Report - w50--securebnet1.repl.co/secure.galicia.com.ar/index.html

Report Overview

Visited public
2023-09-27 23:15:38
Tags
galicia financial phishing
URL
w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Finishing URL
w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
IP / ASN
34.120.194.28
#15169 GOOGLE
Title
Online Banking
Phishing - Galicia

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
onlinebanking.bancogalicia.com.ar	838359	1996-01-01	2017-11-08 14:18:56	2023-09-26 01:51:36	932 B	5.7 kB	161.190.1.97
w50--securebnet1.repl.co	unknown	2013-05-11	2023-09-27 14:09:11	2023-09-27 19:13:40	31 kB	2.4 MB	34.120.194.28
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-28 00:38:55	496 B	1.8 kB	142.250.74.168
galicia.ar	unknown	2019-10-24	2022-03-10 21:34:54	2023-08-07 21:22:53	1.1 kB	1.9 kB	151.101.131.10
www.galicia.ar	unknown	2019-10-24	2021-12-17 16:21:15	2023-09-18 03:26:16	1.1 kB	1.1 MB	151.101.131.10
www.google.co.uk	3162	1999-02-14	2012-07-02 03:17:41	2023-09-27 03:42:26	811 B	641 B	142.250.74.163
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-09-20 20:05:47	809 B	641 B	142.250.74.164
gal.bgsensors.co	unknown	2021-01-06	2022-08-23 16:58:41	2023-08-30 20:01:10	620 B	735 B	172.67.134.168
sifo.bancogalicia.com.ar	778628	1996-01-01	2017-06-08 08:32:18	2023-08-26 13:40:37	2.5 kB	148 kB	52.44.182.201
logo.prismasystems.com.ar	736231	2014-12-10	2015-11-12 01:10:35	2023-08-31 15:28:57	650 B	428 B	34.227.254.206

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-09-27	medium	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	Banco Galicia

PhishTank

Scan Date	Severity	Indicator	Alert
2023-09-27	medium	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (27)

	URL	From	Size	First Seen	Last Seen
	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	402 B	2024-08-21	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:38 Last Seen2024-08-21 05:38 Times Seen1 Hash f7deafd0c614aff1cfbd40199e2cd299 563b9f9e3550f517a070c00ebce6e7e03e912465 535dc10b4e00c05ad0fc59153de661029c1c6afa0e457d0e05dc0739f3a7db2c Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f(1).txt	ScriptElement	51 kB	2023-09-28	2023-09-28
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f(1).txt IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 01:15 Last Seen2023-09-28 01:15 Times Seen1 Hash c011f62c7e082ec8f61af8f5db12eb31 defe9fa71f185216a2c2f9502b56d56bade89b01 4ac8f2a313e73a150190087ed33c70f44d83ddedfcc68809c0f666bb832f3380 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	441 B	2023-08-11	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-11 14:04 Last Seen2024-08-21 09:28 Times Seen5 Hash 7fd1116f2e1b842679ba4b0ccd33cb80 985e9d38ad005568336d28285702805432186f1e c5c98ecbdc8974a883b494c3688e7ac8050a7099897a7b74129a26266b65df75 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js	ScriptElement	264 kB	2023-09-28	2023-09-28
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 01:15 Last Seen2023-09-28 01:15 Times Seen1 Hash f6eef32688c78aec87be7bffbc4430d7 e116fb3f7ada349fbf31501b38d0b7797e7140dd 58ac5663aa6b571a6a0dbc5e13e817ac4020138fe4ac4d5527e14ab762e69628 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/sharedout	ScriptElement	387 kB	2023-04-14	2024-09-20
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/sharedout IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-14 17:35 Last Seen2024-09-20 20:14 Times Seen15 Hash 70e6fec2872c1da04c85a43cc9172ab9 3322ccc494464725d713246959c1be5262283d7a 612750519a909746f03e92990ba7afd29d238bc22e1e30b11f0fc389f5c7e3a2 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	1.9 kB	2023-03-08	2025-03-01
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:03 Last Seen2025-03-01 19:37 Times Seen9 Hash a719f41ef1762c59ab8c98b96e2f95d5 0bbe3dab28567746002ca195fed0dbeb80e621ff 5077935e70f10a6bd977c7a4cf5bf8d9e3cf2568f23c8775c6c5cc877ea0cd75 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/saved_resource	ScriptElement	959 B	2023-03-08	2025-03-01
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/saved_resource IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01 Last Seen2025-03-01 19:37 Times Seen12 Hash e839bf471a5c6d390d59f37d139722ef b76fd31a1a820997e39399dbbe71448047f4ae43 c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	1.5 kB	2024-08-21	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:38 Last Seen2024-08-21 05:38 Times Seen1 Hash 04f454f2cf9acdb2411ee95fe94092ba 041eb9e85758a16608710a9a56644c78d5a1690b d5c02be3e74060daeee579e0668f46ee6ab047a13b89a10a0d93728f559ba2ac Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	45 kB	2024-08-21	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:38 Last Seen2024-08-21 05:38 Times Seen1 Hash 89cefe5159368a24c6387d642e5e202a ecfb821ccdd70882c3f63eeac65033d98cf10024 8d3dc55d5f9a959f1e1e81bbf052c4d1e88262be99e878880fbe4a6ee6775d77 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	11 kB	2024-08-21	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:38 Last Seen2024-08-21 05:38 Times Seen1 Hash 6c9c76fa578e5d989558cd4c4279b8e1 529ed2b6ae77a33e7623d8d4614d0f5f6b3b0cbe 41e63721883bd434c0ccd33a144abfe28ffad6ea14960a722e952d4785cd4273 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	751 B	2024-08-21	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:38 Last Seen2024-08-21 05:38 Times Seen1 Hash a8a8d9467f556bcdf243ca95f72ec95f e25e74c0433d80e7c91d7638edb8c02d1212cd0e 4f2924b3efc23b0db92b933740fc806f3b7be1488c681c5968063689147074ef Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	343 B	2023-03-08	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:03 Last Seen2024-08-21 09:28 Times Seen4 Hash b7c21fc002a2447300bda73bea0ac4d0 5638838c3bd03a740afbc823cc10fcfe8336ae26 d7b02ecb2cbe85299b838ef5837c64dff776457092129c62bc27a296b6c64c5c Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/seguloginclientless	ScriptElement	436 B	2023-03-07	2025-03-01
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/seguloginclientless IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35 Last Seen2025-03-01 19:37 Times Seen10 Hash b5b11848c082822cdadac05e9f169809 d4373a43ca4cc74d1e3a9a1da6fc1c61853c38c1 b8f28cd9cc6257cdefca49414abb41ad8eabfaf681b33663da840e88d72ebfbd Loading...

