ushuaia-tour-tickets.com/bundles/seguloginclientless21b1?v=9ZoP9ZFYiPx6cKccgyoSkhtYxZ89MVu0hcQrXZ7YUtM1
200 OK 436 B URL GET HTTP/3 ushuaia-tour-tickets.com/bundles/seguloginclientless21b1?v=9ZoP9ZFYiPx6cKccgyoSkhtYxZ89MVu0hcQrXZ7YUtM1
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type ASCII text, with very long lines (436), with no line terminators
Hash b5b11848c082822cdadac05e9f169809
d4373a43ca4cc74d1e3a9a1da6fc1c61853c38c1
b8f28cd9cc6257cdefca49414abb41ad8eabfaf681b33663da840e88d72ebfbd
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /bundles/seguloginclientless21b1?v=9ZoP9ZFYiPx6cKccgyoSkhtYxZ89MVu0hcQrXZ7YUtM1 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-length: 436
last-modified: Wed, 30 Aug 2023 13:07:26 GMT
etag: "1b4-604239be35f80"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZkdzpZJWXpWDg9XA6X7RuTZPe3e%2BtT0XUJg3e5pbIZdL8uEogM2AvxT0U3ciKlQL7pDvwG%2FnSq0oYqvEalXCecI2x7ITlP9R5%2BJXRAEhcH1dA1g%2BoBcfb%2B3PhxXT85LTjaXXORncGOMYK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ff59e9dcdc0b521-OSL
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/bundles/sharedout3c32?v=yUVXBWmo0YLvqtcuMIP0Y22eKqXQ2dPOQceK5neEn3Q1
200 OK 387 kB URL GET HTTP/3 ushuaia-tour-tickets.com/bundles/sharedout3c32?v=yUVXBWmo0YLvqtcuMIP0Y22eKqXQ2dPOQceK5neEn3Q1
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type Unicode text, UTF-8 text, with very long lines (65435), with no line terminators
Size 387 kB (386613 bytes)
Hash 9861fa51e74a108f05a388c4bc7547ec
6227ce8903aafc40485e4adda69f945bcd25ed4e
c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /bundles/sharedout3c32?v=yUVXBWmo0YLvqtcuMIP0Y22eKqXQ2dPOQceK5neEn3Q1 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-length: 386613
last-modified: Wed, 30 Aug 2023 13:07:26 GMT
etag: "5e635-604239be35f80"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z8DUz8vZZ%2B1V0aErfPdxTV%2BPzXj6eg2e3ac8Tj%2FKjM5lzBINzDYfw5%2FKSeHZ1TKNVuMX8xUOWuLqq2wO%2FBqvXvx3Nj6btGB%2BWzFobW2CtYS1Ei%2B3MIJCsKJFzJsqdk1En4z%2FMxWSLU8yh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ff59e9dbdb8b521-OSL
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Content/fonts/fontawesome-webfont.woff2
200 OK 77 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Content/fonts/fontawesome-webfont.woff2
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /Content/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/Content/default.minb04f.css?v=638144006175890000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: font/woff2
content-length: 77160
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: "6410bb94-12d68"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2F0AJjGIw5a7qC5LCobiD%2BiPSaEkZcWfBzRLRVIOF12f57OxKCCtJ2ulOQDlcPNqdllD%2FCyhHn4sbMURx20m8y5gu7pDTZIMGsURPNKOiXpD3Fk3WPG0P%2FrgiT0SOZWx1CPXpOLX2bvpgDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59ea15910b521-OSL
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Scripts/Keyboard/simple-keyboard.min.js
200 OK 95 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Scripts/Keyboard/simple-keyboard.min.js
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type ASCII text, with very long lines (19664), with CRLF line terminators
Hash a612f43ac7a772299cd22ae00fe4b155
63bd384f651a4b40e9455dbc7994eb60f9029329
7e921853f362fcf37da6f2eb321fd8934d0106ee76d1e0af3741089580410257
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /Scripts/Keyboard/simple-keyboard.min.js HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Aug 2023 17:15:38 GMT
etag: W/"64e4ed3a-4eff"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NqJKAaJejhOI%2BHNcFqmZPLg0qqapu875QVQv6T77YqjtBn6hPoDlcIAtWhZGx%2FYSncFmCJouivRuNdB6FlBSiDKQ8l1yfjJlpL8LggZerb3O2lXDeO%2F7FaSEJm59HT0OigX377y2jX2MPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dede1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=ushuaia-tour-tickets.com&href=https://ushuaia-tour-tickets.com/login.html
