urlquery - report: c1481833.ferozo.com/img/index

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (6)	344	No data	No data	23.36.76.226
galiciabanco.demdex.net (2)	580522	No data	No data	52.31.124.224
www.google.no (2)	25607	2016-04-05 19:50:59 UTC	2022-12-05 10:29:06 UTC	142.250.74.35
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	54.230.245.39
gal.bgsensors.co (1)	0	2022-08-23 14:58:41 UTC	2022-12-02 15:03:57 UTC	104.21.25.208	Unknown ranking
www.googleadservices.com (1)	107	2012-07-21 05:05:30 UTC	2022-12-05 14:38:54 UTC	142.250.74.98
libs.coremetrics.com (1)	12517	2012-06-22 08:55:08 UTC	2020-04-23 20:10:08 UTC	23.61.236.51
detectca.easysol.net (3)	60033	2012-08-17 16:57:34 UTC	2021-05-07 20:40:37 UTC	107.23.44.14
dpm.demdex.net (3)	204	2018-07-06 04:53:56 UTC	2020-04-29 23:04:31 UTC	54.72.35.25
googleads.g.doubleclick.net (2)	42	2021-02-20 15:43:32 UTC	2022-12-05 13:27:30 UTC	142.250.74.2
www.google.com.ar (2)	24055	2016-03-19 20:09:33 UTC	2022-12-06 02:15:11 UTC	172.217.21.163
cm.everesttech.net (1)	996	2018-09-03 07:40:22 UTC	2020-04-29 11:27:39 UTC	99.80.65.0
c1481833.ferozo.com (47)	0	No data	No data	200.58.112.174	Domain (ferozo.com) ranked at: 237713
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-05 04:09:48 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.38.227.80
sifo.bancogalicia.com.ar (4)	778628	2017-06-08 06:32:18 UTC	2018-03-06 12:02:53 UTC	34.196.56.54
www.galicia.ar (2)	0	2021-12-17 15:21:15 UTC	2022-12-01 05:42:37 UTC	151.101.219.10	Unknown ranking
galiciabanco.tt.omtrdc.net (1)	741080	No data	No data	54.74.22.74
static.hotjar.com (1)	641	2014-11-01 05:14:27 UTC	2020-04-26 08:32:02 UTC	54.230.111.8
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-12-05 08:37:19 UTC	142.250.74.40
analytics.google.com (1)	924	2013-06-03 21:16:55 UTC	2022-12-06 02:26:46 UTC	142.250.74.14
stats.g.doubleclick.net (1)	96	2013-06-10 20:21:11 UTC	2022-12-05 14:40:05 UTC	64.233.164.155
assets.adobedtm.com (4)	512	2014-01-31 22:40:14 UTC	2020-05-14 16:29:33 UTC	23.38.200.237
ocsp.godaddy.com (1)	698	2012-05-20 19:28:57 UTC	2020-05-02 20:58:10 UTC	192.124.249.23
www.google.com (1)	7	2016-03-22 03:56:07 UTC	2022-12-05 09:18:03 UTC	142.250.74.164
onlinebanking.bancogalicia.com.ar (2)	838359	2017-11-08 13:18:56 UTC	2022-12-06 04:10:49 UTC	161.190.1.97
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-05 04:09:09 UTC	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
ocsp.pki.goog (12)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.131
log-ad1a29c5.us.v2.we-stats.com (1)	783057	2022-07-05 00:04:06 UTC	2022-11-16 02:34:08 UTC	52.238.253.184
data.coremetrics.com (1)	11875	2017-01-30 06:15:31 UTC	2022-12-05 13:43:26 UTC	54.224.36.233
ocsp.digicert.com (10)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
www.google-analytics.com (3)	40	2012-10-03 01:04:21 UTC	2022-12-05 12:07:35 UTC	216.239.38.178
wup-ad1a29c5.us.v2.we-stats.com (1)	805485	2022-07-05 00:04:03 UTC	2022-11-16 02:34:05 UTC	52.141.217.134