	sifo.bancogalicia.com.ar/requestserver/script/v1/4xd21/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61	ScriptElement	145 kB	2023-09-28	2023-09-28
Pretty URL sifo.bancogalicia.com.ar/requestserver/script/v1/4xd21/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 IP 52.44.182.201 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 01:15 Last Seen2023-09-28 01:15 Times Seen1 Hash 12b0e7e909df5caa8bd79414cd19a40f 7255ee88ee6e291baa38fb36495ee9eef286a973 be049690b83d4a042bf6a7b6635028999a280aa4da1827ce46b4358e355178a1 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	117 B	2023-03-08	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 03:01 Last Seen2024-08-21 09:28 Times Seen4 Hash fb7111aaff0f13e28324624973e64b3e e28367b7505243cceff9bee426c198be75921732 9bb0ae0475c6b1246438ab557df2af55e62828121a990ba824b302f19b7f5d1b Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	165 B	2023-05-04	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-04 14:07 Last Seen2024-08-21 09:28 Times Seen4 Hash 08f88d9d8d992e3a7cb096d4aad0b853 a08e46b70f1d04a198af19a0a2bff6bc2c51606b 62fd58f7a8ebf6a813a96672cfc3edc71468f66b157a6fee5a054eb55b9a647e Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	429 B	2023-07-20	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 05:37 Last Seen2024-08-21 09:28 Times Seen3 Hash d7de03439c388a92808968ba659e2b23 5f0573019756ea04922c64b5069a51cb542fe4a5 0daa97919741944604f2e9a5e80c5a92b57f72100f143a8d088bafd0a9fa283c Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js(1)	ScriptElement	210 kB	2023-09-28	2023-09-28
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js(1) IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 01:15 Last Seen2023-09-28 01:15 Times Seen1 Hash 810975b7af6875c0339c5ef971788e26 d1241100919845434aa775cbc301aca577a7a9a7 12a8a21e033bbbd58b125496adec254c60e934ad7fc6b129717d13c90f96ad1f Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f.txt	ScriptElement	3.1 kB	2023-09-28	2023-09-28
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f.txt IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 01:15 Last Seen2023-09-28 01:15 Times Seen1 Hash daf0df46364809899d7499f2576f5fa1 d699bf5a4cab851f671f8e54502ae9f095bc4993 3ecbf05447d74725b93c01d4f96623619803e0844e33ee5c9ef3b05f3b34b2c5 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	446 B	2023-07-20	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 05:37 Last Seen2024-08-21 09:28 Times Seen3 Hash 41358b8d1595f55e22904c27b1f0897b a9f1602f457a9c9a672a84c878c20dfbf367c2eb 36d31be7edb3ba6f71141df4bc50a0894a5947178eb5942741ff4c61312a6ffa Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	108 B	2023-03-08	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:03 Last Seen2024-08-21 09:28 Times Seen4 Hash 4b0f4525ef45c34c4a6cd62028db005f 2404342a15f975cf76a4a3b744d5b86af443cf41 620ad6623422166808cb37bb00653498fcd745baded2c02685ceb5a27994b30d Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	717 B	2023-07-20	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 05:37 Last Seen2024-08-21 09:28 Times Seen3 Hash e16195d40636eb7dc03d733792bcd246 49b4a0470e0ac2328109a37e621b659172f812a4 ca24afc88c131a2d28f1be1ac3d737eb1fec389fa118a8832a0f942b4a6f1c55 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	1.6 kB	2023-07-20	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 05:37 Last Seen2024-08-21 09:28 Times Seen3 Hash d3529e8065847be1ba130894886af7f7 c5c5d410e270bd0b58798c4f9c6fa2324462df1d 0fa3e875ca659875e1f5ef5fc89a4a050fd893c1bfd1dcf246ce0e7ee988d975 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	2.2 kB	2023-07-20	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 05:37 Last Seen2024-08-21 09:28 Times Seen3 Hash fd99dbf3c4a6110fe156f903e56c16b8 90130c879b39a403a2f2c50c9024c17b30f020ca 68965aa51b20a999a5be6597cac1b841c6dae7b72da1199e4097ba50e85f1507 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	2.4 kB	2023-07-20	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 05:37 Last Seen2024-08-21 09:28 Times Seen3 Hash d0ab06901da3148460818002136e6582 dcc60a30cf5698b905150a8b875684ae6c01d8f8 800bbbfdc46a9bcd020a1800b73ddcce26e55930c4d50b7b05df1b28a9b41bd7 Loading...

	w50--securebnet1.repl.co/secure.galicia.com.ar/index.html	ScriptElement	241 B	2023-07-20	2024-08-21
Pretty URL w50--securebnet1.repl.co/secure.galicia.com.ar/index.html IP 34.120.194.28 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 05:37 Last Seen2024-08-21 09:28 Times Seen3 Hash 585c7a6f838458f614839296f80c6457 9f155770cc63931b1edbcc2b3028aa8ed83b44ca b55fd6df1f5512e3320b1684be382684b8488a5b8e7066ac7f821b7fe8f82a0d Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	0001-01-01 00:00	2025-05-09 05:19
Pretty Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 05:19 Times Seen4634143 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (74)

URL IP Response Size

w50--securebnet1.repl.co/secure.galicia.com.ar/index.html

34.120.194.28

200 OK

91 kB

URL User Request GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (18845), with CRLF, LF line terminators
Size
91 kB (91085 bytes)
Hash
4a12d994672162b8dd57f3eefa6a87c4
b414591d367869610fb393b3955086f4acb44055
7adbf0a72ab9354f67770f8539a1e16394b20c36f6fdcbaefe3f863d0c829366

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Banco Galicia
PhishTank	phishing	Other

HTTP Headers

GET /secure.galicia.com.ar/index.html HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:17 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 91085
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/simple-keyboard.css

34.120.194.28

200 OK

2.8 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/simple-keyboard.css
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text
Size
2.8 kB (2790 bytes)
Hash
7ac8b1ce1d4560506b4ddaace5546637
ec9cf772f643b3583aa07012f94715a4c55c22ed
c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/simple-keyboard.css HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 2790
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/keyboard.css

34.120.194.28

200 OK

492 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/keyboard.css
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text
Size
492 B (492 bytes)
Hash
cde47bbdcc48b7a1883bfa6ff9461e1b
df0ffcc2e83ba3da25ffdb9e4dfe70165e1f34a8
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/keyboard.css HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 492
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/hotjar-584153.descarga

34.120.194.28

404 Not Found

589 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/hotjar-584153.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
589 B (589 bytes)
Hash
890cf834ac58368f07456d8665773c61
3fac9afabc24cacb17012991332002b3657d7b06
469dcf6a11e1a112f946b9d377f1769f8f5432f9dcf8f318b682672fb6be83df

HTTP Headers

GET /secure.galicia.com.ar/index_files/hotjar-584153.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 589
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/analytics.descarga

34.120.194.28

404 Not Found

585 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/analytics.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
585 B (585 bytes)
Hash
2c25d0207726d2881795d353815749a6
dc80064cfd39b3fb73fd6c74b8c6499f4b58bde5
a0b0add650cba27b787e4f5783bdfa9697de7dab7147152d8396b367f2de39ec

HTTP Headers

GET /secure.galicia.com.ar/index_files/analytics.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 585
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/gtm.descarga

34.120.194.28

404 Not Found

579 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/gtm.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
579 B (579 bytes)
Hash
a844faf17f66031ed5160787b702c41d
ea745346b12834e9b7f26caaf3093573f2603661
0340111cdf726ecb4843aeaceb47fafc85baf7fb1f79aa8f01e0008c522968fb