200 OK 67 B URL GET HTTP/3 gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=ushuaia-tour-tickets.com&href=https://ushuaia-tour-tickets.com/login.html
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintED:A8:B6:D5:70:3E:97:D9:F2:B4:7C:B1:2E:5D:0B:BC:EF:CE:8A:47
ValiditySat, 05 Nov 2022 00:00:00 GMT - Sun, 05 Nov 2023 23:59:59 GMT
File type PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data
Hash 06707af2ef27f407df4958d3abf2a9f7
874a600942cc18a6c71a96ee2e19fecd42886bfb
089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=ushuaia-tour-tickets.com&href=https://ushuaia-tour-tickets.com/login.html HTTP/1.1
Host: gal.bgsensors.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: image/png
content-length: 67
x-frame-options: SAMEORIGIN
vary: Accept-Language,Cookie,Origin
content-language: en
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx6DoWcZF8slZWwBHevkeHVCJsVVAYO8Ji9aKQYiaF1iVwmEtdPEffM0MYEWcZQ602%2BXvPgyabtdRJOn89Y%2F7KpkcGGN96TOb8DdEYuYgnAZlOndpvsIENMKnMismydvRkM7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ff59ea14de5b527-OSL
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Content/default.minb04f.css?v=638144006175890000
200 OK 141 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Content/default.minb04f.css?v=638144006175890000
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 141 kB (140969 bytes)
Hash 5091ed597e6c5a93ea5c78389978be89
b3fd163f30291cfa95bebe7040a7b9eeec632281
c32417bb5d310248422e97e301de46231ecf1d440acf9b06d0b6aa754ce74d6e
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /Content/default.minb04f.css?v=638144006175890000 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/css
last-modified: Tue, 14 Mar 2023 18:23:38 GMT
etag: W/"6410bbaa-131e71"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnBTe9HUiUOJtqlUFnS96JT%2BNBJ5N5GuEXyuZTkXuufSoxa0qINoAZkSqx%2FYL%2FSK0oYmLhg7cCRSuJBd5L4zrW0w%2ByWQmRm4JYCcEy6%2BNI%2BSLjKdj0zX7drjd9SJ2n%2BYOI%2BEnEa66V6uU6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dbdb2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Images/favicon.ico
200 OK 1.2 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Images/favicon.ico
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b700b544f2fa87e37e6b728fef00fcb0
c0735fa743392c2f3032c22d241854b88832cdb7
f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /Images/favicon.ico HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:58 GMT
content-type: image/x-icon
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: W/"6410bb94-617"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fXsOmrdlQLayLnFbKQ0JahgW82%2BXb2ehDjOlcMpzzdSzfnGP3jvVqkAP8DvOoX8SIs%2B%2F%2FUuzEOgTvTv3E%2F%2FfWejhCY%2FqSE71nj5AFeAtOQ%2F5zrG0kC4ag%2FfJcbmjAALAyC1YB1og%2BxUutI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59ea31ab3b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Content/Keyboard/keyboardf832.css?v=638144005969550000
200 OK 145 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Content/Keyboard/keyboardf832.css?v=638144005969550000
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
Size 145 kB (145086 bytes)
Hash cde47bbdcc48b7a1883bfa6ff9461e1b
df0ffcc2e83ba3da25ffdb9e4dfe70165e1f34a8
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /Content/Keyboard/keyboardf832.css?v=638144005969550000 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/css
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: W/"6410bb94-1ec"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1%2BYmXDOMzs83tO9d8bI7aySSdvQpGzBtayiEsyV4v5hosecv2Hh6UNJ%2BRQIgjioYeHCYljCniTHt9ob58Ye679Nni1Zb4SXSQDDPnyf5V3zX51k7Liol3mSAEEJF4kKw7M6IpqXrL3SrYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dbdb4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