Scan Date	Severity	Indicator	Comment
2022-12-06	2	c1481833.ferozo.com/img/index_files/galicia/index_files/seguloginborders	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-18 20:56:10 +0000	0 - 0 - 6	www.xn--standr-fva.com/t/verificar.php	200.58.112.174
2023-01-18 20:55:52 +0000	0 - 0 - 7	www.xn--standr-fva.com/t/clave.php	200.58.112.174
2023-01-18 20:55:33 +0000	0 - 0 - 6	www.xn--standr-fva.com/t/	200.58.112.174
2022-12-08 13:15:52 +0000	0 - 0 - 7	c1481833.ferozo.com/css/ciudad/verificar.php	200.58.112.174
2022-12-08 13:15:38 +0000	0 - 0 - 15	c1481833.ferozo.com/css/ciudad/iniciosesion.php	200.58.112.174

Date	UQ / IDS / BL	URL	IP
2023-02-01 09:57:03 +0000	0 - 1 - 18	www.suprememagician.com.ar/sidr/	200.58.111.17
2023-02-01 09:55:32 +0000	0 - 1 - 4	c1450565.ferozo.com/fichier/ajax/Cuidad/verif (...)	200.58.111.68
2023-02-01 09:55:19 +0000	0 - 1 - 18	c1450565.ferozo.com/fichier/ajax/Cuidad/inici (...)	200.58.111.68
2023-02-01 09:54:56 +0000	0 - 1 - 17	c1450565.ferozo.com/fichier/ajax/Cuidad/	200.58.111.68
2023-02-01 09:34:36 +0000	0 - 1 - 2	environ-mental.com.ar/css/UltraBranch/login.p (...)	200.58.111.46

Date	UQ / IDS / BL	URL	IP
2023-02-01 09:55:32 +0000	0 - 1 - 4	c1450565.ferozo.com/fichier/ajax/Cuidad/verif (...)	200.58.111.68
2023-02-01 09:55:19 +0000	0 - 1 - 18	c1450565.ferozo.com/fichier/ajax/Cuidad/inici (...)	200.58.111.68
2023-02-01 09:54:56 +0000	0 - 1 - 17	c1450565.ferozo.com/fichier/ajax/Cuidad/	200.58.111.68
2023-02-01 03:21:50 +0000	0 - 1 - 4	c1450565.ferozo.com/fichier/ajax/Cuidad/verif (...)	200.58.111.68
2023-02-01 03:21:29 +0000	0 - 1 - 18	c1450565.ferozo.com/fichier/ajax/Cuidad/inici (...)	200.58.111.68

JavaScript

Executed Scripts (66)

Executed Evals (67)

#1 JavaScript::Eval (size: 2560) - SHA256: 6636122fab5287a0f0992ea1c85618d5351a4d5dabb3a0b06558dea613fa22c6

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(69),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(70);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#2 JavaScript::Eval (size: 273) - SHA256: 9fb732b9f525b717beb9f8d1ae40206d514bfaed346c39fa65fbfe28fe783fc5

(function() {
    try {
        return urlConsultas = "/cuentas/mis-cuentas /tarjetas/consumos-adicional /tarjetas/consumos /tarjetas/resumen /tarjetas/consumos-tarjeta-debito /inversiones/mis-fondos-fima /inversiones/bonos-acciones /inversiones/consultar-ordenes".split(" ")
    } catch (a) {}
})();

#3 JavaScript::Eval (size: 121) - SHA256: 7d2a0d7c5bb46847da53e6ab2205d1b5e7f38e90a53fdfa66a4553d851644320

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(88) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#4 JavaScript::Eval (size: 326) - SHA256: aa19bdf77030bf7ef26bd86a4155f1bab9e643442f5faa7bdfd24bd07dcd9691

(function() {
    try {
        var a = new Date,
            c = -a.getTimezoneOffset(),
            d = 0 <= c ? "+" : "-",
            b = function(a) {
                a = Math.abs(Math.floor(a));
                return (10 > a ? "0" : "") + a
            };
        return a.getFullYear() + "-" + b(a.getMonth() + 1) + "-" + b(a.getDate()) + "T" + b(a.getHours()) + ":" + b(a.getMinutes()) + ":" + b(a.getSeconds()) + "." + b(a.getMilliseconds()) + d + b(c / 60) + ":" + b(c % 60)
    } catch (e) {}
})();