HTTP Headers

GET /secure.galicia.com.ar/index_files/gtm.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 579
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/FrontFunctions.min.descarga

34.120.194.28

404 Not Found

594 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/FrontFunctions.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
594 B (594 bytes)
Hash
3ba9ff76cc4e58a53f919a17c0732545
8b40e093b1136dc10c88703e9a037575f371f281
afb4098d87cd50cca8af689e8cacbe5eb5ced17594af04fa29ac69fe687ad127

HTTP Headers

GET /secure.galicia.com.ar/index_files/FrontFunctions.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 594
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/ad1a29c5.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/ad1a29c5.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
bf1c632b429e3e97cbb7bf67c5c6fcad
bfd585e366a4b6e19d66c1b592dee3e892f59387
3bb0009b553cc08b2ea7ce188f1f126f93137134de7019f0f3b35c002b5d28b6

HTTP Headers

GET /secure.galicia.com.ar/index_files/ad1a29c5.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/customcarousel.min.css

34.120.194.28

200 OK

1.9 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/customcarousel.min.css
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (1920)
Size
1.9 kB (1949 bytes)
Hash
507cddc424365cfc443858856b1747fa
74f55054e13021d5b5c6331778e42dc42c80d6d4
f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/customcarousel.min.css HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 1949
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/seguloginclientless

34.120.194.28

200 OK

436 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/seguloginclientless
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (436), with no line terminators
Size
436 B (436 bytes)
Hash
b5b11848c082822cdadac05e9f169809
d4373a43ca4cc74d1e3a9a1da6fc1c61853c38c1
b8f28cd9cc6257cdefca49414abb41ad8eabfaf681b33663da840e88d72ebfbd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/seguloginclientless HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 436
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga

34.120.194.28

404 Not Found

599 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
599 B (599 bytes)
Hash
de6ef49b1fcea10607f98cb0ef1b3552
6f039ca4e03c11b9c6f075c79e854309403adbfe
9d4ed29b3bafc369e6a2e3e1193613742cf0832964a0892914848ff68d0ca07d

HTTP Headers

GET /secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 599
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/saved_resource

34.120.194.28

200 OK

959 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/saved_resource
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (959), with no line terminators
Size
959 B (959 bytes)
Hash
e839bf471a5c6d390d59f37d139722ef
b76fd31a1a820997e39399dbbe71448047f4ae43
c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/saved_resource HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 959
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
1a1c3f3b2ed364a695ac530e72dac9db
2be7eb1e82d1fb97200687381dee3dc4af6d92ab
700cdd6f5d1fe87009efebe37e7f36cc7f63315c9578c266a14fda6b466e7717

HTTP Headers

GET /secure.galicia.com.ar/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
f52da7033e76440f08278ee6b8593de8
78a0504a5dcba77b3e82290749b2b58ae84da152
fa99ed13dfde9602c5357dab9e462b3bd8d346af5d679fd9eafe691fd17c51b7

HTTP Headers

GET /secure.galicia.com.ar/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
1514a0345e0f252f74724dbbbcdf1a31
e2cb4efd2c1b63a103c5d7cf405c5f4de9c2c723
3c9871fd938e6815695d1246cc9a0237084e46562c913c72a25d4a4a267a9185

HTTP Headers

GET /secure.galicia.com.ar/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCb36db8e494f24d869aef5b3f3bd32cf0-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCb36db8e494f24d869aef5b3f3bd32cf0-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
4a1e444c37df04d61739f3c948db7a8f
39668627a8ddb88635733e9a8daca6642edc8d9e
70732403eec6990492cbc0c506b97ee32fae0c4b93a5a3f134e72716db79388c

HTTP Headers

GET /secure.galicia.com.ar/index_files/RCb36db8e494f24d869aef5b3f3bd32cf0-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/81630000.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/81630000.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
8c5da8ef036a7145e72a474a348e5623
43f4cb9b719a79cde9ec70955d25e375568e1a57
a4964d1470f023d4e115ca15913c69fa49e2d13297658d10aeff49f3c78b27b9

HTTP Headers

GET /secure.galicia.com.ar/index_files/81630000.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/bootstrap.min.css

34.120.194.28

200 OK

124 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/bootstrap.min.css
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (65371)
Size
124 kB (123758 bytes)
Hash
65d518a9dc19eee2880f149ad8696734
473bab8d212a1f5f374dd5fcf66c9882ea0625d2
38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/bootstrap.min.css HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 123758
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/dispatcher-v3.descarga

34.120.194.28

404 Not Found

589 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/dispatcher-v3.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
589 B (589 bytes)
Hash
083f647abe65d70af4578327e39a44f1
38ec9d388d11d7567a9efcb758549c5fdb527d68
2bfdbd6d73e4841cd8ba124832489a8b77c49d8a2fcf0135970c01ba6000f5ef

HTTP Headers

GET /secure.galicia.com.ar/index_files/dispatcher-v3.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 589
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f.txt

34.120.194.28

200 OK

3.1 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f.txt
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (2850)
Size
3.1 kB (3073 bytes)
Hash
daf0df46364809899d7499f2576f5fa1
d699bf5a4cab851f671f8e54502ae9f095bc4993
3ecbf05447d74725b93c01d4f96623619803e0844e33ee5c9ef3b05f3b34b2c5

HTTP Headers

GET /secure.galicia.com.ar/index_files/f.txt HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 3073
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/json-min.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/json-min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
61ae2df2366e9eb4af3ef0928056e07e
92adfd6a3e50e754a73038b9f4fd52038d10096b
1f640223f43629fc5d1ee14dbbcaabb74fd5828f709b9b00996e8ce101151b34

HTTP Headers

GET /secure.galicia.com.ar/index_files/json-min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/cp-v3.descarga

34.120.194.28

404 Not Found

581 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/cp-v3.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
581 B (581 bytes)
Hash
40580479ecb553244dd3262281ff437d
f8e24bc43da09fadad17c914a87d5681f1d4a86c
d21248b00246a964f614daf69f4bc18e141cee68666f497d1d10f211998d0825

HTTP Headers

GET /secure.galicia.com.ar/index_files/cp-v3.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 581
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/modules.87c64ece4c32532efcb6.descarga

34.120.194.28

404 Not Found

604 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/modules.87c64ece4c32532efcb6.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
604 B (604 bytes)
Hash
ef2eb87a9fa84866c09dbac81f85fe87
6d83a5268afef1ade5ea2b3ace586afc5671e752
4d295d7a64d5e91f3fca29bd785dc8fa5b6d1eda771c38ae032bdea759029956

HTTP Headers

GET /secure.galicia.com.ar/index_files/modules.87c64ece4c32532efcb6.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 604
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/eluminate.descarga

34.120.194.28

404 Not Found

585 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/eluminate.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
585 B (585 bytes)
Hash
f5f9ff0f638cc26e0ac49d44fdd251cc
9ad147b6013390905756ebec053f4b1527655863
b2606e3f1fc449e792d0366b5cbf59cc6632ad3798502362493a47bc75c3378a

HTTP Headers

GET /secure.galicia.com.ar/index_files/eluminate.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 585
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/yahoo-min.descarga

