r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8950
Expires: Tue, 06 Dec 2022 08:24:02 GMT
Date: Tue, 06 Dec 2022 05:54:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2570
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:52 GMT
Etag: "638dc877-1d7"
Last-Modified: Tue, 06 Dec 2022 05:12:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 05:20:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2070
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9029
Expires: Tue, 06 Dec 2022 08:25:21 GMT
Date: Tue, 06 Dec 2022 05:54:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PtR2+jMO9AXcrqJ0QQHoW44FVnFcfN0DxRAdZFQ+oCbOYa4Q5CyyzZ4+gBEugnaH3hG7QBUWda4=
x-amz-request-id: BDCM85JVJBF3AYHR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 05:46:59 GMT
age: 473
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
c1481833.ferozo.com/img/index_files/galicia
200.58.112.174301 Moved Permanently 259 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 75834c7457fd350977a11cf977ab85de
1f3a4c45b39d00ed9b50f95e7140ed84d6e43232
7b874b39eec19511cf978d0e76472a829b515b987632e399e4bb8161bdd63091
GET /img/index_files/galicia HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Location: http://c1481833.ferozo.com/img/index_files/galicia/
Content-Length: 259
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 05:54:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 05:11:20 GMT
cache-control: public,max-age=3600
age: 2612
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
c1481833.ferozo.com/img/index_files/galicia/
200.58.112.174200 OK 25 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18845)
Hash 156099aa541e3d63332aed1e275e2020
f6c5c30ed0b0ec21081a1f60cacb5dbe89b4ef9b
f60404daebfe8a6bfbc4a961f4dd546da29808faa57d4d5be5bc1119cf76a3d5
GET /img/index_files/galicia/ HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:14 GMT
ETag: "16106-5ef20eccb6e7c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24559
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2563
Cache-Control: max-age=100483
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:52 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:49:35 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
c1481833.ferozo.com/img/index_files/galicia/index_files/simple-keyboard.min.js.descarga
200.58.112.174200 OK 5.4 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/simple-keyboard.min.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (19664), with CRLF line terminators
Hash fa2ae80071e1ef732b9589f1ff31cb13
cee26cbd904e2a74b5d7e5f76d51ecbf78bc5826
93155dc3675e0282bf1d3b66975faa9fb5a6f4a3e2a7116d3ecdbe53cbb5983e
GET /img/index_files/galicia/index_files/simple-keyboard.min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "4eff-5ef20ed2bab0b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5411
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/bootstrap.min.css
200.58.112.174200 OK 20 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/bootstrap.min.css
IP 200.58.112.174:0
File type ASCII text, with very long lines (65371)
Hash d77c1068a3646177f9a94955627b80dc
c8931f1f337ec4a63b685abd0bea724ff4fbb2d2
cb7b67b6016de1ece69f8e98d41c2998eb54bf7bc9dea62559c95a68473abee0
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/bootstrap.min.css HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "1e36e-5ef20ed052f8b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20122
Keep-Alive: timeout=10, max=200
Content-Type: text/css
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /6tna5I0T44LzhLGbjUS5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XkKeXycU33WzTB0M2ZFeTehSzlg=
c1481833.ferozo.com/img/index_files/galicia/index_files/detect.js.descarga
200.58.112.174200 OK 509 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/detect.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (1644), with no line terminators
Hash 2809a934f1688b18bc9d5fc0209d5e00
3b3cef5ba7f6b75f4ebb6cd1a7ae2fac50d41e79
5b2bb905b07e70dac18579486a97a963bc352d12888094b0552e54a9b66befab
GET /img/index_files/galicia/index_files/detect.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "66c-5ef20ed083112-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 509
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/analytics.js.descarga
200.58.112.174200 OK 20 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/analytics.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (1325)
Hash 93bde531cb4f65be97d29e35331ca13e
a893da1a81f92a8b58bba978dbe35780c97235b2
2172506c0cbb4a0f851f60c59097cf9e578de853c1382061395858f5d448ab8d
GET /img/index_files/galicia/index_files/analytics.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT
ETag: "c436-5ef20ed020ec5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20073
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/FrontFunctions.min.js.descarga
200.58.112.174200 OK 8.1 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/FrontFunctions.min.js.descarga
IP 200.58.112.174:0
File type Unicode text, UTF-8 text, with very long lines (28350), with no line terminators
Hash 74a7b99c74687e54ff9f60c3aa5b1122
0544c96af2c1f952bad4d1d7046d586c6eb161cb
c9aa96d3b5941bc0f8537d642f3415c3b092879daae459f615657a673d3003d8
GET /img/index_files/galicia/index_files/FrontFunctions.min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "6ec5-5ef20ed10e39e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8130
Keep-Alive: timeout=10, max=200
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4373a5aa59b4e412e37b9c74590bf836
3fa5f29f67f19f133a25f97ab3b930b5f62cfde1
e70e92a8e6b3fd69e09a4d28f0abbc7f5e0c7df4a2833dfe9d510c9b3611ed81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160587
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:53 GMT
Etag: "638ea978-1d7"
Expires: Thu, 08 Dec 2022 02:31:20 GMT
Last-Modified: Tue, 06 Dec 2022 02:31:20 GMT
Server: nginx
Content-Length: 471
c1481833.ferozo.com/img/index_files/galicia/index_files/customcarousel.min.css
200.58.112.174200 OK 630 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/customcarousel.min.css
IP 200.58.112.174:0
File type ASCII text, with very long lines (1920)
Hash bba38d3bea7e2f4c9ad8199063b42b33
64c0555ddf60a1971a289c3268fcfbd2bb0797d9
111c1a6156e62696c66c05d1c226c7ed525d230e5f8d8223c5474bd9575150f9
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/customcarousel.min.css HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "79d-5ef20ed0677ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 630
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: text/css
c1481833.ferozo.com/img/index_files/galicia/index_files/js(1)
200.58.112.174200 OK 188 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/js(1)
IP 200.58.112.174:0
File type ASCII text, with very long lines (6000)
Size 188 kB (187739 bytes)
Hash f7263e6aa1f18717b6a377e193ad3360
054c3c5df89954441c88465b61ccb18e75aeec21
980601b25e13391a969b0affdaa6808cef4eff32d6d20fa22ed03a2b2996a7ce
GET /img/index_files/galicia/index_files/js(1) HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "2dd5b-5ef20ed1ac2f2"
Accept-Ranges: bytes
Content-Length: 187739
Keep-Alive: timeout=10, max=200
c1481833.ferozo.com/img/index_files/galicia/index_files/gtm.js.descarga
200.58.112.174200 OK 132 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/gtm.js.descarga
IP 200.58.112.174:0
File type Unicode text, UTF-8 text, with very long lines (65323)
Size 132 kB (132040 bytes)
Hash fe655a0d42da768cd17d7973e37c7aa7
18a820b119f5005764411cf1defb209bfdc2ea68