#5 JavaScript::Eval (size: 92) - SHA256: 2a967b9ccbab6ad1d3eed94b9157cb3dd9cbb57286e20a481d5a5c62a11fd8ca

(function() {
    return window.location.pathname + window.location.search + window.location.hash
})();

#6 JavaScript::Eval (size: 2560) - SHA256: 7f0fe65a61184432775d3ad08de49823a2565f41fd0611a1601ec526f8c30fff

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(71),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(72);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#7 JavaScript::Eval (size: 249) - SHA256: 6c9a183d0a51bdedd979a32e48b3e638e7356aa7ff79ecf960dda3d59295f2bc

(function() {
    try {
        for (var a = google_tag_manager["GTM-M6B9RZQ"].macro(75), c = document.location.pathname, b = 0; b < a.length; b++) {
            var d = RegExp(a[b], "ig");
            if (d.test(c)) return !0
        }
        return !1
    } catch (e) {
        return a = google_tag_manager["GTM-M6B9RZQ"].macro(77), a(e), !1
    }
})();

#8 JavaScript::Eval (size: 121) - SHA256: 0561f175474e835f017b8923db89557a5382f5d870e9a498d8edcf1732814281

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(90) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#9 JavaScript::Eval (size: 121) - SHA256: 7ebeb0e6417749c4905e73e3d8158ca2445971f98a9c9aef0c08362ec3e4229e

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(73) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#10 JavaScript::Eval (size: 311) - SHA256: d164549b2cdb186cf05dd249f57366514f9fa0aa74b6b15bbec5cf51cc1ad597

(function() {
    try {
        return urlSidebar = "^/inicio/?$ /cuentas/inicio/?$ /cuentas/mis-cuentas/?$ /tarjetas/consumos /transferencias/inicio/?$ /transferencias/informacion-contacto /inversiones/inicio/?$ /ayuda/inicio/?$ /perfil/inicio/?$".split(" ")
    } catch (a) {
        var b = google_tag_manager["GTM-M6B9RZQ"].macro(80);
        b(a)
    }
})();

#11 JavaScript::Eval (size: 121) - SHA256: d8bc99fa3e2abc55637ef17099935d89352330af62e630cb1f9ebbefce2e2ec4

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(98) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#12 JavaScript::Eval (size: 243) - SHA256: 86d407bb22071d75c3af6d68bb6de7892144257412e747e7cc19b18650d454cd

(function() {
    return function(b) {
        try {
            var c = {
                "\u00e1": "a",
                "\u00e9": "e",
                "\u00ed": "i",
                "\u00f3": "o",
                "\u00fa": "u"
            };
            return b.toLowerCase().replace(/[^a-z]/gi, function(a) {
                return c[a] || a
            }).replace(/[\u00a1!\u00bf\?]/g, "").trim()
        } catch (a) {
            return b
        }
    }
})();

#13 JavaScript::Eval (size: 845) - SHA256: d62f147b2ae48b2c4c4148cae70b5a43cccce7e50b62da8c649c09c0b96887cb

(function() {
    function b(a) {
        try {
            var b = document.createElement("a");
            b.href = a;
            var c = b.pathname,
                d = b.hostname,
                e = c.startsWith("/") ? 1 : 0,
                f = c.split("/")[e];
            return [f.toLowerCase(), d]
        } catch (g) {
            a = google_tag_manager["GTM-M6B9RZQ"].macro(30), a(g)
        }
    }
    try {
        var d = document.location.href,
            a = b(d);
        if ("error" == a[0]) try {
            if (a = b(document.referrer), -1 != document.referrer.toLowerCase().indexOf("seguridad/tarjeta-coordenadas") || -1 != document.referrer.toLowerCase().indexOf("seguridad/token-virtual")) a = b(sessionStorage.onb2_prereferrer)
        } catch (c) {
            var e = google_tag_manager["GTM-M6B9RZQ"].macro(32);
            e(c)
        }
        if (-1 != d.toLowerCase().indexOf("seguridad/tarjeta-coordenadas") || -1 != d.toLowerCase().indexOf("seguridad/token-virtual")) a = b(document.referrer);
        "cuentasproyecto" == a[0] && (a[0] = "cuentas");
        return a[0] || "(not set)"
    } catch (c) {
        e = google_tag_manager["GTM-M6B9RZQ"].macro(34), e(c)
    }
})();