34.120.194.28

404 Not Found

585 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/yahoo-min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
585 B (585 bytes)
Hash
e33b68508b435315eb366badee65007e
ba4f2209e31500394fc85f637a163e718982ba0a
a57e492ec1a45d761fed5b4abaf027cb3825021b117a55a7c588c3d9582e4a5a

HTTP Headers

GET /secure.galicia.com.ar/index_files/yahoo-min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 585
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/keyboard.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/keyboard.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
79eed520f4aaf539f09697f916dbefe8
d11f55e93f09ad1339236a28d53fc4148e448da7
a48bf92762c8c86895fc5ed45987a029ececc621c03e962e32de9ae6526a6613

HTTP Headers

GET /secure.galicia.com.ar/index_files/keyboard.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/polyfill.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/polyfill.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
52ce22c6bf76668f553544fa456dabd9
a4e222f3673bb40d96be9d61c42c6fa63a38ac1f
62d8bad06cad0b58fb41da64b5e031a17767d10af9e7071199f269c6f2dd8dfa

HTTP Headers

GET /secure.galicia.com.ar/index_files/polyfill.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/simple-keyboard.min.descarga

34.120.194.28

404 Not Found

595 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/simple-keyboard.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
595 B (595 bytes)
Hash
d9abf9fd46de4e9be5068a6cedcce7d9
b1bcca12c307f0d0614e33e60b7a0271e8231ccc
900337e1ba6f798af19dc660e0910718abc0c74d231ade87c371b43184360ae6

HTTP Headers

GET /secure.galicia.com.ar/index_files/simple-keyboard.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 595
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js(1)

34.120.194.28

200 OK

210 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js(1)
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (2952)
Size
210 kB (210477 bytes)
Hash
810975b7af6875c0339c5ef971788e26
d1241100919845434aa775cbc301aca577a7a9a7
12a8a21e033bbbd58b125496adec254c60e934ad7fc6b129717d13c90f96ad1f

HTTP Headers

GET /secure.galicia.com.ar/index_files/js(1) HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 210477
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js

34.120.194.28

200 OK

264 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/js
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (5806)
Size
264 kB (263497 bytes)
Hash
f6eef32688c78aec87be7bffbc4430d7
e116fb3f7ada349fbf31501b38d0b7797e7140dd
58ac5663aa6b571a6a0dbc5e13e817ac4020138fe4ac4d5527e14ab762e69628

HTTP Headers

GET /secure.galicia.com.ar/index_files/js HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 263497
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/sharedout

34.120.194.28

200 OK

387 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/sharedout
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
Unicode text, UTF-8 text, with very long lines (65435), with no line terminators
Size
387 kB (386613 bytes)
Hash
9861fa51e74a108f05a388c4bc7547ec
6227ce8903aafc40485e4adda69f945bcd25ed4e
c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/sharedout HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 386613
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f(1).txt

34.120.194.28

200 OK

51 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/f(1).txt
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (3258)
Size
51 kB (50713 bytes)
Hash
c011f62c7e082ec8f61af8f5db12eb31
defe9fa71f185216a2c2f9502b56d56bade89b01
4ac8f2a313e73a150190087ed33c70f44d83ddedfcc68809c0f666bb832f3380

HTTP Headers

GET /secure.galicia.com.ar/index_files/f(1).txt HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 50713
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css

34.120.194.28

200 OK

1.2 MB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.2 MB (1243605 bytes)
Hash
8470f4212abca4c45dc81838e6e233bb
a5275aae00d3b1b522482e41e7df2bbbecfe1a53
61dd9856f81d75f7a4cc058bd94c2db3134747fcb6a72bb9ba8f49a8e1c9fe84

HTTP Headers

GET /secure.galicia.com.ar/index_files/default.min.css HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556029; includeSubDomains
content-length: 1243605
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/FrontFunctions.min.descarga

34.120.194.28

404 Not Found

594 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/FrontFunctions.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
594 B (594 bytes)
Hash
3ba9ff76cc4e58a53f919a17c0732545
8b40e093b1136dc10c88703e9a037575f371f281
afb4098d87cd50cca8af689e8cacbe5eb5ced17594af04fa29ac69fe687ad127

HTTP Headers

GET /secure.galicia.com.ar/index_files/FrontFunctions.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:18 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556028; includeSubDomains
content-length: 594
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/ad1a29c5.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/ad1a29c5.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
bf1c632b429e3e97cbb7bf67c5c6fcad
bfd585e366a4b6e19d66c1b592dee3e892f59387
3bb0009b553cc08b2ea7ce188f1f126f93137134de7019f0f3b35c002b5d28b6

HTTP Headers

GET /secure.galicia.com.ar/index_files/ad1a29c5.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm?id=GTM-M6B9RZQ&gtm_auth=En2Tx4QzRBluIcijUPWN-w&gtm_preview=env-2&gtm_cookies_win=x

142.250.74.168

404 Not Found

1.6 kB

URL GET HTTP/2
www.googletagmanager.com/gtm?id=GTM-M6B9RZQ&gtm_auth=En2Tx4QzRBluIcijUPWN-w&gtm_preview=env-2&gtm_cookies_win=x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1564 bytes)
Hash
4155861650a8711d87b4689b74b77c5a
1a75b30d9f6a9597c1b9fe09ccb5d43a3729dc8c
ceddf52608b7fd2d21ffcccf7678035961b5828eca77d72f0baa53304a305463

HTTP Headers

GET /gtm?id=GTM-M6B9RZQ&gtm_auth=En2Tx4QzRBluIcijUPWN-w&gtm_preview=env-2&gtm_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1564
date: Wed, 27 Sep 2023 23:15:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga

34.120.194.28

404 Not Found

599 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
599 B (599 bytes)
Hash
de6ef49b1fcea10607f98cb0ef1b3552
6f039ca4e03c11b9c6f075c79e854309403adbfe
9d4ed29b3bafc369e6a2e3e1193613742cf0832964a0892914848ff68d0ca07d

HTTP Headers

GET /secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 599
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
1a1c3f3b2ed364a695ac530e72dac9db
2be7eb1e82d1fb97200687381dee3dc4af6d92ab
700cdd6f5d1fe87009efebe37e7f36cc7f63315c9578c266a14fda6b466e7717

HTTP Headers

GET /secure.galicia.com.ar/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
1514a0345e0f252f74724dbbbcdf1a31
e2cb4efd2c1b63a103c5d7cf405c5f4de9c2c723
3c9871fd938e6815695d1246cc9a0237084e46562c913c72a25d4a4a267a9185

HTTP Headers

GET /secure.galicia.com.ar/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
f52da7033e76440f08278ee6b8593de8
78a0504a5dcba77b3e82290749b2b58ae84da152
fa99ed13dfde9602c5357dab9e462b3bd8d346af5d679fd9eafe691fd17c51b7

HTTP Headers

GET /secure.galicia.com.ar/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=w50--securebnet1.repl.co&href=https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html