6517863d0ebac56961f18bfb0b290f522715a7dd786edb065ebb1d328d7cea79
GET /img/index_files/galicia/index_files/gtm.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "81884-5ef20ed177f03-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=200
Transfer-Encoding: chunked
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/seguloginborders
200.58.112.174200 OK 651 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/seguloginborders
IP 200.58.112.174:0
File type ASCII text, with very long lines (651), with no line terminators
Hash 972ec8df496b03ff74dca5a0f72e21c5
bc7837d85c544fd47a87ab6a4b2929e35a36f4be
c714daca086c41b0915c1eb7cdfc38696582eba1d6a0259e2fec643e84728be6
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
fortinet Phishing
GET /img/index_files/galicia/index_files/seguloginborders HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "28b-5ef20ed2749f5"
Accept-Ranges: bytes
Content-Length: 651
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
c1481833.ferozo.com/img/index_files/galicia/index_files/js
200.58.112.174200 OK 224 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/js
IP 200.58.112.174:0
File type ASCII text, with very long lines (22462)
Size 224 kB (223796 bytes)
Hash 9e2f33ffa8542252af1b5282488ee62d
edf1b4c7d5eefa2fa22bb24de1afef07ac7c051d
10fbce2479bd7c3843d173556378ddd29187f3ab00b37a033fcc8e0900fc0654
GET /img/index_files/galicia/index_files/js HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "36a34-5ef20ed18fdd3"
Accept-Ranges: bytes
Content-Length: 223796
Keep-Alive: timeout=10, max=200
c1481833.ferozo.com/img/index_files/galicia/index_files/ad1a29c5.js.descarga
200.58.112.174200 OK 116 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/ad1a29c5.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (62720), with CRLF, LF line terminators
Size 116 kB (115962 bytes)
Hash 967d78f1fdd2c32abb5e4c8885577304
cec7a82d2c1065c60f1b1cbbb431819742b30e25
b2e24b9529777d4c760e2a978d95accf7871a0ee2d3932c584d9282854dd989c
GET /img/index_files/galicia/index_files/ad1a29c5.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT
ETag: "979d0-5ef20ed03c05c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/launch-121f57795303.min.js.descarga
200.58.112.174200 OK 88 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/launch-121f57795303.min.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (32763)
Hash b3c52ad77a49f94f8af203c366b329ce
1846158229b999d7d8cc32f013842f954a5e9dbe
396f7e740f0b4221d6a146765277c87bbf3cb32baefcf2fad897a309138aa889
GET /img/index_files/galicia/index_files/launch-121f57795303.min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "435b5-5ef20ed201a20-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/sharedout
200.58.112.174200 OK 387 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/sharedout
IP 200.58.112.174:0
File type Unicode text, UTF-8 text, with very long lines (65435), with no line terminators
Size 387 kB (386613 bytes)
Hash 9861fa51e74a108f05a388c4bc7547ec
6227ce8903aafc40485e4adda69f945bcd25ed4e
c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/sharedout HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "5e635-5ef20ed2b169b"
Accept-Ranges: bytes
Content-Length: 386613
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
c1481833.ferozo.com/img/index_files/galicia/index_files/saved_resource
200.58.112.174200 OK 959 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/saved_resource
IP 200.58.112.174:0
File type ASCII text, with very long lines (959), with no line terminators
Hash e839bf471a5c6d390d59f37d139722ef
b76fd31a1a820997e39399dbbe71448047f4ae43
c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/saved_resource HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "3bf-5ef20ed2601d5"
Accept-Ranges: bytes
Content-Length: 959
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
c1481833.ferozo.com/img/index_files/galicia/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js.descarga
200.58.112.174200 OK 543 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (864)
Hash 8ddf8ba3d6a00a02e1e5277d59a08399
98273e04578db79440ae6645848d1553b7a2a997
329a5cc75044b434042c442985b3e2988d57a0b0e21b7fb4e4334eb84da0c9ed
GET /img/index_files/galicia/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "3f3-5ef20ed2492a6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 543
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js.descarga
200.58.112.174200 OK 358 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (433)
Hash 41bcf39f9d7b992852bb4bc7f8f5d754
a63d37ccf521322e6f125af64e0af9a7dee6e49c
1347f04698e281121676a030d033d51f3248017f446bd0b260156fc7126e000d
GET /img/index_files/galicia/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "244-5ef20ed23c786-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js.descarga
200.58.112.174200 OK 221 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js.descarga
IP 200.58.112.174:0
Hash 4d094e935d1758fb5a0715b63321cc30
57a4342f94b3f85e35c8b305542873a9d1c82a5f
9d65719adcbdff15d50923f142211bb24e935b2bcdb1435aae73e2bbe343e701
GET /img/index_files/galicia/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "15e-5ef20ed251776-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 221
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0mv3_bOi4kymDF7KB35kOjvgE9egGYnCMAXLGIse_PJE8bBMGLxdqw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:07:10 GMT
age: 6464
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 29268
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c1481833.ferozo.com/img/index_files/galicia/index_files/51630000.js.descarga
200.58.112.174200 OK 118 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/51630000.js.descarga
IP 200.58.112.174:0
File type core file (Xenix)\012- , ASCII text
Hash 8c4e3a70f133a38fa6bd5e6c86ebab03
ef2b21d945dc0899e134155b3c3f25a069aa2eb2
5442f5ba1ef9467c8cbffca444e379d796dc36fc6e2fdd239404d8950fbc459a
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/51630000.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT
ETag: "7d-5ef20ecffa1ae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 118
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 27926
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 29192
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2409529ecac5140de749d864da85af0d
99f431b4ca446996dbacb969440e2ecfb11fd9e0
81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 6d0cc220-31bc-4815-ade5-7e3e5403f39f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cniYTGgRoAMF5lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c7dce-64fbea8330a62e4f741c0c4e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 11:00:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N7fC93hYwpQYwGJGvXGHf2Z-H0Ek0MvRQsvT1HJy5Q46BnLNGjidSQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:35:32 GMT
age: 80362
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 03:41:05 GMT
age: 8029
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c1481833.ferozo.com/img/index_files/galicia/index_files/f.txt
200.58.112.174200 OK 1.0 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/f.txt
IP 200.58.112.174:0
File type ASCII text, with very long lines (2257), with no line terminators
Hash a9d8a1f9bc8bcec30b66d5bf99fceb55
bddbc8668cb93aa28b7ebdff45edc703cafd2919
e5cbe9fe40968d6258bda40fab415b0796372281824262e86edb9aa5f3b74cb9
GET /img/index_files/galicia/index_files/f.txt HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "8d1-5ef20ed1089c6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1018