200 0 B URL POST HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ushuaia-tour-tickets.com/
Origin: https://ushuaia-tour-tickets.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Thu, 31 Aug 2023 13:28:59 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://ushuaia-tour-tickets.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
200 115 B URL POST HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c7c43abc739ead02ce8758db4c1b861
d208689651f01ffd52bd53bd52b18332bc260c52
55e76e796dfdcf9af1dcd679c7aa85f9c2253991121b75885f93fc475c486d46
POST /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 9903
Origin: https://ushuaia-tour-tickets.com
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Thu, 31 Aug 2023 13:28:59 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://ushuaia-tour-tickets.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: herok=2886860804MgfJST8cUEoAI8vlXV8fvJxMNGxJld; Expires=Thu, 31-Aug-2023 13:58:59 GMT; SameSite=None; Secure
kirby=2886860804MgfJST8cUEoAI8vlXV8fvJxMNGxJld; SameSite=None; Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
sifo.bancogalicia.com.ar/requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
200 0 B URL POST HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------237993949912935836743199974423
Content-Length: 76505
Origin: https://ushuaia-tour-tickets.com
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/
Cookie: herok=2886860804MgfJST8cUEoAI8vlXV8fvJxMNGxJld; kirby=2886860804MgfJST8cUEoAI8vlXV8fvJxMNGxJld
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Thu, 31 Aug 2023 13:28:59 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://ushuaia-tour-tickets.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
ushuaia-tour-tickets.com/images/favicon.ico
200 OK 1.6 kB URL GET HTTP/3 ushuaia-tour-tickets.com/images/favicon.ico
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b700b544f2fa87e37e6b728fef00fcb0
c0735fa743392c2f3032c22d241854b88832cdb7
f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /images/favicon.ico HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: image/x-icon
last-modified: Wed, 30 Aug 2023 11:54:06 GMT
etag: W/"64ef2dde-617"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LZaABGizRN%2FIuxEVV4CAMAAqK7jN0njQtH7iKXEZfimH2eXl8bZ3twrijLDOpOUkDvYbH%2BfA6hgPevgpOYBzmUZVYCCiOA7rEnPnFw%2FW%2F3PfnFZCgSe4m83QL3fGULybDSe5NqgwfbvWNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dcdc4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Scripts/Keyboard/keyboard.js
200 OK 6.2 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Scripts/Keyboard/keyboard.js
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type Unicode text, UTF-8 text, with very long lines (6839), with no line terminators
Hash 72cf2473e49e7955b18a2798674d949c
f0336fdcc05891327137feb406207dc875ef382e
5601483953a7ee4bf36f4c076c964af58e356fbe9cf9c6411aa79db0c3c3eade
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /Scripts/Keyboard/keyboard.js HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Aug 2023 17:15:38 GMT
etag: W/"64e4ed3a-1864"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgjFoGomKU5JZ18ZjpK1Mo7EjYREOR63d%2B6tajTbbqtqDL8cqm6Mw9wegSGiugnYFH2V641qvg45sBGjzttnmqFvlxcLPR8PhqZFyr70IdXBL6oPxrZ1K0m%2Bhsq4OdpwMIl1HrtKmftmwdk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dfdefb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
logo.prismasystems.com.ar/db_carga5.php
200 OK 2 B URL POST HTTP/1.1 logo.prismasystems.com.ar/db_carga5.php
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerDigiCert Inc