172.67.134.168

200 OK

67 B

URL GET HTTP/2
gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=w50--securebnet1.repl.co&href=https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
IP
172.67.134.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintED:A8:B6:D5:70:3E:97:D9:F2:B4:7C:B1:2E:5D:0B:BC:EF:CE:8A:47
ValiditySat, 05 Nov 2022 00:00:00 GMT - Sun, 05 Nov 2023 23:59:59 GMT

File type
PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data
Size
67 B (67 bytes)
Hash
06707af2ef27f407df4958d3abf2a9f7
874a600942cc18a6c71a96ee2e19fecd42886bfb
089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=w50--securebnet1.repl.co&href=https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html HTTP/1.1
Host: gal.bgsensors.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 27 Sep 2023 23:15:19 GMT
content-type: image/png
content-length: 67
x-frame-options: SAMEORIGIN
vary: Accept-Language,Cookie,Origin
content-language: en
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvWju4s4lDev9pbPAp%2FSErdD5SyhjScG1z%2FGwnWq8AxGMlvh1o2dOTooVc6Cf5%2Fk5ITmRafmQzF6qtnveCY9mfByXQnlXMyBNCfhssAk32TSDPWn4ZeTORIWSqFVep%2FJSTWb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80d772adcdbbb4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCb36db8e494f24d869aef5b3f3bd32cf0-source.min.descarga

34.120.194.28

404 Not Found

621 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/RCb36db8e494f24d869aef5b3f3bd32cf0-source.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
621 B (621 bytes)
Hash
4a1e444c37df04d61739f3c948db7a8f
39668627a8ddb88635733e9a8daca6642edc8d9e
70732403eec6990492cbc0c506b97ee32fae0c4b93a5a3f134e72716db79388c

HTTP Headers

GET /secure.galicia.com.ar/index_files/RCb36db8e494f24d869aef5b3f3bd32cf0-source.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 621
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/81630000.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/81630000.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
8c5da8ef036a7145e72a474a348e5623
43f4cb9b719a79cde9ec70955d25e375568e1a57
a4964d1470f023d4e115ca15913c69fa49e2d13297658d10aeff49f3c78b27b9

HTTP Headers

GET /secure.galicia.com.ar/index_files/81630000.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/Inter-Regular.woff2

34.120.194.28

404 Not Found

588 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/Inter-Regular.woff2
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
588 B (588 bytes)
Hash
1b58caeee735b6f6d563deecd4b73ddd
30ea2036399b1fbb0361018ac920067d018b640f
4db643e27e363f9d2bdb9badfdaf337829d2785d4150795dc4f63f6508fac150

HTTP Headers

GET /secure.galicia.com.ar/Content/fonts/Inter-Regular.woff2 HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 588
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/dispatcher-v3.descarga

34.120.194.28

404 Not Found

589 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/dispatcher-v3.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
589 B (589 bytes)
Hash
083f647abe65d70af4578327e39a44f1
38ec9d388d11d7567a9efcb758549c5fdb527d68
2bfdbd6d73e4841cd8ba124832489a8b77c49d8a2fcf0135970c01ba6000f5ef

HTTP Headers

GET /secure.galicia.com.ar/index_files/dispatcher-v3.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 589
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/Inter-Regular.woff

34.120.194.28

404 Not Found

587 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/Inter-Regular.woff
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
587 B (587 bytes)
Hash
99680f19f859644b3b0677cefff04666
ebd5f115bd96e37c78fb3f290d47e9c53aa6bcc1
96c2fdbc57192d517605b7d8527a533a8257209e16e8a58f2d53acbf80c2c175

HTTP Headers

GET /secure.galicia.com.ar/Content/fonts/Inter-Regular.woff HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 587
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/yahoo-min.descarga

34.120.194.28

404 Not Found

585 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/yahoo-min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
585 B (585 bytes)
Hash
e33b68508b435315eb366badee65007e
ba4f2209e31500394fc85f637a163e718982ba0a
a57e492ec1a45d761fed5b4abaf027cb3825021b117a55a7c588c3d9582e4a5a

HTTP Headers

GET /secure.galicia.com.ar/index_files/yahoo-min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 585
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/Inter-Regular.ttf

34.120.194.28

404 Not Found

586 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/Inter-Regular.ttf
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
586 B (586 bytes)
Hash
c6b60c6386f181454ee5d9412c817a1c
e06cd44dbdf718848a39de6efba4acf8f1428a1f
982afc3d17a6f148fa0f7cb676ab2608e019dd26fad91ed5780cb3328cfea126

HTTP Headers

GET /secure.galicia.com.ar/Content/fonts/Inter-Regular.ttf HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:19 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556027; includeSubDomains
content-length: 586
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/cp-v3.descarga

34.120.194.28

404 Not Found

581 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/cp-v3.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
581 B (581 bytes)
Hash
40580479ecb553244dd3262281ff437d
f8e24bc43da09fadad17c914a87d5681f1d4a86c
d21248b00246a964f614daf69f4bc18e141cee68666f497d1d10f211998d0825

HTTP Headers

GET /secure.galicia.com.ar/index_files/cp-v3.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 581
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/json-min.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/json-min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
61ae2df2366e9eb4af3ef0928056e07e
92adfd6a3e50e754a73038b9f4fd52038d10096b
1f640223f43629fc5d1ee14dbbcaabb74fd5828f709b9b00996e8ce101151b34

HTTP Headers

GET /secure.galicia.com.ar/index_files/json-min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

sifo.bancogalicia.com.ar/requestserver/script/v1/4xd21/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61

52.44.182.201

200

145 kB

URL GET HTTP/1.1
sifo.bancogalicia.com.ar/requestserver/script/v1/4xd21/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
52.44.182.201:443
ASN
#14618 AMAZON-AES

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT

File type
Algol 68 source text\012- Pascal source, ASCII text, with very long lines (937)
Size
145 kB (144958 bytes)
Hash
12b0e7e909df5caa8bd79414cd19a40f
7255ee88ee6e291baa38fb36495ee9eef286a973
be049690b83d4a042bf6a7b6635028999a280aa4da1827ce46b4358e355178a1

HTTP Headers

GET /requestserver/script/v1/4xd21/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Wed, 27 Sep 2023 23:15:20 GMT
Content-Type: application/javascript
Content-Length: 144958
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/modules.87c64ece4c32532efcb6.descarga

34.120.194.28

404 Not Found

604 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/modules.87c64ece4c32532efcb6.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
604 B (604 bytes)
Hash
ef2eb87a9fa84866c09dbac81f85fe87
6d83a5268afef1ade5ea2b3ace586afc5671e752
4d295d7a64d5e91f3fca29bd785dc8fa5b6d1eda771c38ae032bdea759029956

HTTP Headers

GET /secure.galicia.com.ar/index_files/modules.87c64ece4c32532efcb6.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 604
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/logogalicia.html

34.120.194.28

200 OK

5.2 kB

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/logogalicia.html
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
5.2 kB (5194 bytes)
Hash
ce4346a22af7080dee0b8a2746202651
edc01dd56011110e07dc0d6badacd00b3434c4d9
22cda24f559371a5b3bfa6117c184df09a3f0f34626208d11d113537a45ebfb1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/logogalicia.html HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 5194
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/simple-keyboard.min.descarga