#14 JavaScript::Eval (size: 121) - SHA256: 26b7de0015e7fffb6d3e8ed9e517f0faba6b98a51d701036060d8f28448ca949

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(53) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#15 JavaScript::Eval (size: 121) - SHA256: 452aa66d742049933a2bcd0f68206856809ca0446eb8283db752217ab9aca41e

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(76) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#16 JavaScript::Eval (size: 248) - SHA256: 258735b9f3ba8a1fac35630ee9decda80a55a260200bc7a2d3ddb8c7c6ab9877

(function() {
    try {
        return urlConsultas = ["/inversiones/cargar-capital-plazo-fijo/?$", "/inversiones/constituir-plazo-fijo/?$", "/inversiones/suscribir-fondo-fima-monto/?$", "/tarjetas/solicitar-titular/?$", "/tarjetas/solicitar_titular/?$"]
    } catch (a) {}
})();

#17 JavaScript::Eval (size: 111) - SHA256: 7a8018f4a9b4a2388b49d9706baee0a5181a0863b0f0630b015c8999b43ccbe3

(function() {
    try {
        return 0 < $("p.error-404").length && -1 != $("h5").text().indexOf("Ups 404")
    } catch (a) {
        return !1
    }
})();

#18 JavaScript::Eval (size: 311) - SHA256: ff12d0c247f062d8871ed1bb716f4f5b7443296356ddd5c571ebf03f9d7963e7

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(21),
            b = "Live",
            c = "Test",
            d = google_tag_manager["GTM-M6B9RZQ"].macro(22),
            e = -1 < a.indexOf("localhost");
        a = google_tag_manager["GTM-M6B9RZQ"].macro(23) == b || google_tag_manager["GTM-M6B9RZQ"].macro(24) == c;
        return d || e || a ? "test" : "live"
    } catch (f) {
        return "live"
    }
})();

#19 JavaScript::Eval (size: 2560) - SHA256: c4fffa62aadfae37690ec3364a3c7ecbdef31e4db23d1b057523324866e87cc8

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(63),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(64);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#20 JavaScript::Eval (size: 121) - SHA256: affbbe0dfb17d7d3a06889ec919522d7efadae86444cdd6966b2e203e0d56033

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(82) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#21 JavaScript::Eval (size: 121) - SHA256: 902c7b9563a0cf3160266c1bc0a2bde4bd1e643fd772f89c7b8bcd12b0b9f7a9

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(84) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#22 JavaScript::Eval (size: 121) - SHA256: 3c5fb4ab627975c586421a8e8526b0c2dcbb17984141df155bbb6009e3d51dc6

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(96) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#23 JavaScript::Eval (size: 2558) - SHA256: f1349f088515057b108079b020311bfa2b358c827cdb64e3d11e872ee069978f

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(3),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(4);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#24 JavaScript::Eval (size: 514) - SHA256: 3114c2a5c978e06af2cd90cd45371bffd0c1ff4947285e9c9f11fe9bdae50b4a

(function() {
    try {
        if ("true" == google_tag_manager["GTM-M6B9RZQ"].macro(35)) {
            if ("operationSuccessValidated" == google_tag_manager["GTM-M6B9RZQ"].macro(36)) {
                var a = google_tag_manager["GTM-M6B9RZQ"].macro(37),
                    b = [];
                if (-1 != b.indexOf(a.name)) return "false"
            }
            if ("operationEvent" == google_tag_manager["GTM-M6B9RZQ"].macro(38) && (a = google_tag_manager["GTM-M6B9RZQ"].macro(39), b = [], -1 != b.indexOf(a.name))) return "false"
        }
        return google_tag_manager["GTM-M6B9RZQ"].macro(40)
    } catch (c) {
        return google_tag_manager["GTM-M6B9RZQ"].macro(41)
    }
})();