Subjectlogo.prismasystems.com.ar
FingerprintF2:C2:D5:FC:E5:7B:62:41:EF:20:00:9E:2E:56:BA:CD:87:6F:80:B7
ValidityWed, 19 Oct 2022 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 71d843ce41a510ff59d9ea5fada3a64e
fefd85ff9a8ce98a5c336761d8686e6b7d3ec689
eacde090d9dffa516f03eb5dc32abc07fce0192b388603903ceda593faf2da44
POST /db_carga5.php HTTP/1.1
Host: logo.prismasystems.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 200
Origin: https://logo.prismasystems.com.ar
DNT: 1
Connection: keep-alive
Referer: https://logo.prismasystems.com.ar/galicia/logogalicia.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 31 Aug 2023 13:28:58 GMT
Server: Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.30
X-Powered-By: PHP/7.3.30
Set-Cookie: PHPSESSID=mrbkcv0itf8e0od44braui530h; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 2
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ushuaia-tour-tickets.com/Scripts/FrontFunctions.minb6b4.js?v=638144005966680000
200 OK 28 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Scripts/FrontFunctions.minb6b4.js?v=638144005966680000
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /Scripts/FrontFunctions.minb6b4.js?v=638144005966680000 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: W/"6410bb94-6ec5"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2v1WMwbGCfZ9qngphxFtep38iTiz4RxdDMR6yf%2Bp6sGVeiitqEjpR9cOTq6XRLme0dEqIKjjQ4JgOO55SHAbVJmdGjO97KELxsSx3HaUDOelrS7KETehlQJSvfzvMfXmu%2FgG%2BOdnnLCdaiI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dbdb9b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Content/customcarousel.min381b.css?v=638144005967530000
200 OK 1.9 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Content/customcarousel.min381b.css?v=638144005967530000
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type ASCII text, with very long lines (1950), with no line terminators
Hash 98ce1a478d89aff08d330571a314122c
5b284286049e7e3a46c3c987ce47430d337e597d
47c1e021c2663eb1c117200d485a307af62f3b4b121f34e8d26028143f8e35de
GET /Content/customcarousel.min381b.css?v=638144005967530000 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/css
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: W/"6410bb94-79d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbgRYG5IQqkIOzJPngOGcepwx5G6GUlR3L5x8%2BqNJ3MKY%2BHd7ODBqysN3D5QnmebwiruHViau199xTnK05OogYrENn04zR%2F45xo9gQ1t2%2BCvLKebQ6vdv4%2FB4MaHErcQaKKXeNcMHWVe9jk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dbdbcb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/images/assets/logo_ios_152x152.png
404 Not Found 286 B URL GET HTTP/3 ushuaia-tour-tickets.com/images/assets/logo_ios_152x152.png
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c8c2cb262f948fcb45fe76654e8aec9c
389465e2c3513bdfacd1acd94b3d6558176b04f9
8e1a5fd5795dd2da553c81747501886f26c08da6f3a0e420197bf6b230354157
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /images/assets/logo_ios_152x152.png HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 31 Aug 2023 13:28:59 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj2aQtLSmyF1A7HGVG2uPO09bxo8qBh10KhBk7koz62GDoD0GeZR%2Bxpcwl7GvhS38uMg6XVcLn5qQj3r0Pn3LO4SWdSR%2F1wZUNRRo0ZK1oQ0awAqjec0v9xigem8ngDlj%2BCnN6LmMvjiA9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59eae2c39b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Content/bootstrap.minecdb.css?v=638144005967340000
200 OK 124 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Content/bootstrap.minecdb.css?v=638144005967340000
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
Size 124 kB (123759 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /Content/bootstrap.minecdb.css?v=638144005967340000 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/css