34.120.194.28

404 Not Found

595 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/simple-keyboard.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
595 B (595 bytes)
Hash
d9abf9fd46de4e9be5068a6cedcce7d9
b1bcca12c307f0d0614e33e60b7a0271e8231ccc
900337e1ba6f798af19dc660e0910718abc0c74d231ade87c371b43184360ae6

HTTP Headers

GET /secure.galicia.com.ar/index_files/simple-keyboard.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 595
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/images/default/logo.svg

34.120.194.28

404 Not Found

578 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/images/default/logo.svg
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
578 B (578 bytes)
Hash
25e51b2902b5baf377c85afdf336fb66
eb6bc26e02ad548a29a1498270d98cbc9cc45288
54fb59b451e0364add1e70a01068b7a3de523700f5fe2341cfdd775580b4291b

HTTP Headers

GET /secure.galicia.com.ar/images/default/logo.svg HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 578
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/galicia-ui.ttf?8esgb8

34.120.194.28

404 Not Found

590 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/galicia-ui.ttf?8esgb8
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
590 B (590 bytes)
Hash
f64a115e6c08a841ec670ede1b7cfb64
361c9f8d86747864eecdd97303e43d1cf38f0889
c976373ab1b0fdc9b9636390d03f20958889172206f612bd89495110a4c13713

HTTP Headers

GET /secure.galicia.com.ar/Content/fonts/galicia-ui.ttf?8esgb8 HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 590
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/polyfill.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/polyfill.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
52ce22c6bf76668f553544fa456dabd9
a4e222f3673bb40d96be9d61c42c6fa63a38ac1f
62d8bad06cad0b58fb41da64b5e031a17767d10af9e7071199f269c6f2dd8dfa

HTTP Headers

GET /secure.galicia.com.ar/index_files/polyfill.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/galicia-ui.woff?8esgb8

34.120.194.28

404 Not Found

591 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/Content/fonts/galicia-ui.woff?8esgb8
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
591 B (591 bytes)
Hash
4893670513cd4274762f1b9e96ee6967
b39368ea0ce0e11ad4a851f2945d1a8f00ddb527
a3dc7ad69095204491aaa17e06dd2036559a7f1f5db9d7e6f764458fe2546240

HTTP Headers

GET /secure.galicia.com.ar/Content/fonts/galicia-ui.woff?8esgb8 HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/default.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 591
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/keyboard.descarga

34.120.194.28

404 Not Found

584 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/keyboard.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
584 B (584 bytes)
Hash
79eed520f4aaf539f09697f916dbefe8
d11f55e93f09ad1339236a28d53fc4148e448da7
a48bf92762c8c86895fc5ed45987a029ececc621c03e962e32de9ae6526a6613

HTTP Headers

GET /secure.galicia.com.ar/index_files/keyboard.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:20 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556026; includeSubDomains
content-length: 584
X-Firefox-Spdy: h2

galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/Haberes-3-InesFraschina.jpg

151.101.131.10

301 Moved Permanently

343 B

URL GET HTTP/2
galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/Haberes-3-InesFraschina.jpg
IP
151.101.131.10:443
ASN
#54113 FASTLY

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.galicia.ar
Fingerprint88:40:8E:39:C0:65:85:02:4A:FF:EB:D4:D2:8E:9B:50:B8:5B:F5:6C
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
343 B (343 bytes)
Hash
9b09b4f5cf176c614ee592bf81e308c7
a94a682640088d49ebf73810f688de54a981c2e2
477c816a9a3e0155437ceeeaab8021697ec2b72e20022b27dae61080cdfbb61f

HTTP Headers

GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/Haberes-3-InesFraschina.jpg HTTP/1.1
Host: galicia.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/Haberes-3-InesFraschina.jpg
cache-control: max-age=300
expires: Wed, 27 Sep 2023 23:20:21 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: affinity="92cc66b0f3a86861"; Path=/; HttpOnly
accept-ranges: bytes
date: Wed, 27 Sep 2023 23:15:21 GMT
age: 0
strict-transport-security: max-age=31557600
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-timer: S1695856521.670107,VS0,VS0,VE447
content-length: 343
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/eluminate.descarga

34.120.194.28

404 Not Found

585 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/eluminate.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
585 B (585 bytes)
Hash
f5f9ff0f638cc26e0ac49d44fdd251cc
9ad147b6013390905756ebec053f4b1527655863
b2606e3f1fc449e792d0366b5cbf59cc6632ad3798502362493a47bc75c3378a

HTTP Headers

GET /secure.galicia.com.ar/index_files/eluminate.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:21 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556025; includeSubDomains
content-length: 585
X-Firefox-Spdy: h2

logo.prismasystems.com.ar/db_carga5.php

34.227.254.206

200 OK

2 B

URL POST HTTP/1.1
logo.prismasystems.com.ar/db_carga5.php
IP
34.227.254.206:443
ASN
#14618 AMAZON-AES

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectlogo.prismasystems.com.ar
FingerprintF2:C2:D5:FC:E5:7B:62:41:EF:20:00:9E:2E:56:BA:CD:87:6F:80:B7
ValidityWed, 19 Oct 2022 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT

File type
ASCII text
Size
2 B (2 bytes)
Hash
e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

POST /db_carga5.php HTTP/1.1
Host: logo.prismasystems.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 234
Origin: https://w50--securebnet1.repl.co
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 27 Sep 2023 23:15:21 GMT
Server: Apache/2.4.56 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.30
X-Powered-By: PHP/7.3.30
Set-Cookie: PHPSESSID=g7ti9m53vltvecasuubeu7beo9; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 2
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga

34.120.194.28

404 Not Found

599 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
599 B (599 bytes)
Hash
de6ef49b1fcea10607f98cb0ef1b3552
6f039ca4e03c11b9c6f075c79e854309403adbfe
9d4ed29b3bafc369e6a2e3e1193613742cf0832964a0892914848ff68d0ca07d

HTTP Headers

GET /secure.galicia.com.ar/index_files/launch-121f57795303.min.descarga HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:21 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556025; includeSubDomains
content-length: 599
X-Firefox-Spdy: h2

www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/Haberes-3-InesFraschina.jpg

151.101.131.10

200 OK

560 kB

URL GET HTTP/2
www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/Haberes-3-InesFraschina.jpg
IP
151.101.131.10:443
ASN
#54113 FASTLY

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.galicia.ar
Fingerprint88:40:8E:39:C0:65:85:02:4A:FF:EB:D4:D2:8E:9B:50:B8:5B:F5:6C
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1309, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 1000x1309, components 3\012- data
Size
560 kB (559602 bytes)
Hash
6383005c6440e8be8b40074e1f7c8f01
b3f602782edb4855f50a86750b611a0552577df3
ba77a8e19ea5a28022ac041d109d0bbbea9a2f1eb6afedebce289911239bc239

