg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash
7bb6c2ef23b43c8b8723d9e68ddf2fec
351b75536ef2c3244b7ba1eec7fe13215990a177
7b4d681b13b2beeab7a0dbd807eac72b762dec8e3bb18410776270a51860ac86
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/politica.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/jpeg
content-length: 2615
etag: "a37-5fce05bf48a6b"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdyPlHco6%2BMQbeoqqgsa7e80nAvGp%2BHKqmsM7DRRZGbqcLkDr7hsPCDs%2FMDOVxMs5Hso3QAYW%2B5ZWv4UXqOk6i7DlfKbSvZ5pUDA%2FH2hN68tLUJneDa0h9UCm4f95MI9e%2FTCI0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb87ee0b4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/card.jpg
200 OK
26702
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/card.jpg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 633x378, components 3\012- data
Hash
4490498f4895e2781d4316732e3a2790
b4ccf19a5d5805ca79764238be81ed9f9fe7aa64
a36553c875c3139f8d62695cf3aff92bd41fd4ac74baa337fa0cbce1c5927f14
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/card.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/jpeg
content-length: 26702
etag: "684e-5fce05beb0a10"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFg9OQmAC%2F1%2FWxMXwe1IiOvCpTlaLfv4VGmWZm9g3LcL4o66jR4iDyYwwk3GcwctIfFlhsnV0MV9GEYFoFl0DHs2f0Uu4cZ%2BSN4D80CTjjQENfW1jNkLDh8D%2FxzAlsZCEl9nX%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb87ee1b4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/lock.png
200 OK
465
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/lock.png
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash
e1fbae1c7cbb958401b23cc26991631b
51fc2948568be9ac415bb8d48171534c674d309d
022574e92ba7b69dd3e8f5da1882b053a893b97cf6bfe441753799dcc91655b6
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/lock.png HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/png
content-length: 465
etag: "1d1-5fce05bede7e4"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTf8gb4Q7%2FTcgzAlAkJnhZ2kpiF%2BkOZ3CYtYEWkcnlZJRjwtgbFHujR2c1aMS8DWZIHoSBUvOIG6nzIzmJA2BTeg8ste52JcqKKhIc34GWgS0dWX%2BW3sd6skWicpfGvJI6g%2BA0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb9c8bbb4f3-OSL
alt-svc: h3=":443"; ma=86400
images-cdn.info/444/image.gif
200 OK
43
URL
GET
HTTP/1.1
images-cdn.info/444/image.gif
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoDaddy.com, Inc.
Subjectimages-cdn.info
Fingerprint9B:95:3E:E4:E8:F5:63:C3:BC:A0:E0:3A:CA:BD:74:8D:50:61:82:2E
ValiditySun, 30 Apr 2023 18:08:05 GMT - Fri, 31 May 2024 18:08:05 GMT
Magic
GIF image data, version 89a, 1 x 1\012- data
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
GET /444/image.gif HTTP/1.1
Host: images-cdn.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 08:55:22 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
personas.hgdsa.com/panel/mua/img/logo.svg
200 OK
15759
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/logo.svg
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (667)
Hash
c049dccd21049cb237daabdb645ec648
e29af3f65a8312efd3ea4c3b66d4bd86657dde1b
2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/logo.svg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: image/svg+xml
etag: W/"1b6c-5fce05bf4431b"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFNkULLG747fN9Wt2XMIQq7Ab62o%2FTzySTvTZUoZT9oHQFb6r2BunECOqUCoBPwM%2B8XNgX%2B%2Fl2WxgfPjiYEht0Psi3ziZXGX%2BrO5AIrxim8ulqrZwygHdpVQCFI5ELRuqtV3Tec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb85ebcb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/logo.png
200 OK
9489
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/logo.png
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
PNG image data, 521 x 520, 8-bit/color RGBA, non-interlaced\012- data
Hash
2903c67701750d246b77ee1c1c9188f1
028e6e88d6563e81eb77807c38f401cf5e7f2be0
c2fd3f9e79070fdbcb7ed3270a428a6ecd22ae089ab6e573eb4dfe91079c41fb
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/logo.png HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:23 GMT
content-type: image/png
content-length: 9489
etag: "2511-5fce05bf2e7b2"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w69QUIMGTy7DP4B%2BEm3WgXrZRebbw%2BWbzlKZnUdWhDgnZQYjkPPNbN%2FKp83ZwjYW3C56x3bzXLb89piyY%2FMamEjEBSQeHReCemWY7kYrnt%2FLI%2BTtkVuVCny9dN0BtpsCGvGlv%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cbdae66b4f3-OSL
alt-svc: h3=":443"; ma=86400
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=45b9078c9f
200 OK
27592
URL
GET
HTTP/2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=45b9078c9f