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: text/plain
c1481833.ferozo.com/img/index_files/galicia/index_files/dispatcher-v3.js.descarga
200.58.112.174200 OK 1.2 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/dispatcher-v3.js.descarga
IP 200.58.112.174:0
Hash a4630b9d3da3bba845510abf73c53859
6543de95aacd38ed6920d735f7fcaf846ebe2d03
4e3ba17d14a08f98165a8724fd6b525fdba14b7e5abebe4f1f0795a508cc142c
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/dispatcher-v3.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "1392-5ef20ed0acd09-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1228
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/yahoo-min.js.descarga
200.58.112.174200 OK 3.0 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/yahoo-min.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (6013)
Hash a5b2c161a424aeaf067d6246176d64ee
7293cb47259c7065ac91d48096c2a227bc812cbc
36c712dcb454d4b23a4e63d24a6adc9e503f0cf9a8faf3c4a94457fdd25d102f
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/yahoo-min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "1bab-5ef20ed2cacda-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3005
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/cp-v3.js.descarga
200.58.112.174200 OK 12 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/cp-v3.js.descarga
IP 200.58.112.174:0
File type ASCII text, with no line terminators
Hash bc6573647ae421e4cd14dcdf34c877ce
a567ddefcd1cfc1bbbaf5323bdadba5795c95478
7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/cp-v3.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "c-5ef20ed0677ab"
Accept-Ranges: bytes
Content-Length: 12
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/json-min.js.descarga
200.58.112.174200 OK 2.2 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/json-min.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (4764)
Hash 73caddd8ca193f8bbe1008199439f379
bb864f4af973871e416dc2cc2da18bba495f4606
204207a80c315adee6290dfbf2e00e7b96c153621b9d5cc2a732f1859f451705
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/json-min.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "1337-5ef20ed1a70ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2204
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
200.58.112.174200 OK 140 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
IP 200.58.112.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 140 kB (140038 bytes)
Hash 3a4df7079d9b37d0dd779f8c063ce03a
de06e613779c3c982a3e76627de92ed487a758c0
812bd2765cc7bb7b921f7d5cc9e0d3044d17d55858a5431a99905b57a2cbd70f
GET /img/index_files/galicia/index_files/default.min.css HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "12f64e-5ef20ed0cefe8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
c1481833.ferozo.com/img/index_files/galicia/index_files/keyboard.css
200.58.112.174200 OK 275 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/keyboard.css
IP 200.58.112.174:0
Hash 03026484ff3ed14003ed15e7563e9931
84cd9b9c9f9643d9d10e4cf8145756cdfe641566
9f80bb36c3d476b6cc261ea273592912d9a180c03e39c041daf525cfa04441e4
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/keyboard.css HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "1ec-5ef20ed1bb13a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 275
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Content-Type: text/css
c1481833.ferozo.com/img/index_files/galicia/index_files/simple-keyboard.css
200.58.112.174200 OK 871 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/simple-keyboard.css
IP 200.58.112.174:0
Hash 44890b556529205fa312c21a0b93a7a3
b7d7a862c0e586b311e4be6f5c9b7193e3bcffd7
2a90530004faf9e08e48bbdd380c544f1ec36e7940624da859c76f1143fb0b80
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /img/index_files/galicia/index_files/simple-keyboard.css HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "ae6-5ef20ed29882c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 871
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: text/css
c1481833.ferozo.com/img/index_files/galicia/index_files/hotjar-584153.js.descarga
200.58.112.174200 OK 5.3 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/hotjar-584153.js.descarga
IP 200.58.112.174:0
File type Unicode text, UTF-8 text, with very long lines (15929)
Hash b73abebd085f043935dded21c5fdaee3
ff29f8d6cf5624b2b8ea0c502a1b9911a12526e0
725e509d8d97a59bad0525bcdf7d46055a5c0d114810cb6ac3747911f6296655
GET /img/index_files/galicia/index_files/hotjar-584153.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "5574-5ef20ed147995-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5289
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/polyfill.js.descarga
200.58.112.174200 OK 672 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/polyfill.js.descarga
IP 200.58.112.174:0
File type ASCII text, with CRLF line terminators
Hash 5dc5a228625422e92c9b5beb8c7b417d
67569836113125adbee2b90730d04ec5322e38dc
34feda018175e4ef4f4f13fdf594f49fe226a1f3f168b62b69c4d88adc493ccc
GET /img/index_files/galicia/index_files/polyfill.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "6f6-5ef20ed223147-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 672
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
detectca.easysol.net/detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.49312707852582793
107.23.44.14200 OK 82 B URL HTTP/1.1 detectca.easysol.net/detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.49312707852582793
IP 107.23.44.14:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ae11c9259e141875b33cbb6598aa1485
4d71dc1bd4621df68ee846fe3f9409606aabced4
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
GET /detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.49312707852582793 HTTP/1.1
Host: detectca.easysol.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 05:54:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
c1481833.ferozo.com/img/index_files/galicia/index_files/keyboard.js.descarga
200.58.112.174200 OK 1.9 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/keyboard.js.descarga
IP 200.58.112.174:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 88342f45224d49f5f270f4e98afd1ac4
b84da59d784943f4625b92c714abe4240b92b01f
e1a7b946fdc7a2f409272580fa56bba14924ba0d2ae7d483a8565e4be7e1884a
GET /img/index_files/galicia/index_files/keyboard.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "1864-5ef20ed1cd631-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1864
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c1481833.ferozo.com/img/index_files/galicia/index_files/modules.d53d96d4fefc0e537bd8.js.descarga
200.58.112.174200 OK 85 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/modules.d53d96d4fefc0e537bd8.js.descarga
IP 200.58.112.174:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 3caaa8644257fccf76804c332d6ee64f
6741995acd7e8f1be92d053e31facbb93d1bfd7f
d988a880e6fa6f341a8b50e5ba98df7af46f48542d0d3ef21f4c7a8cdb32e74e
GET /img/index_files/galicia/index_files/modules.d53d96d4fefc0e537bd8.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "41ae1-5ef20ed235256-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62726172-14&cid=1969658199.1670306092&jid=2126279852&gjid=1191967864&_gid=486805073.1670306092&_u=aGBAiEABFAAAAEAAI~&z=576026865
64.233.164.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62726172-14&cid=1969658199.1670306092&jid=2126279852&gjid=1191967864&_gid=486805073.1670306092&_u=aGBAiEABFAAAAEAAI~&z=576026865