HTTP Headers

GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/Haberes-3-InesFraschina.jpg HTTP/1.1
Host: www.galicia.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://w50--securebnet1.repl.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 31 May 2023 20:49:28 GMT
etag: "0x8DB621886E6266F"
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200
content-security-policy: object-src 		        'none' 		    ;style-src 		        'self' 		        'unsafe-inline' 		        https://*.bancogalicia.com.ar                 https://*.hotjar.com 				https://*.galicia.ar                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://fonts.googleapis.com                 https://maps.gstatic.com                 https://fonts.googleapis.com             ;connect-src                 'self'                 'unsafe-inline'                 'unsafe-eval'                 https://cm.everesttech.net                 https://assets.adobedtm.com                 https://*.demdex.net                 https://*.omtrdc.net                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://www.googleapis.com                 https://*.hotjar.com                 https://*.hotjar.io                 wss://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com 		    ;script-src 		        'self' 		        'unsafe-inline' 		        'unsafe-eval'                 https://cm.everesttech.net                 https://assets.adobedtm.com                 https://*.2o7.net                 https://*.demdex.net                 https://*.omtrdc.net                 https://*.sc.omtrdc.net                 https://*.tt.omtrdc.net                 https://*.adobedtm.com                 https://*.adobeaemcloud.com                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://*.adobeaemcloud.com                 https://www.google.com/recaptcha/                 https://maps.googleapis.com                 https://www.googletagmanager.com                 https://www.googleadservices.com                 https://www.gstatic.com/recaptcha/                 https://maps.gstatic.com                 https://*.hotjar.com                 https://*.nera-agro.com                 https://www.facebook.com                 https://*.facebook.net             ;img-src                 'self'                 data:                 https://cm.everesttech.net                 https://assets.adobedtm.com                 https://*.demdex.net                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://i.ytimg.com                 https://*.bancogalicia.com                 https://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com                 https://www.facebook.com                 https://*.facebook.net                 https://googleads.g.doubleclick.net                 https://www.google.com                 https://www.google.com.br             ;frame-src                 'self'                 https://*.demdex.net                 https://www.google.com/recaptcha/                 https://recaptcha.google.com/recaptcha/                 https://www.youtube.com/                 https://*.bancogalicia.com.ar/ 				https://*.galicia.ar                 https://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com             ;frame-ancestors                 'self'                 https://*.bancogalicia.com.ar            ;font-src 		        'self' 		        data:                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com                 https://fonts.gstatic.com                 https://fonts.googleapis.com
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-disposition: inline
permissions-policy: geolocation=(self "https://*.adobeaemcloud.com")
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
date: Wed, 27 Sep 2023 23:15:21 GMT
age: 52896
strict-transport-security: max-age=31557600
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-timer: S1695856521.376730,VS0,VS0,VE2
content-length: 559602
X-Firefox-Spdy: h2

www.google.co.uk/pagead/1p-user-list/936934836/?random=1695659236615&cv=9&fst=1695657600000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=768&u_w=1024&u_ah=728&u_aw=1024&u_cd=24&u_his=5&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=3493740239&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.co.uk/pagead/1p-user-list/936934836/?random=1695659236615&cv=9&fst=1695657600000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=768&u_w=1024&u_ah=728&u_aw=1024&u_cd=24&u_his=5&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=3493740239&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.co.uk
Fingerprint74:54:9F:6A:CB:12:BC:A5:64:E8:AC:10:AC:11:93:23:AC:48:A8:32
ValidityMon, 04 Sep 2023 08:23:00 GMT - Mon, 27 Nov 2023 08:22:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/936934836/?random=1695659236615&cv=9&fst=1695657600000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=768&u_w=1024&u_ah=728&u_aw=1024&u_cd=24&u_his=5&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=3493740239&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 23:15:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/936934836/?random=1695659236615&cv=9&fst=1695657600000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=768&u_w=1024&u_ah=728&u_aw=1024&u_cd=24&u_his=5&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=3493740239&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL GET HTTP/2
www.google.com/pagead/1p-user-list/936934836/?random=1695659236615&cv=9&fst=1695657600000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=768&u_w=1024&u_ah=728&u_aw=1024&u_cd=24&u_his=5&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=3493740239&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/936934836/?random=1695659236615&cv=9&fst=1695657600000&num=1&guid=ON&eid=375603261%2C466465925%2C512247838&u_h=768&u_w=1024&u_ah=728&u_aw=1024&u_cd=24&u_his=5&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=3493740239&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 23:15:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/saved_resource.html

34.120.194.28

200 OK

152 B

URL GET HTTP/2
w50--securebnet1.repl.co/secure.galicia.com.ar/index_files/saved_resource.html
IP
34.120.194.28:443
ASN
#15169 GOOGLE

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerGoogle Trust Services LLC
Subjectrepl.co
Fingerprint70:6A:DF:61:19:FA:0D:7D:3A:53:93:69:94:83:FD:B0:FD:CB:59:C3
ValidityMon, 21 Aug 2023 16:49:08 GMT - Sun, 19 Nov 2023 16:49:07 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
152 B (152 bytes)
Hash
09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Galicia

HTTP Headers

GET /secure.galicia.com.ar/index_files/saved_resource.html HTTP/1.1
Host: w50--securebnet1.repl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 23:15:21 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: hacker
strict-transport-security: max-age=4556025; includeSubDomains
content-length: 152
X-Firefox-Spdy: h2

sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61

52.44.182.201

200

0 B

URL POST HTTP/1.1
sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
52.44.182.201:443
ASN
#14618 AMAZON-AES

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://w50--securebnet1.repl.co/
Origin: https://w50--securebnet1.repl.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Wed, 27 Sep 2023 23:15:21 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://w50--securebnet1.repl.co
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff

sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61

52.44.182.201

200

115 B

URL POST HTTP/1.1
sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
52.44.182.201:443
ASN
#14618 AMAZON-AES

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
dd881b921162c25ea914db8dfaedefec
c1906878381f21910907f4b5fdeca465fbc0f57a
c816995b31210ed47eb8bae0191e798df320f863e37f59a4b75c25bd7af38ca4

HTTP Headers

POST /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 18798
Origin: https://w50--securebnet1.repl.co
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Wed, 27 Sep 2023 23:15:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://w50--securebnet1.repl.co
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: herok=2886860804vWjXkZBSG9eJFeMxRF6YGgFvVHBhdR; Expires=Wed, 27-Sep-2023 23:45:22 GMT; SameSite=None; Secure
kirby=2886860804vWjXkZBSG9eJFeMxRF6YGgFvVHBhdR; SameSite=None; Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff

galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/App-3-DiegoYamasato.jpg

151.101.131.10

301 Moved Permanently

339 B

URL GET HTTP/2
galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/App-3-DiegoYamasato.jpg
IP
151.101.131.10:443
ASN
#54113 FASTLY

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.galicia.ar
Fingerprint88:40:8E:39:C0:65:85:02:4A:FF:EB:D4:D2:8E:9B:50:B8:5B:F5:6C
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
339 B (339 bytes)
Hash
39e7b9d0191320f4768927112ee4d359
21ff2af9f50ad00e50dd239b30cb1249da626fff
6d4ba4321de38cd69cb4720dfd98d9939d9160c2afba4f42d7ef0ef032d4434d