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (27377)
Hash
5193a6de5225940ae4ef5f7c82126be9
fa2c2bdb52e9923ccf3387c5908459c9d11bff63
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575
GET /releases/v6.4.0/css/free-v4-shims.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5193a6de5225940ae4ef5f7c82126be9"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7309328e91f012108061822748228b68.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 2J3_IoLCm2U-lGkU4ZEzQIaJlboqDnlBLt8sNqksXEyCk1MT_POpPg==
age: 28435
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqAXNB41aH0KrKHW%2BTcBgI6jSph7Dx3Bf%2BgkEkY%2F%2BBBQtlFEdiscGyqdyeaI8GQiEMYonZQLuGPzA4YicHLAqwJjXm%2FlfYeXoMJE2AVagAbqyT7gxyRybYEHRBH7RsAT4ZaOop%2Fn2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d063cba5fca8873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=45b9078c9f
200 OK
1775
URL
GET
HTTP/2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=45b9078c9f
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (1803), with no line terminators
Hash
97b548129a2bcf8588519009187c2c39
945ad038ab7f6ddaee01dda882fc07dbf3c56af0
7792fc000372bac02c70b61f4e98f5c0af19f74a07176bb2ff117cacf7752d81
GET /releases/v6.4.0/css/free-v4-font-face.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"9e7f9f634ace089bcdacc3fcc5f23ce5"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24639548230786af4bba1a9e26c6080e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: RqvPWJKXZ9U4gLAIby53vbAUOF0s8uTtJzxPXkg7bkkLwCAkslHjJg==
age: 28431
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxoMYhAVW3T8650lq1Xqzq5AlsCCvbc1lhxJxdQo1lr6v%2BkUjsycl5i4dGas1F7MvnIrahtpa8J5s0dN65IKCBq7lEUCXNHQDFjOlPi6uq5vDRdz4gfcqVgfZ9PyKDG4aV%2BKqXIgPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d063cba5fd38873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/img/credit-card.png
200 OK
13267
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/img/credit-card.png
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Hash
bdc41207eda679871ea8d52c4f0f10d3
82173b5b660af8560810fe3a63de385d656b8966
f068b3c17360b06f6cde9c9b1acf5c54ee3f32becdbbd013abb3808f51bbe412
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/img/credit-card.png HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:22 GMT
content-type: image/png
content-length: 13267
etag: "33d3-5fce05bf37d97"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TRbtQA5VkmCxXGYUSP3frAY4jhuvCAbSFFwGFpcytgWaWIBPvJQXOAEDmX7oLi29LPIuE7lLsS2eiuFYaa1GMUoYwPrnOZLbytpY%2FM%2FD0fxMFcOoUJVy1OmN%2FL7FFtd48VMams%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb9a890b4f3-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/css/stylesheet.css
200 OK
2946
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/css/stylesheet.css
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
ASCII text, with very long lines (3126), with no line terminators
Hash
997ae37ceeacbd062fd1936a8cb50332
e37292cc1fdef4d71ac902383f5fba345b8f3749
f34be6d89d1ebb8a52e40ad2c961609bc7f21625c729aea6220d0eb45d15d0da
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/css/stylesheet.css HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: text/css
etag: W/"b82-5fce05be55b55"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPX10k4mXFGL6Zsn5UCOIACO9li24QNZ46APNWCUjnqMaPtbxl7vuCm95i5S8MZlvkMbWt%2FPeP20bSpA9jixCJDLf%2FyiJzW7ibnnBolo1zMIRtqs7zD4FK7w%2FqIJWLlrsMkoEoM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb84eabb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/js/functions.js
200 OK
3662
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/js/functions.js
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
ASCII text, with very long lines (3882), with no line terminators
Hash
b8c7a345d8f138cb36fae067adeba673
cbc5efeb3a227c7998c3c30288eca75bf9977673
35fbed899f30b0207c06f9af89e9e3ef37a1a9f98e666ca148da563d551ad0e4
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/js/functions.js HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: application/javascript
etag: W/"e4e-5fce05be7624a"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfyVtZCvc%2BXQITH%2FK4drgulhueDut60kjzMLd648WmAQmAo8vwQGoPpO8tZM5aYgl5b%2FTMUvWJSu0JtckiHGplxw2D5m7mqVRhew9BNQ637iS9fBzijpHquonzpAWs6UWv%2BkJlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb85eb7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/fonts/opensans/CIBFontSans-Light.ttf
200 OK
110612
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/fonts/opensans/CIBFontSans-Light.ttf