#25 JavaScript::Eval (size: 2560) - SHA256: b22066c2b45ca4fe9b2da93c04aaea8b2a8f0cd86b25a023bea4f22991f69d5d

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(66),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(67);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#26 JavaScript::Eval (size: 132) - SHA256: 62148cea1e0ee49731a9a457f95c41989ea2024c917ebbe1867c1df217e7676e

(function() {
    return function(a) {
        try {
            return a.replace(/[0-9]/g, "*")
        } catch (b) {
            a = google_tag_manager["GTM-M6B9RZQ"].macro(91), a(b)
        }
    }
})();

#27 JavaScript::Eval (size: 122) - SHA256: 38c9fc401e85cc7bde2cf8d679031f29f0312c768ba2dbb80d7a1a294e732c98

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(101) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#28 JavaScript::Eval (size: 122) - SHA256: aca598569086eeaf54d3db6444df5374acc94c09d693637cc2399ffdd044a1c8

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(103) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#29 JavaScript::Eval (size: 36) - SHA256: 3a432892366ff54070e907455807f9f5f767ccaa664a1164fa862e6dccc38398

dca = document.createElement('script')

#30 JavaScript::Eval (size: 2558) - SHA256: ac00f6ee577df284a31a9eae04b30a363222f8f055c1e3441140284a625eed92

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(7),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(8);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#31 JavaScript::Eval (size: 121) - SHA256: e3d9fae404cead5bd2d35bc4b0a7dcba25a053de494277ba781c463da59e46a8

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(12) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#32 JavaScript::Eval (size: 121) - SHA256: 177fc78504c5e510160d83623c51255b1510984e471a98cb6bb57092d8eef3ce

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(51) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#33 JavaScript::Eval (size: 2859) - SHA256: 0dccf0db5b41ce424cc4ce4825d2f035f64663270d50f48042bfb53da0c949ac