HTTP Headers

GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/App-3-DiegoYamasato.jpg HTTP/1.1
Host: galicia.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: https://www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/App-3-DiegoYamasato.jpg
cache-control: max-age=300
expires: Wed, 27 Sep 2023 23:20:22 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: affinity="bd9a6f207a5277b5"; Path=/; HttpOnly
accept-ranges: bytes
date: Wed, 27 Sep 2023 23:15:22 GMT
age: 0
strict-transport-security: max-age=31557600
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-timer: S1695856522.755400,VS0,VS0,VE453
content-length: 339
X-Firefox-Spdy: h2

sifo.bancogalicia.com.ar/requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61

52.44.182.201

200

0 B

URL POST HTTP/1.1
sifo.bancogalicia.com.ar/requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP
52.44.182.201:443
ASN
#14618 AMAZON-AES

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectsifo.bancogalicia.com.ar
Fingerprint2A:06:ED:39:AD:DE:39:C2:98:A7:C8:7B:6E:19:09:6C:27:62:A6:DB
ValidityWed, 22 Feb 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------369163617240181412103846004630
Content-Length: 92786
Origin: https://w50--securebnet1.repl.co
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Cookie: herok=2886860804vWjXkZBSG9eJFeMxRF6YGgFvVHBhdR; kirby=2886860804vWjXkZBSG9eJFeMxRF6YGgFvVHBhdR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
Date: Wed, 27 Sep 2023 23:15:22 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://w50--securebnet1.repl.co
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff

onlinebanking.bancogalicia.com.ar/Images/favicon.ico

161.190.1.97

200 OK

1.6 kB

URL GET HTTP/1.1
onlinebanking.bancogalicia.com.ar/Images/favicon.ico
IP
161.190.1.97:443
ASN
#13474 Banco de Galicia y Buenos Aires

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectonlinebanking.bancogalicia.com.ar
Fingerprint45:8D:B8:44:DA:8F:A9:26:71:75:AF:65:7D:A2:C7:B7:15:C8:6C:9E
ValidityTue, 19 Sep 2023 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1559 bytes)
Hash
b700b544f2fa87e37e6b728fef00fcb0
c0735fa743392c2f3032c22d241854b88832cdb7
f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03

HTTP Headers

GET /Images/favicon.ico HTTP/1.1
Host: onlinebanking.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 14 Mar 2023 17:23:16 GMT
Accept-Ranges: bytes
ETag: "f0a215aa9956d91:0"
Date: Wed, 27 Sep 2023 23:15:23 GMT
Content-Length: 1559

onlinebanking.bancogalicia.com.ar/images/assets/logo_ios_152x152.png

161.190.1.97

3.7 kB

URL GET
onlinebanking.bancogalicia.com.ar/images/assets/logo_ios_152x152.png
IP
161.190.1.97:0
ASN
#13474 Banco de Galicia y Buenos Aires

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html

File type
PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size
3.7 kB (3728 bytes)
Hash
44833eb3871f5915ed3b03557937c593
6a2c0daa8577d261dc4f3fa8864a0bd00f3262e3
516214aaaf58a361362c9abf9818810f7e34358ed54aacb3c8450128754f900a

HTTP Headers

GET /images/assets/logo_ios_152x152.png HTTP/1.1
Host: onlinebanking.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w50--securebnet1.repl.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 14 Mar 2023 17:23:17 GMT
Accept-Ranges: bytes
ETag: "b04b48aa9956d91:0"
Date: Wed, 27 Sep 2023 23:15:23 GMT
Content-Length: 3728

www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/App-3-DiegoYamasato.jpg

151.101.131.10

200 OK

537 kB

URL GET HTTP/2
www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/App-3-DiegoYamasato.jpg
IP
151.101.131.10:443
ASN
#54113 FASTLY

Requested by
https://w50--securebnet1.repl.co/secure.galicia.com.ar/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.galicia.ar
Fingerprint88:40:8E:39:C0:65:85:02:4A:FF:EB:D4:D2:8E:9B:50:B8:5B:F5:6C
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1309, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 1000x1309, components 3\012- data
Size
537 kB (537241 bytes)
Hash
66ccaa6c33436491690566d63ad0a49e
a438491e258958314cd8734cbafa66621b35b2ee
f5508252e0ff00aa67a184c790799029b4430e2fa89ecdcd23571776c14e8de0

HTTP Headers

GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/2023/App-3-DiegoYamasato.jpg HTTP/1.1
Host: www.galicia.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://w50--securebnet1.repl.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 31 May 2023 20:49:27 GMT
etag: "0x8DB6218868612FD"
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200
content-security-policy: object-src 		        'none' 		    ;style-src 		        'self' 		        'unsafe-inline' 		        https://*.bancogalicia.com.ar                 https://*.hotjar.com 				https://*.galicia.ar                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://fonts.googleapis.com                 https://maps.gstatic.com                 https://fonts.googleapis.com             ;connect-src                 'self'                 'unsafe-inline'                 'unsafe-eval'                 https://cm.everesttech.net                 https://assets.adobedtm.com                 https://*.demdex.net                 https://*.omtrdc.net                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://www.googleapis.com                 https://*.hotjar.com                 https://*.hotjar.io                 wss://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com 		    ;script-src 		        'self' 		        'unsafe-inline' 		        'unsafe-eval'                 https://cm.everesttech.net                 https://assets.adobedtm.com                 https://*.2o7.net                 https://*.demdex.net                 https://*.omtrdc.net                 https://*.sc.omtrdc.net                 https://*.tt.omtrdc.net                 https://*.adobedtm.com                 https://*.adobeaemcloud.com                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://*.adobeaemcloud.com                 https://www.google.com/recaptcha/                 https://maps.googleapis.com                 https://www.googletagmanager.com                 https://www.googleadservices.com                 https://www.gstatic.com/recaptcha/                 https://maps.gstatic.com                 https://*.hotjar.com                 https://*.nera-agro.com                 https://www.facebook.com                 https://*.facebook.net             ;img-src                 'self'                 data:                 https://cm.everesttech.net                 https://assets.adobedtm.com                 https://*.demdex.net                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://i.ytimg.com                 https://*.bancogalicia.com                 https://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com                 https://www.facebook.com                 https://*.facebook.net                 https://googleads.g.doubleclick.net                 https://www.google.com                 https://www.google.com.br             ;frame-src                 'self'                 https://*.demdex.net                 https://www.google.com/recaptcha/                 https://recaptcha.google.com/recaptcha/                 https://www.youtube.com/                 https://*.bancogalicia.com.ar/ 				https://*.galicia.ar                 https://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com             ;frame-ancestors                 'self'                 https://*.bancogalicia.com.ar            ;font-src 		        'self' 		        data:                 https://*.bancogalicia.com.ar                 https://*.galicia.ar                 https://*.hotjar.com                 https://maps.googleapis.com                 https://*.nera-agro.com                 https://maps.gstatic.com                 https://fonts.gstatic.com                 https://fonts.googleapis.com
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-disposition: inline
permissions-policy: geolocation=(self "https://*.adobeaemcloud.com")
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
date: Wed, 27 Sep 2023 23:15:23 GMT
age: 0
strict-transport-security: max-age=31557600
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-timer: S1695856522.223157,VS0,VS0,VE926
content-length: 537241
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by