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved.\011CIBFont SansLight1.300;UKWN;CIBFont\012- data
Hash
69096387df83ff65381f8ee25006b0aa
89689ed7f7547a3815d9fa2d0a2c11513480086e
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/fonts/opensans/CIBFontSans-Light.ttf HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/css/stylesheet.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:22 GMT
content-type: font/ttf
etag: W/"1b014-5fce05bfd25c4"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkPJrNPqkKs7WUneLrW7rK5OgGlRERuZm1OTWoh8oyiouUMzv8LI0rQda6RcxUsacOqs6SlL%2B32ftaP0NK1hLrA7nKN79LgZq3vYKVXXSQx6AHyzbe4n%2FCo3OOUf4zQM0%2FXBA8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb9d8d8b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=45b9078c9f
200 OK
823
URL
GET
HTTP/2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=45b9078c9f
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (845), with no line terminators
Hash
2294fec50bebe1dc04d4936722c3c08e
05902d67eb724a4569ceeadb7b4e1eef75c0efee
1a0aefc152cf12c1e6ea5027b3449b301fddc172a581b382ff69216cd2c26781
GET /releases/v6.4.0/css/free-v5-font-face.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5856e3f07fbc36fc4d430a95a577a87f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 b3d26bb0853726fb30b0576bc254ef10.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: y6mvxvlIQs4UsMZYOKmpXdvWOy1dcxMVNg5xCCHfHunhGjlwSymDag==
age: 28349
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGD7j95TsMJoOfz%2FQEeJcnK%2B%2BLaCMhquR2N1b86pgS7YGRBEWVdp4kvevm7LX1lkpGrkpvmK6y7AIeyYFYsCxn9iTG8R7COpkytPpY%2BdckVXQqE7jfWbiMa32KvfKeGxbHjgkrdvdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cba5fc58873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/45b9078c9f.js
200 OK
11642
URL
GET
HTTP/2
kit.fontawesome.com/45b9078c9f.js
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (11213)
Hash
4bd9069d73bafec4f521d96f6906bc88
83fa8c0cd6f47b8853fb2918d94038a266b204c3
25df965d3072c488ae070664d2574e64220e08a3d1a0c1282c8f83bfb80a7bab
GET /45b9078c9f.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F2P77Fk1A8lEpbgAB1wC
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 7d063cb86cf1b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/css/style.css
200 OK
6009
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/css/style.css
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
ASCII text, with very long lines (6818), with no line terminators
Hash
c336cc87007f639f2b6282f744233afe
1edb56913d600419c86ad0173b7a2a37711c4233
4095ccc9e9de7b596e76cb91ede4f9d80c7bf1115ffd88e043aee2cf366db197
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/css/style.css HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: text/css
etag: W/"1779-5fce05be5ba01"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0EA8AmgkoOpMUF0vIEIItiobELI6pT%2B2mSWX4sRQpYuueqr%2F7ztBQuSErmUviEsTYDBum9XCUPaE%2FK47MxVa6hDT2ilECrVQWO%2BAfXCrd5Qmo5Y%2FswYtWiK3V77dJpUTgJCdIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb84e9fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/fonts/opensans/OpenSans-Regular.ttf
200 OK
217276
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/fonts/opensans/OpenSans-Regular.ttf
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Hash
d7d5d4588a9f50c99264bc12e4892a7c
513966e260bb7610d47b2329dba194143831893e
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/css/stylesheet.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: font/ttf
etag: W/"350bc-5fce05bfe7f4d"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPQKoNjxXKdaMcK%2BiHpWmlxMEOGF75wj6B7SJFtJ8DZQea%2FoQG58GHKhPNqhTuRhe9099f%2F%2B5yDrsD4nTq4jE5honcsS%2BntTtid7zFzT5btAS2jo6r5HMoNXA1KxzrOtAdIK0mg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb9c8b9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/js/jquery-3.6.0.min.js
200 OK
89501
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/js/jquery-3.6.0.min.js
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
ASCII text, with very long lines (65447)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/js/jquery-3.6.0.min.js HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: application/javascript
etag: W/"15d9d-5fce05be6e06b"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKXRxWYZJ7GfjgBHOFEUfcH8weCeXbwCEHpqJumlPuXx%2BbzlVhSrgoqLCuikw9KLpHIzWw6UYIY1yXsBwz%2FzgMWk1T8u7Qi6kZJg11XL1cOk6U%2FOBvws2vx8RGxKeDuy8q8%2By%2BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb84eacb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=45b9078c9f