IP 64.233.164.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62726172-14&cid=1969658199.1670306092&jid=2126279852&gjid=1191967864&_gid=486805073.1670306092&_u=aGBAiEABFAAAAEAAI~&z=576026865 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://c1481833.ferozo.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c1481833.ferozo.com/img/index_files/galicia/index_files/eluminate.js.descarga
200.58.112.174200 OK 42 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/eluminate.js.descarga
IP 200.58.112.174:0
File type ASCII text, with very long lines (65268), with CRLF line terminators
Hash 00a2494c0f8369a8f777f0648c50a89d
ed9a2d8bd7217f3b3bc4ac62ac6d21773590b79b
a1560b3946737d462dc35d133d49a3720170cc93b5acc99f5aade4ca399d4f49
GET /img/index_files/galicia/index_files/eluminate.js.descarga HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "25cb4-5ef20ed0ed447-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 42306
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Content-Type: application/javascript
c1481833.ferozo.com/img/index_files/galicia/index_files/f(1).txt
200.58.112.174200 OK 17 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/f(1).txt
IP 200.58.112.174:0
File type ASCII text, with very long lines (2772)
Hash 6d5b458014f6c17c0b6287e8dac0b15b
2b021139a4734051f488bc135c818b4c9ecd1e4b
9a7f7d26f0dac577b8db566a69bb0332c54fade010dff77f0a071aff41b1f71a
GET /img/index_files/galicia/index_files/f(1).txt HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "b394-5ef20ed0ee7cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17403
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: text/plain
detectca.easysol.net/detectca/scripts/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/detect.js
107.23.44.14200 OK 1.6 kB URL HTTP/1.1 detectca.easysol.net/detectca/scripts/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/detect.js
IP 107.23.44.14:0
File type ASCII text, with very long lines (1640), with no line terminators
Hash aef7b7e1e7819c8d35e55d721f410939
9ef9629efb99fc8912d7d9f2a72660ec65155de4
f6d0448700281e0d7bae82dfdf56ed258c5e026bdaae7449bd4e679fd6a59e62
GET /detectca/scripts/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/detect.js HTTP/1.1
Host: detectca.easysol.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 05:54:55 GMT
Content-Type: application/javascript
Content-Length: 1640
Last-Modified: Tue, 24 Aug 2021 00:00:00 GMT
Connection: keep-alive
ETag: "61243680-668"
Accept-Ranges: bytes
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/Inter-Regular.woff2
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/Inter-Regular.woff2
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/Inter-Regular.woff2 HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.googletagmanager.com/gtm.js?id=GTM-M6B9RZQ>m_auth=TiByp1Z92r_vHHqYjmr5yQ>m_preview=env-6>m_cookies_win=x
142.250.74.40200 OK 132 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M6B9RZQ>m_auth=TiByp1Z92r_vHHqYjmr5yQ>m_preview=env-6>m_cookies_win=x
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (65323)
Size 132 kB (132073 bytes)
Hash 3da5e9aef96637477ffec47ff8854d57
bede27a7ca46b4c41a863e6f2315d52750c70f87
0bf161ce7ec233efc753f33897800d3fdd327a9a95adb8bb2e1a206453a7def9
GET /gtm.js?id=GTM-M6B9RZQ>m_auth=TiByp1Z92r_vHHqYjmr5yQ>m_preview=env-6>m_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: *
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 132073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 69d6e7d7a4f52bf8c54b6e8c7bd88a4a
c782a8791e56606bb83345ab4006dac83ea2d9a7
414bb632f1616fef1643a58f0f35bba3b6910dc437ba3afa84531382fd632164
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Etag: "638d98ac-118"
Server: ECS (amb/6BC2)
Content-Length: 280
detectca.easysol.net/detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.15498958627258685
107.23.44.14200 OK 82 B URL HTTP/1.1 detectca.easysol.net/detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.15498958627258685
IP 107.23.44.14:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ae11c9259e141875b33cbb6598aa1485
4d71dc1bd4621df68ee846fe3f9409606aabced4
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
GET /detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.15498958627258685 HTTP/1.1
Host: detectca.easysol.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 05:54:55 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
c1481833.ferozo.com/img/index_files/galicia/index_files/logogalicia.html
200.58.112.174200 OK 57 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/logogalicia.html
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (804)
Hash 7c08d2537a26aed61fda343b88a9aa5c
82017fe9423f7e896f1aed0d37fb1a09b379bab4
1a632706b6fd8b91b9ebaa175f719a9e6e5d460d8a2138f9f133585fcf61e432
GET /img/index_files/galicia/index_files/logogalicia.html HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "31bf1-5ef20ed20c9e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
c1481833.ferozo.com/img/index_files/galicia/logo.png
200.58.112.174200 OK 2.3 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/logo.png
IP 200.58.112.174:0
File type PNG image data, 140 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 317c48a57bc7bfb38f6421d68ea795d6
11749c9eade31875a8d42d0add1d66b09f0630df
465d2570cd777b7581a2abc33a8c455e74b0367bb90743dc027701e127778089
GET /img/index_files/galicia/logo.png HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:14 GMT
ETag: "8ef-5ef20eccaf17c"
Accept-Ranges: bytes
Content-Length: 2287
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: image/png
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/fontawesome-webfont.woff2
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/fontawesome-webfont.woff2
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b967016c92599586200298d67c900ac5
14a6fd8d84b435e154c0ae357a9f8dc24c16e9eb
b266fccee1baec0b93927cf1385b1a3e6987424f00cbf0ac879fcc8f212df56c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2230
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Last-Modified: Tue, 06 Dec 2022 05:17:46 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/galicia-ui.ttf?8esgb8
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/galicia-ui.ttf?8esgb8
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/galicia-ui.ttf?8esgb8 HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DF3360B65E15FFB70A495C4A%40AdobeOrg&d_nsid=0&ts=1670306092314
54.72.35.25200 OK 564 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DF3360B65E15FFB70A495C4A%40AdobeOrg&d_nsid=0&ts=1670306092314
IP 54.72.35.25:0
File type JSON data\012- , ASCII text, with very long lines (1006), with no line terminators
Hash 0a3468f10689aee386d032d46d0c49b6
578c2854fdf689bc44a8af00b541834073ce4fa1
c41f747afc081398a7bf2c702c094f8a17de305265d2d932320f3919b02fc48c
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DF3360B65E15FFB70A495C4A%40AdobeOrg&d_nsid=0&ts=1670306092314 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://c1481833.ferozo.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=76390773508081107682319319525236782209; Max-Age=15552000; Expires=Sun, 04 Jun 2023 05:54:55 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: SP5B4yvlSr8=
Content-Length: 564
Connection: keep-alive
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628dac2f/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js
23.38.200.237200 OK 543 B URL HTTP/2 assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628dac2f/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (864)