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: W/"6410bb94-1e36f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEZun5brAK7NOo7f2gQyGeLd6CHgjkXZlwvq4xXYg0joaHNykHUjhdUkSEC2y%2FK2tvfzJcPY%2FTyjvi0%2BLf4jS2rEH8KB5e3BTtimd1x8K7dkD%2FyNMzApp%2FIycrh3vB%2BfCz1uD6kHlRekY5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dadb0b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Content/Keyboard/simple-keyboard54c0.css?v=638144005969570000
200 OK 2.8 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Content/Keyboard/simple-keyboard54c0.css?v=638144005969570000
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type ASCII text, with very long lines (2904), with no line terminators
Hash a755b516010073994ad76ef39be416a9
ce4d36ae188aacdace175488626dcf907bed507c
9e3f3537862c456e27e43e86f43d04beb6fb76014c877b786ce9b30232f968b3
GET /Content/Keyboard/simple-keyboard54c0.css?v=638144005969570000 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/css
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: W/"6410bb94-ae6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcIYpA2ZFUXebszuXqDPdJ0FrWqswLkYTE7QOMAveqHJGaKuZBC75Jf3BX2ouhuHU9lrGFPNI2fU2pNGd%2F4n1BDLeWtamluUamj499eWcpzXdoPjGHL69DwYqeng878dvAl3MY3oYAy8CeY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dbdb5b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gal.bgsensors.co/api/bgsensor/ccfac30f-772d-4a29-a82d-798db50348bb/f1192f0f-5749-4cea-8568-14c0bae9b5f0/
0 B URL GET gal.bgsensors.co/api/bgsensor/ccfac30f-772d-4a29-a82d-798db50348bb/f1192f0f-5749-4cea-8568-14c0bae9b5f0/
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintED:A8:B6:D5:70:3E:97:D9:F2:B4:7C:B1:2E:5D:0B:BC:EF:CE:8A:47
ValiditySat, 05 Nov 2022 00:00:00 GMT - Sun, 05 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /api/bgsensor/ccfac30f-772d-4a29-a82d-798db50348bb/f1192f0f-5749-4cea-8568-14c0bae9b5f0/ HTTP/1.1
Host: gal.bgsensors.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
vary: Accept-Language,Cookie,Origin,Accept-Encoding
content-language: en
access-control-allow-origin: *
last-modified: Thu, 31 Aug 2023 00:50:31 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 17127
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqoUlfEaez0HlEGhMTLF9CRX9WOzlpGfoBdQNAJVHiP0PXJdzBNWZEn%2BFDxpUFqPgCNnrx2tmhjZPpNJbaCbQV5hT7iH%2FgRNREB68TV2EPkP14cR%2F%2BgFbtpm9oK1Ad9lzX9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ff59e9e2930b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ushuaia-tour-tickets.com/Scripts/Keyboard/polyfill.js
200 OK 1.8 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Scripts/Keyboard/polyfill.js
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type ASCII text, with very long lines (1890), with no line terminators
Hash d4f113fbcdafa7fba4ff082c6be78bad
0a2b93b3592fbfc982edcf8f4d19b60517e8dfc7
7c8bddc7ab8153caceb6cea302288160396e0b8eb7bacc7d30dae77848663cf0
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /Scripts/Keyboard/polyfill.js HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Aug 2023 17:15:38 GMT
etag: W/"64e4ed3a-6f6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5E%2FgiY%2FCvNMReMHWTJr4Q4lvr2SZKLHR1kO2q%2FsAtoQ6WMrO1OiRT1wRHNaauYJF7lPqhYfzzNkQOTLZ0nN4SgxJsl4CR2yXTzm%2FG79W%2FaKVzbYTgBNLTD33jLjij%2BygLBtUd5UujC08hg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dfdecb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/www.googletagmanager.com/gtm5445.html?id=GTM-M6B9RZQ>m_auth=En2Tx4QzRBluIcijUPWN-w>m_preview=env-2>m_cookies_win=x
404 Not Found 286 B URL GET HTTP/3 ushuaia-tour-tickets.com/www.googletagmanager.com/gtm5445.html?id=GTM-M6B9RZQ>m_auth=En2Tx4QzRBluIcijUPWN-w>m_preview=env-2>m_cookies_win=x
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c8c2cb262f948fcb45fe76654e8aec9c