200 OK
102557
URL
GET
HTTP/2
ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=45b9078c9f
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
Magic
ASCII text, with very long lines (65321)
Hash
5febfb939e2fc4ddf14fffae53b72cf0
e0e62217708a9cfd0b78a8574e07a66d95cf1344
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1
GET /releases/v6.4.0/css/free.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 08:55:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:21 GMT
etag: W/"5febfb939e2fc4ddf14fffae53b72cf0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: tLhSJz9oXBywDv4dc9Nj3kMlm7X1WBxEiSrM8skCuHV-XWnOwNsLkg==
age: 113338
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzFCTAcRMf%2BFESyXJyqnY5NBCAy9FuDF4mjAZLuQRFm6OtlV7IxaEPAD%2BHwfQ3sKqhcem%2BdndoExW8jEuEl5mKBm5I1Q9YJiDszDZANl4QbqRPDzgPaprRXi0DgaJ9gj9KcKiOou%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d063cba98378873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
200 OK
9876
URL
User Request
GET
HTTP/2
personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
IP
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (11949), with no line terminators
Hash
d8f108c912084a0186e502fdf6763b04
7760634b745300b95771fbe7879b2ca8488e1456
7cbe12edb90efc6cb34b721f0234fb55875964ddddb54a5d8c26fe0fdd457960
Analyzer
Verdict
Alert
quad9
Sinkholed
GET /panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/ HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLgri65tAMWyygUb6JaO6lf3UknEr5lTRjvSPC84RFIDlhq3QaXshoCJ1%2Bb8fiTGvffslSx50bU0BhLeosg0aRtdKXgQx0GyEwzeAJrQDj3NLanEouszilIRmKNmGD%2Bulcpjtnk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d063cb50e130b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/js/jquery.jclock-min.js
200 OK
3337
URL
GET
HTTP/3
personas.hgdsa.com/panel/mua/js/jquery.jclock-min.js
IP
Requested by
https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Certificate
IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Magic
ASCII text, with very long lines (3485), with no line terminators
Hash
552f8daf31a5ada0cc58457b80523305
87a3070b3d7acf3f83ac22f1a2443199648f02e4
8c97612b3b2289ae2d216af6b4e69fb218d78cc2f6c48e05cabfe8bb3e841fe6
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Bancolombia
urlquery
phishing
Phishing - Bancolombia
quad9
Sinkholed
GET /panel/mua/js/jquery.jclock-min.js HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/validatecard/scis/j6unvhzsitlyrxstpnfun4tssjgejkn7dldp6fxsjfxo/3d/no-back-button/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 08:55:21 GMT
content-type: application/javascript
etag: W/"d09-5fce05be92c11"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kmz21lkeNHTvBH9sGv6jQhotoHC5ty6lKwTpTfE3y180KzIfL%2Fw1K2wzWBaXx3e9xKFx%2BomIQhF7raVLzlMEaHqwTmviBkpeyJEux%2BGvGVWequPzh%2FbQNfSMJUmHX7ykwhn1pxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d063cb85eb5b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
188.114.96.1
54.86.140.52
104.18.23.52![URL personas.hgdsa.com/panel/mua/img/error.jpg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2ferror.jpg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/info.jpg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2finfo.jpg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/demo.jpg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2fdemo.jpg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/seguridad.jpg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2fseguridad.jpg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/reglamento.jpg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2freglamento.jpg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/politica.jpg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2fpolitica.jpg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/card.jpg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2fcard.jpg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/lock.png](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2flock.png"){kind=link}
![URL images-cdn.info/444/image.gif](/search?q=http.url.addr:"images-cdn.info%2f444%2fimage.gif"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/logo.svg](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2flogo.svg"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/logo.png](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2flogo.png"){kind=link}
![URL personas.hgdsa.com/panel/mua/img/credit-card.png](/search?q=http.url.addr:"personas.hgdsa.com%2fpanel%2fmua%2fimg%2fcredit-card.png"){kind=link}