Hash 6e70c064dcc46bddc302d38e13df7375
11a26413589f01e66bb8638a72b020bfce0df66e
73126989e913930819159af197416325de64064d2eb0c6e6ef5baa8d8a17768a
GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014"
last-modified: Thu, 17 Nov 2022 14:05:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 543
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=c1481833.ferozo.com&href=http://c1481833.ferozo.com/img/index_files/galicia/
104.21.25.208200 OK 67 B URL HTTP/2 gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=c1481833.ferozo.com&href=http://c1481833.ferozo.com/img/index_files/galicia/
IP 104.21.25.208:0
File type PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data
Hash 06707af2ef27f407df4958d3abf2a9f7
874a600942cc18a6c71a96ee2e19fecd42886bfb
089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=c1481833.ferozo.com&href=http://c1481833.ferozo.com/img/index_files/galicia/ HTTP/1.1
Host: gal.bgsensors.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 05:54:55 GMT
content-type: image/png
content-length: 67
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7ka6r%2Bs1qzASrwbbDjO%2FXAOHRwKs%2FVNj8diIzRqb2L4q4r026xOzI02bAqJuoaP7gi3alwlO8%2BKxM2oOJf0Kgzed7fxuaS%2BBfegrJWVbwHkB1%2Bo7GlHFz1JTRjo2psY0iT4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7752c5076fdab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628dac2f/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js
23.38.200.237200 OK 358 B URL HTTP/2 assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628dac2f/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (433)
Hash 31ea1a7be2ce884825de79c2b2b85636
bb090cfd383820961658b024f472706ed7fef996
9dddf9d548fe2c42b2bd155c1f23564b9ec191ef0f7181b77dd31614cc747d64
GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014"
last-modified: Thu, 17 Nov 2022 14:05:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/Inter-Regular.woff
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/Inter-Regular.woff
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/Inter-Regular.woff HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 69d6e7d7a4f52bf8c54b6e8c7bd88a4a
c782a8791e56606bb83345ab4006dac83ea2d9a7
414bb632f1616fef1643a58f0f35bba3b6910dc437ba3afa84531382fd632164
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Etag: "638d98ac-118"
Last-Modified: Tue, 06 Dec 2022 05:54:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628dac2f/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js
23.38.200.237200 OK 221 B URL HTTP/2 assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628dac2f/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js
IP 23.38.200.237:0
Hash 00aacf1a7ee46f4d76dbc88c13b50665
3f98aea9894054c0486320cbe587e7b1927856f6
e65b48d91b73b4adfa1c555c7f7a1a6729d4ea33d42580d901f5c5a0c0cd99f0
GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014"
last-modified: Thu, 17 Nov 2022 14:05:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 221
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion.js
142.250.74.98200 OK 17 kB URL HTTP/1.1 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2772)
Hash 4c734f2dee2775f34cf20236a1e454ce
8519539acac5a7086a839fc5534f9648c5b0de46
9a7a7b257d298e7db6db54901e7bf89361f015742c19276a81fae9e82efdd823
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Tue, 06 Dec 2022 05:54:55 GMT
Expires: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 6351308751113588399
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 17396
X-XSS-Protection: 0
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js
23.38.200.237200 OK 88 kB URL HTTP/2 assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32763)
Hash 728f8e3526301a03588ace633f0bb6f5
96a5c698d252210d919a05bdeacf0c807306814b
4c2ab4845f61dea6e37f239073fa781636c359dd3550b0301ba0e77b424f8860
GET /87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "9e6fd0a59e71085ed8c04063c3bef56e:1668693899.426046"
last-modified: Thu, 17 Nov 2022 14:04:59 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 88143
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2
c1481833.ferozo.com/img/index_files/galicia/index_files/box-5e66f98b4ee957db209dc6f63e3d59dd.html
200.58.112.174200 OK 1.3 kB URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2397)
Hash 5bc8e01ed61435444e02ebbbfb6c3488
a58080b2d6595196a4315514d3e2f7e3f40faaf5
1eba453433ead3f057aa3819aa2cc0b764b58c3608b9a2035bac75769da7b113
GET /img/index_files/galicia/index_files/box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "9cd-5ef20ed05104b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1315
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: text/html
c1481833.ferozo.com/img/index_files/galicia/index_files/saved_resource.html
200.58.112.174200 OK 145 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/index_files/saved_resource.html
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5e610eda263540ba05be0d6b5cf807a2
269663c27bdb68d880847d4f7bd4b62796926c93
682e5b3b42807f8a40d9f12d20c12a824dbf1dfcda7fefab7c81a08a35c9bfca
GET /img/index_files/galicia/index_files/saved_resource.html HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "95-5ef20ed266b4d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 145
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: text/html
www.google-analytics.com/collect
216.239.38.178200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect
IP 216.239.38.178:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 427
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://c1481833.ferozo.com
Date: Tue, 06 Dec 2022 05:54:55 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b159fdabe241a0f38997a068b31c58a
e97bd85cc2e0a389a07ffbe17f990678cb0955d5
3a825294334cd38686b167d31f0226c236f254228f159a12ade3c3b545dfa0d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5832
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Last-Modified: Tue, 06 Dec 2022 04:17:43 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/galicia-ui.woff?8esgb8
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/galicia-ui.woff?8esgb8
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/galicia-ui.woff?8esgb8 HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/fontawesome-webfont.woff
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/fontawesome-webfont.woff
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.woff HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.google.com/g/collect?v=2&tid=G-NK1ZTDWVWL>m=2oebu0&_p=1086889195&_gaz=1&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&dt=Online%20Banking&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&sid=1670306092&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.page_path=%2Fimg%2Findex_files%2Fgalicia%2F
142.250.74.14204 No Content 0 B URL HTTP/2 analytics.google.com/g/collect?v=2&tid=G-NK1ZTDWVWL>m=2oebu0&_p=1086889195&_gaz=1&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&dt=Online%20Banking&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&sid=1670306092&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.page_path=%2Fimg%2Findex_files%2Fgalicia%2F
IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NK1ZTDWVWL>m=2oebu0&_p=1086889195&_gaz=1&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&dt=Online%20Banking&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&sid=1670306092&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.page_path=%2Fimg%2Findex_files%2Fgalicia%2F HTTP/1.1
Host: analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://c1481833.ferozo.com