389465e2c3513bdfacd1acd94b3d6558176b04f9
8e1a5fd5795dd2da553c81747501886f26c08da6f3a0e420197bf6b230354157
GET /www.googletagmanager.com/gtm5445.html?id=GTM-M6B9RZQ>m_auth=En2Tx4QzRBluIcijUPWN-w>m_preview=env-2>m_cookies_win=x HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDvgh65pRj9i%2BI4KcFSSPMOD5UZehGIGVQ5DyshSO%2FYKt6fgU2uJGlYMy5nSfyPD3wXQ88jJgYL3nc%2BwKq3Cpj%2BvmbSByHUfsl2NSiPqQCGguEibC3F%2Bw2b0BPTrdeChMRDdg%2FCVUuOl%2BgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ff59ea128f4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/login.html
200 OK 69 kB URL User Request GET HTTP/3 ushuaia-tour-tickets.com/login.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
PhishTank phishing Other
GET /login.html HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 30 Aug 2023 13:53:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWkIByBD28uu1YXTtq9gKO2A%2Fqup5lqLF357BKbSm24myN49XXvuwyujrfhl849QdwDd1hgHnz%2BVoIaDmob3eMBRom1Wb%2FrsZsj4%2F6EvTReSJbGEHElLLAcXAmGPRjdQNXi6juFGwER5ByY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ff59e9c8cceb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/images/assets/logo_ios_152x152.png
404 Not Found 286 B URL GET HTTP/3 ushuaia-tour-tickets.com/images/assets/logo_ios_152x152.png
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c8c2cb262f948fcb45fe76654e8aec9c
389465e2c3513bdfacd1acd94b3d6558176b04f9
8e1a5fd5795dd2da553c81747501886f26c08da6f3a0e420197bf6b230354157
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /images/assets/logo_ios_152x152.png HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 31 Aug 2023 13:28:58 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1BMEFMHeNfr3s6nGg9QvJyAk1OoPWFa5r5lbhFspWY0wnUCtDB52ALAd9ZLy6XEO6%2BonAxpuopcgTKL8xT9bu68HXbbDgDnRzkCHMKnhnlhW0aP4%2BEbhGWYMHbEBfFtkzRWPSNJLO%2FsEXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59ea31ab0b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sifo.bancogalicia.com.ar/requestserver/script/v1/24v9k/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
200 145 kB URL GET HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/script/v1/24v9k/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (937)
Size 145 kB (144851 bytes)
Hash 677a84e29ff97159a1277474c9a7fc53
5e8beb3455108ccb522be6d89f7d4964b3253fc4
411d6b7074f4884d51d097dfcbeee5462fea46a76a9958c1410cce120c852c78
GET /requestserver/script/v1/24v9k/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Thu, 31 Aug 2023 13:28:58 GMT
Content-Type: application/javascript
Content-Length: 144851
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
logo.prismasystems.com.ar/galicia/logogalicia.html
200 OK 5.0 kB URL GET HTTP/1.1 logo.prismasystems.com.ar/galicia/logogalicia.html
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerDigiCert Inc
Subjectlogo.prismasystems.com.ar
FingerprintF2:C2:D5:FC:E5:7B:62:41:EF:20:00:9E:2E:56:BA:CD:87:6F:80:B7
ValidityWed, 19 Oct 2022 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (5410), with no line terminators
Hash 7ac1c2110e6b8a94e5a0c0f83deadd26
bf0b0e782cd8358789f703f43713762f7688cf19
d26c5436e1353012e01e08494294dac107fb8c7a8fea34f23696a88337acf87f
GET /galicia/logogalicia.html HTTP/1.1
Host: logo.prismasystems.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 31 Aug 2023 13:28:58 GMT
Server: Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.30
Last-Modified: Fri, 19 Mar 2021 17:25:09 GMT
ETag: "1385-5bde6ff784397"
Accept-Ranges: bytes
Content-Length: 4997
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ushuaia-tour-tickets.com/images/art/99-Aut%c3%83%c2%b3ctono-Guillermo-Bas%c3%83%c2%adlico.html
404 Not Found 286 B URL GET HTTP/3 ushuaia-tour-tickets.com/images/art/99-Aut%c3%83%c2%b3ctono-Guillermo-Bas%c3%83%c2%adlico.html