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 1fad8e834ba3c602a0fff059a7a40552
29d975e08d716f6d33e3c3bd6405a6322df6ca65
3802068c5eb245d9675ed4af5ed889bd9ec33b858b2a20b8c408f8e4f0d7fe9f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Dec 2022 05:54:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 20:41:09 GMT
Expires: Tue, 06 Dec 2022 20:41:09 GMT
ETag: "29d975e08d716f6d33e3c3bd6405a6322df6ca65"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/Inter-Regular.ttf
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/Inter-Regular.ttf
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/Inter-Regular.ttf HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c1481833.ferozo.com/Scripts/eluminate.js
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/Scripts/eluminate.js
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /Scripts/eluminate.js HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y; mbox=session#95b84a3a802c48eab403f0d1399b55c6#1670307953; at_check=true
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9a20b032c5f1d81fba2f07aae1c4aa53
bf5ebc48e6fcc2f5f0f21681cd5106cbaa544c56
387b351f5e28c394c86129e1be8dd5ee8cedfc635ae6ac8eb0c2e0755bd24525
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100469
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:55 GMT
Etag: "638dbea4-1d7"
Expires: Wed, 07 Dec 2022 09:49:24 GMT
Last-Modified: Mon, 05 Dec 2022 09:49:24 GMT
Server: nginx
Content-Length: 471
wup-ad1a29c5.us.v2.we-stats.com/client/v3.1/web/wup?cid=gamora
52.141.217.134200 OK 565 B URL HTTP/2 wup-ad1a29c5.us.v2.we-stats.com/client/v3.1/web/wup?cid=gamora
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (565), with no line terminators
Hash 1476681319e51abc40b1caabdf291b35
89b87f0ad23660075db9c01530c9ef498c0353ac
5249f03d2b9bf3cb85752cb02a1354d9af78644ac9648d7047aee5734bdb72a3
POST /client/v3.1/web/wup?cid=gamora HTTP/1.1
Host: wup-ad1a29c5.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 565
date: Tue, 06 Dec 2022 05:54:55 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 00859549-1c2e-4e79-882b-a4120bd50888
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
c1481833.ferozo.com/img/index_files/galicia/Content/fonts/fontawesome-webfont.ttf
200.58.112.174404 Not Found 196 B URL HTTP/1.1 c1481833.ferozo.com/img/index_files/galicia/Content/fonts/fontawesome-webfont.ttf
IP 200.58.112.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.ttf HTTP/1.1
Host: c1481833.ferozo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y; mbox=session#95b84a3a802c48eab403f0d1399b55c6#1670307953; at_check=true
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=193
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.google-analytics.com/g/collect?v=2&tid=G-R462ZWFJX5>m=2oebu0&_p=1086889195&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&sid=1670306092&sct=1&seg=0&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&dt=Online%20Banking&en=page_view&_fv=2&_ss=1
216.239.38.178204 No Content 0 B URL HTTP/2 www.google-analytics.com/g/collect?v=2&tid=G-R462ZWFJX5>m=2oebu0&_p=1086889195&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&sid=1670306092&sct=1&seg=0&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&dt=Online%20Banking&en=page_view&_fv=2&_ss=1
IP 216.239.38.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R462ZWFJX5>m=2oebu0&_p=1086889195&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&sid=1670306092&sct=1&seg=0&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&dt=Online%20Banking&en=page_view&_fv=2&_ss=1 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://c1481833.ferozo.com
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Tue, 06 Dec 2022 04:23:05 GMT
Expires: Tue, 06 Dec 2022 06:23:05 GMT
Cache-Control: public, max-age=7200
Age: 5511
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267006cd6e6820ee4e423414c0fae7fa
0161f56b3a6d6d572a9aa4d1bffbaf2c58a20aa1
9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/936934836/?random=1670306092907&cv=9&fst=1670306092350&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.2200 OK 945 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/936934836/?random=1670306092907&cv=9&fst=1670306092350&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2135), with no line terminators
Hash 9304424da2144a574a1c6cc4e5c87697
e9102bd383d849ed7f68520ed954f0508a4e00f1
62ce0f91842bf156db24992fc230b0456da25cf5d196354d7b9cd054db2a940d
GET /pagead/viewthroughconversion/936934836/?random=1670306092907&cv=9&fst=1670306092350&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 945
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 06:09:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267006cd6e6820ee4e423414c0fae7fa
0161f56b3a6d6d572a9aa4d1bffbaf2c58a20aa1
9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/936934836/?random=1670306092350&cv=9&fst=1670306092350&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.2200 OK 944 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/936934836/?random=1670306092350&cv=9&fst=1670306092350&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2135), with no line terminators
Hash 256bcd5cc2296b5a394ea86ceb4998d7
6d3dff38310f61e18f109dc976d20c246c0c608d
23394f5a7f41b5faf07a5e520ac68ed938822708f2db56c6a974f10145d98138
GET /pagead/viewthroughconversion/936934836/?random=1670306092350&cv=9&fst=1670306092350&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 944
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 06:09:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.ar/pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.ar/pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.ar/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NK1ZTDWVWL&cid=1969658199.1670306092>m=2oebu0&aip=1&z=1965234860
172.217.21.163200 OK 42 B URL HTTP/2 www.google.com.ar/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NK1ZTDWVWL&cid=1969658199.1670306092>m=2oebu0&aip=1&z=1965234860
IP 172.217.21.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NK1ZTDWVWL&cid=1969658199.1670306092>m=2oebu0&aip=1&z=1965234860 HTTP/1.1
Host: www.google.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267006cd6e6820ee4e423414c0fae7fa
0161f56b3a6d6d572a9aa4d1bffbaf2c58a20aa1
9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sifo.bancogalicia.com.ar/requestserver/script/v1/k9t02s/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
34.196.56.54200 144 kB URL HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/script/v1/k9t02s/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP 34.196.56.54:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (938)
Size 144 kB (144528 bytes)
Hash d92e202d987d0b2efe131beb937cc386
2984249d3f13fd65eedf7b902bde84d8530af8dc
3f2054b0bb91912c2c4447308efddc5d5f1029e79b97d9a73967583ca34bbe11
GET /requestserver/script/v1/k9t02s/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Tue, 06 Dec 2022 05:54:55 GMT
Content-Type: application/javascript
Content-Length: 144528
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
data.coremetrics.com/cm?ci=Producci%C3%B3n&st=1670306092344&vn1=4.18.138&ec=utf-8&vn2=e4.0&pi=%2Fimg%2Findex_files%2Fgalicia%2F&ul=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&cjen=1&cjuid=&cjsid=&cjvf=&tid=6&rnd=1670313185311&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0
54.224.36.233200 OK 43 B URL HTTP/1.1 data.coremetrics.com/cm?ci=Producci%C3%B3n&st=1670306092344&vn1=4.18.138&ec=utf-8&vn2=e4.0&pi=%2Fimg%2Findex_files%2Fgalicia%2F&ul=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&cjen=1&cjuid=&cjsid=&cjvf=&tid=6&rnd=1670313185311&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0