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c8c2cb262f948fcb45fe76654e8aec9c
389465e2c3513bdfacd1acd94b3d6558176b04f9
8e1a5fd5795dd2da553c81747501886f26c08da6f3a0e420197bf6b230354157
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /images/art/99-Aut%c3%83%c2%b3ctono-Guillermo-Bas%c3%83%c2%adlico.html HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/Content/default.minb04f.css?v=638144006175890000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3hFX%2FuPLnwQxanAez0iodWtpiwcTcc2AfVzRbODlvkepwdDszpyZB1W%2FV9YBorRO9pssT4impioikVVOeZ7tDFaWS4ht4%2BeEU4DREEiZREYHTOvI4uif2CvW8Un3F7Z9Z191s82N8Zse7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ff59ea1590eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/Content/fonts/Inter-Regular.woff2
200 OK 89 kB URL GET HTTP/3 ushuaia-tour-tickets.com/Content/fonts/Inter-Regular.woff2
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type Web Open Font Format (Version 2), TrueType, length 89212, version 1.0\012- data
Hash bffaed793493dc46bf0789e2275909ac
21178040c070176c06653b76d42b1e19810c2df0
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
OpenPhish phishing Banco Galicia
GET /Content/fonts/Inter-Regular.woff2 HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/Content/default.minb04f.css?v=638144006175890000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: font/woff2
content-length: 89212
last-modified: Tue, 14 Mar 2023 18:23:16 GMT
etag: "6410bb94-15c7c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynNgVLgv%2BAUG0VRB6sFjk30UkpUeHTnH%2FwwZAwHgA0dttMOd1iQbZkQQiODCs4uX4cTVn%2FhuABZhNK4AjN%2F1ynRglH1gMLgFh0QR6wYlf1Mn7cjO3zpuDnY8ZefnLmmYEuxynFhUAfmi0Uw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59ea1590fb521-OSL
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js
404 Not Found 286 B URL GET HTTP/3 ushuaia-tour-tickets.com/assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c8c2cb262f948fcb45fe76654e8aec9c
389465e2c3513bdfacd1acd94b3d6558176b04f9
8e1a5fd5795dd2da553c81747501886f26c08da6f3a0e420197bf6b230354157
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ydcux0psKexcoe4SeE3JLuFQFzauT5X%2BzBeO89RIB7ggmFzg%2F6J6UV0i%2B3T6GaBC4a5cM06YRK7GDlYIkcj5xqWImcXtijvg1NFw%2FfEm1%2BoBQE8PmK4U151eOMhcIDlcHvenn%2BYmAw%2BJQ%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59e9dcdc2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ushuaia-tour-tickets.com/assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js
404 Not Found 286 B URL GET HTTP/3 ushuaia-tour-tickets.com/assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js
IP
Requested by https://ushuaia-tour-tickets.com/login.html
Certificate IssuerGoogle Trust Services LLC
Subjectushuaia-tour-tickets.com
Fingerprint43:09:B6:03:22:3F:22:BC:0E:A2:77:5B:01:77:53:A8:E6:13:99:58
ValidityThu, 24 Aug 2023 22:39:58 GMT - Wed, 22 Nov 2023 22:39:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c8c2cb262f948fcb45fe76654e8aec9c
389465e2c3513bdfacd1acd94b3d6558176b04f9
8e1a5fd5795dd2da553c81747501886f26c08da6f3a0e420197bf6b230354157
Analyzer Verdict Alert OpenPhish phishing Banco Galicia
GET /assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js HTTP/1.1
Host: ushuaia-tour-tickets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ushuaia-tour-tickets.com/login.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 31 Aug 2023 13:28:57 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9gsq3%2BuxoCsayWUvKgkBCZn9Q3hQml%2BFkd4h0Sg070191d7SE6DV3%2BvdLYecvO2nvndpHUAlABrmf9J8AhqcqU12nVGJxzqnOeJ1Ha4lj%2BdGtuikV3y%2BUWZDIeHlg53xjJRBKaz0PY9nuk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ff59ea1490bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
34.227.254.206
188.114.96.1
0.0.0.0