IP 54.224.36.233:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /cm?ci=Producci%C3%B3n&st=1670306092344&vn1=4.18.138&ec=utf-8&vn2=e4.0&pi=%2Fimg%2Findex_files%2Fgalicia%2F&ul=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&cjen=1&cjuid=&cjsid=&cjvf=&tid=6&rnd=1670313185311&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0 HTTP/1.1
Host: data.coremetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:54:56 GMT
Server: Apache
Vary: Host
Expires: Mon, 05 Dec 2022 05:54:56 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Length: 43
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Connection: close
Content-Type: image/gif
libs.coremetrics.com/configs/Producci%C3%B3n.js
23.61.236.51404 Not Found 10 B URL HTTP/1.1 libs.coremetrics.com/configs/Producci%C3%B3n.js
IP 23.61.236.51:0
Hash 7605968e79d0ca095ab1231486d2b814
a007b420d19ceefa840f0373e050e3b51a4ab480
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
GET /configs/Producci%C3%B3n.js HTTP/1.1
Host: libs.coremetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 404 Not Found
Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Tue, 06 Dec 2022 05:54:56 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/936934836/?random=1670306092907&cv=9&fst=1670302800000&num=2&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=2017215404&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/936934836/?random=1670306092907&cv=9&fst=1670302800000&num=2&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=2017215404&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/936934836/?random=1670306092907&cv=9&fst=1670302800000&num=2&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=2017215404&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/936934836/?random=1670306092350&cv=9&fst=1670302800000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1203412094&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/936934836/?random=1670306092350&cv=9&fst=1670302800000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1203412094&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/936934836/?random=1670306092350&cv=9&fst=1670302800000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1203412094&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
34.196.56.54200 0 B URL HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP 34.196.56.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://c1481833.ferozo.com/
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Tue, 06 Dec 2022 05:54:56 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: http://c1481833.ferozo.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c324023e802dee4c6dbfa93520d5e72b
0bf5cb7e59f9cf925b137d8534344b96f2cd7165
8122bbea03e922774e3dfdc5263467c1d94a0c07392ff7468137c610a10db46c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 226
Cache-Control: max-age=138472
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Etag: "638e5236-1d7"
Expires: Wed, 07 Dec 2022 20:22:48 GMT
Last-Modified: Mon, 05 Dec 2022 20:19:02 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 471
sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
34.196.56.54200 115 B URL HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP 34.196.56.54:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 78bcb6e49d27426cdf4375932546b00e
4c76bfbd622fe498b219966023837e1375d5ecb3
5b23ddbce779ab2497d5a126aff93425bde3bac8dcabbe2afe22b382412211bb
POST /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 25033
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Tue, 06 Dec 2022 05:54:56 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: http://c1481833.ferozo.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: herok=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6; Expires=Tue, 06-Dec-2022 06:24:56 GMT; SameSite=None; Secure
kirby=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6; SameSite=None; Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c324023e802dee4c6dbfa93520d5e72b
0bf5cb7e59f9cf925b137d8534344b96f2cd7165
8122bbea03e922774e3dfdc5263467c1d94a0c07392ff7468137c610a10db46c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138246
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:54:56 GMT
Etag: "638e5236-1d7"
Expires: Wed, 07 Dec 2022 20:19:02 GMT
Last-Modified: Mon, 05 Dec 2022 20:19:02 GMT
Server: nginx
Content-Length: 471
www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/App-2.jpg
151.101.219.10200 OK 232 kB URL HTTP/2 www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/App-2.jpg
IP 151.101.219.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.5 (Macintosh), datetime=2022:08:18 14:50:23], progressive, precision 8, 1000x1309, components 3\012- data
Size 232 kB (231967 bytes)
Hash e5c836a4a0a86a8f73f3483df55b8cb4
22f84e668e0150a6b5dde9ce532e97a640bb589d
5f35283bd1018c2a477ae7ac1818f05bcac581b2910d3a104984602f959f4df9
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/App-2.jpg HTTP/1.1
Host: www.galicia.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 29 Aug 2022 13:47:04 GMT
etag: "0x8DA89C4F4D104C7"
content-disposition: attachment; filename="App-2.jpg"; filename*=UTF-8''App-2.jpg
access-control-allow-origin: *
x-content-type-options: nosniff
cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges: bytes
date: Tue, 06 Dec 2022 05:54:56 GMT
age: 80007
strict-transport-security: max-age=31557600
x-served-by: cache-eze2230062-EZE
x-cache: HIT
x-timer: S1670306096.446258,VS0,VS0,VE0
content-length: 231967
X-Firefox-Spdy: h2
onlinebanking.bancogalicia.com.ar/images/assets/logo_ios_152x152.png
161.190.1.97200 OK 3.7 kB URL HTTP/1.1 onlinebanking.bancogalicia.com.ar/images/assets/logo_ios_152x152.png
IP 161.190.1.97:0
ASN #13474 Banco de Galicia y Buenos Aires
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 44833eb3871f5915ed3b03557937c593
6a2c0daa8577d261dc4f3fa8864a0bd00f3262e3
516214aaaf58a361362c9abf9818810f7e34358ed54aacb3c8450128754f900a
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /images/assets/logo_ios_152x152.png HTTP/1.1
Host: onlinebanking.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 03 Oct 2022 17:29:00 GMT
Accept-Ranges: bytes
ETag: "20f919a04dd7d81:0"
Date: Tue, 06 Dec 2022 05:54:57 GMT
Content-Length: 3728
onlinebanking.bancogalicia.com.ar/Images/favicon.ico
161.190.1.97200 OK 1.6 kB URL HTTP/1.1 onlinebanking.bancogalicia.com.ar/Images/favicon.ico
IP 161.190.1.97:0
ASN #13474 Banco de Galicia y Buenos Aires
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b700b544f2fa87e37e6b728fef00fcb0
c0735fa743392c2f3032c22d241854b88832cdb7
f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /Images/favicon.ico HTTP/1.1
Host: onlinebanking.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Mon, 03 Oct 2022 17:28:57 GMT
Accept-Ranges: bytes
ETag: "8051689e4dd7d81:0"
Date: Tue, 06 Dec 2022 05:54:57 GMT
Content-Length: 1559
galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1670306092617
52.31.124.224200 OK 435 B URL HTTP/1.1 galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1670306092617
IP 52.31.124.224:0
File type JSON data\012- , ASCII text, with very long lines (751), with no line terminators
Hash b541f50d52d3599ecee7158d89e04eb0
5c4e40fa25f54fc5c28ffa980b10c133e790cc6a
a8154609b15382001ef448b30dead1d1ad7b9e0887487ea8e07865265117f55c
POST /event?d_dil_ver=9.5&_ts=1670306092617 HTTP/1.1
Host: galiciabanco.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 227
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://c1481833.ferozo.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-05ee5fd88.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=76390773508081107682319319525236782209; Max-Age=15552000; Expires=Sun, 04 Jun 2023 05:54:57 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: eSRQNa8qReE=
Content-Length: 435
Connection: keep-alive
galiciabanco.tt.omtrdc.net/rest/v1/delivery?client=galiciabanco&sessionId=95b84a3a802c48eab403f0d1399b55c6&version=2.10.0
54.74.22.74200 304 B URL HTTP/1.1 galiciabanco.tt.omtrdc.net/rest/v1/delivery?client=galiciabanco&sessionId=95b84a3a802c48eab403f0d1399b55c6&version=2.10.0
IP 54.74.22.74:0
File type JSON data\012- , ASCII text, with very long lines (355), with no line terminators
Hash 5c2f8615502cadb163fa7cec780974fa
bd6c56f039dbd1befa9bf5faeca3b92c9d0b9abb
dd2da7bbe09de4098c3508b49b620a5ba3b64e189f590182360a6d8f2301111a
POST /rest/v1/delivery?client=galiciabanco&sessionId=95b84a3a802c48eab403f0d1399b55c6&version=2.10.0 HTTP/1.1
Host: galiciabanco.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Content-Length: 976
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
HTTP/1.1 200
Date: Tue, 06 Dec 2022 05:54:57 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Access-Control-Allow-Origin: http://c1481833.ferozo.com
Access-Control-Allow-Credentials: true
X-Request-ID: f6a9167a4bdfa2cfddc0f9e3276ab183
Timing-Allow-Origin: *
Accept-CH: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
Content-Encoding: gzip
galiciabanco.demdex.net/dest5.html?d_nsid=0
52.31.124.224200 OK 2.8 kB URL HTTP/1.1 galiciabanco.demdex.net/dest5.html?d_nsid=0
IP 52.31.124.224:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: galiciabanco.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 6 Dec 2022 05:54:57 GMT
DCS: dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: DHPL8j6DTAg=
transfer-encoding: chunked
Connection: keep-alive
sifo.bancogalicia.com.ar/requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
34.196.56.54200 0 B URL HTTP/1.1 sifo.bancogalicia.com.ar/requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
IP 34.196.56.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /requestserver/rest/v1/screenshot?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1
Host: sifo.bancogalicia.com.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------306829257337448825392053799013
Content-Length: 313599
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Cookie: herok=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6; kirby=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Tue, 06 Dec 2022 05:54:57 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: http://c1481833.ferozo.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 6bcf99cf6268833f1c595219acabc038
2b788a764087812085698d77dd9a0ce711d2270d
449780d702152ef7029115f1bffaf39d850f34288d51743fda24ad65ce5334db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117635
Date: Tue, 06 Dec 2022 05:54:57 GMT
Etag: "638df9a7-1d7"
Expires: Wed, 07 Dec 2022 14:35:32 GMT
Last-Modified: Mon, 05 Dec 2022 14:01:11 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6RwfmTkcrn5tU3F3A2mLeLsRkqs1qvBt82X4zSdPaXH2MvAy7q989w==
Age: 2062
www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/Inversiones-1.jpg
151.101.219.10200 OK 523 kB URL HTTP/2 www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/Inversiones-1.jpg
IP 151.101.219.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1309, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 1000x1309, components 3\012- data
Size 523 kB (522581 bytes)
Hash 3a239090084638097e6b01a1f5062ccf
5cf035982b475ca7c143d80bc79fcc82d542920d
76013314a63158a21cae97bc86ade241aabb1a95567099a118fcf57384ae35f7
Analyzer Verdict Alert urlquery phishing Phishing - Galicia
GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/Inversiones-1.jpg HTTP/1.1
Host: www.galicia.ar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 29 Aug 2022 13:47:04 GMT
etag: "0x8DA89C4F5358461"
content-disposition: attachment; filename="Inversiones-1.jpg"; filename*=UTF-8''Inversiones-1.jpg
access-control-allow-origin: *
x-content-type-options: nosniff
cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges: bytes
date: Tue, 06 Dec 2022 05:54:57 GMT
age: 82818
strict-transport-security: max-age=31557600
x-served-by: cache-eze2230062-EZE
x-cache: HIT
x-timer: S1670306097.411482,VS0,VS0,VE1
content-length: 522581
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=76390773508081107682319319525236782209
99.80.65.0302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=76390773508081107682319319525236782209
IP 99.80.65.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=76390773508081107682319319525236782209 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Tue, 06 Dec 2022 05:54:57 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y47ZMQAAANjYMQOV; Domain=.everesttech.net; Expires=Wed, 06-Dec-2023 05:54:57 GMT; Path=/
everest_session_v2=Y47ZMQAAANjYMgOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y47ZMQAAANjYMQOV
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y47ZMQAAANjYMQOV
54.72.35.25302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y47ZMQAAANjYMQOV
IP 54.72.35.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y47ZMQAAANjYMQOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c1481833.ferozo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-073c16f88.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y47ZMQAAANjYMQOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=00512097473913355843828149153637153595; Max-Age=15552000; Expires=Sun, 04 Jun 2023 05:54:57 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: tC2XMv88TYs=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y47ZMQAAANjYMQOV
54.72.35.25200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y47ZMQAAANjYMQOV
IP 54.72.35.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y47ZMQAAANjYMQOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c1481833.ferozo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0168100b3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: VlDAdv8kQ7M=
Content-Length: 59
Connection: keep-alive
log-ad1a29c5.us.v2.we-stats.com/api/v1/sendLogs?cid=gamora&cdsnum=1670306095775-sjn0000965-b1e36400-5066-4ed5-ac8c-1f72941e3a9d&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
52.238.253.184204 No Content 0 B URL HTTP/2 log-ad1a29c5.us.v2.we-stats.com/api/v1/sendLogs?cid=gamora&cdsnum=1670306095775-sjn0000965-b1e36400-5066-4ed5-ac8c-1f72941e3a9d&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51
IP 52.238.253.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=gamora&cdsnum=1670306095775-sjn0000965-b1e36400-5066-4ed5-ac8c-1f72941e3a9d&csid=null&ds=js&sdkVer=2.19.2.465.37bfd51 HTTP/1.1
Host: log-ad1a29c5.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1260
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Dec 2022 05:54:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-584153.js?sv=7
54.230.111.8200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-584153.js?sv=7
IP 54.230.111.8:0
GET /c/hotjar-584153.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 06 Dec 2022 05:54:56 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/7658f04db3c10536dbe5362d51561b18
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6BZ4rtyaXHTNzv2j-G8NrkNdUwisGdulk6INkG50EDSvy9v1MdSjjw==
X-Firefox-Spdy: h2