(function() {
    try {
        return operationsInfo = [{
            url: "/seguridad/primer-ingreso-exito",
            operation: {
                name: "Onboarding"
            }
        }, {
            url: "/seguridad/generar-usuario-confirmacion",
            operation: {
                name: "Generar usuario"
            }
        }, {
            url: "/seguridad/generar-clave-exito",
            operation: {
                name: "Generar clave"
            }
        }, {
            url: "/seguridad/recuperar-usuario-confirmacion",
            operation: {
                name: "Recuperaci\u00f3n de usuario"
            }
        }, {
            url: "/seguridad/cambiar-clave-expirada-confirmacion",
            operation: {
                name: "Cambiar clave expirada"
            }
        }, {
            url: "/cuentas/editar-alias-cbu-confirmacion",
            operation: {
                name: "Editar alias de CBU"
            }
        }, {
            url: "/cuentas/alta-alias-cbu-confirmacion",
            operation: {
                name: "Alta de alias de CBU"
            }
        }, {
            url: "/cuentas/eliminar-alias-cbu-confirmacion",
            operation: {
                name: "Eliminar alias"
            }
        }, {
            url: "/cuentas/modificar-cuenta-principal-confirmacion",
            operation: {
                name: "Modificar cuenta principal"
            }
        }, {
            url: "/cuentas/nueva-caja-ahorro-exito",
            operation: {
                name: "Apertura de caja de ahorro"
            }
        }, {
            url: "/tarjetas/agregar-cuenta-asociada-exito",
            operation: {
                name: "Agregar cuenta asociada"
            }
        }, {
            url: "/tarjetas/reponer-tarjeta-debito-danada-confirmacion",
            operation: {
                name: "Reponer tarjeta de d\u00e9bito da\u00f1ada"
            }
        }, {
            url: "/tarjetas/reponer-tarjeta-debito-robo-extravio-confirmacion",
            operation: {
                name: "Reponer tarjeta de d\u00e9bito robo"
            }
        }, {
            url: "/transferencias/nuevocontactoconfirmar",
            operation: {
                name: "Agenda de contacto"
            }
        }, {
            url: "/inversiones/suscribir-cuenta-comitente-confirmacion",
            operation: {
                name: "Suscribir Cuenta Comitente"
            }
        }, {
            url: "/inversiones/anular-programacion-fondo-fima-confirmacion",
            operation: {
                name: "Anular suscripci\u00f3n programada Fondo Fima"
            }
        }, {
            url: "/editar-cuenta-debito-exito",
            operation: {
                name: "Editar cuenta d\u00e9bito pr\u00e9stamo"
            }
        }, {
            url: "/quiero/confirmarinscripcion",
            operation: {
                name: "Inscripcion a Quiero"
            }
        }, {
            url: "/perfil/alta-celular-confirmacion",
            operation: {
                name: "Agregar celular"
            }
        }, {
            url: "/perfil/alta-mail-confirmacion",
            operation: {
                name: "Agregar mail"
            }
        }, {
            url: "/alta-mail-seguridad-confirmacion",
            operation: {
                name: "Agregar mail de seguridad"
            }
        }, {
            url: "/perfil/editar-celular-confirmacion",
            operation: {
                name: "Editar celular"
            }
        }, {
            url: "/perfil/editar-mail-confirmacion",
            operation: {
                name: "Editar mail"
            }
        }, {
            url: "/perfil/editar-mail-seguridad-confirmacion",
            operation: {
                name: "Editar mail seguridad"
            }
        }, {
            url: "/perfil/editar-domicilio-confirmacion",
            operation: {
                name: "Editar domicilio"
            }
        }, {
            url: "/perfil/editar-clave-exito",
            operation: {
                name: "Editar clave"
            }
        }, {
            url: "/perfil/editar-usuario-confirmacion",
            operation: {
                name: "Editar usuario"
            }
        }, {
            url: "/perfil/eliminar-mail-confirmacion",
            operation: {
                name: "Eliminar mail"
            }
        }, {
            url: "/perfil/eliminar-celular-confirmacion",
            operation: {
                name: "Eliminar celular"
            }
        }, {
            url: "/perfil/recomendar-persona-confirmacion",
            operation: {
                name: "Recomendar Galicia Persona"
            }
        }, {
            url: "/perfil/recomendar-empresa-confirmacion",
            operation: {
                name: "Recomendar Galicia Empresa"
            }
        }]
    } catch (a) {
        var b = google_tag_manager["GTM-M6B9RZQ"].macro(10);
        b(a)
    }
})();

#34 JavaScript::Eval (size: 329) - SHA256: bbf9c318856832806f04c608c91e5b4f4a108fa0fb4f4488537ae6a5c0e4af6f

(function() {
    try {
        var b = void 0;
        if (0 < document.referrer.length) {
            var a = document.createElement("a");
            a.href = document.referrer; - 1 == a.hostname.indexOf("onlinebanking.bancogalicia") && (b = a.hostname + a.pathname + a.search + a.hash);
            b = a.pathname + a.search + a.hash
        }
        return b
    } catch (c) {
        google_tag_manager["GTM-M6B9RZQ"].macro(28) && console.error(c)
    }
})();

#35 JavaScript::Eval (size: 311) - SHA256: c9f964f0f3f063a2dd501b6c48ef2d9237caf16b94070df838969c1aaf2922bd

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(45),
            b = "Live",
            c = "Test",
            d = google_tag_manager["GTM-M6B9RZQ"].macro(46),
            e = -1 < a.indexOf("localhost");
        a = google_tag_manager["GTM-M6B9RZQ"].macro(47) == b || google_tag_manager["GTM-M6B9RZQ"].macro(48) == c;
        return d || e || a ? "test" : "live"
    } catch (f) {
        return "live"
    }
})();

#36 JavaScript::Eval (size: 122) - SHA256: 17317b97a1a9cac0973abe35b17e681c281bfd3bd22fd40cbd37205fdf2aba03

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(105) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#37 JavaScript::Eval (size: 122) - SHA256: d9ad7e12fe90675bc858459c2157bc27d1a1bc580485502179425067327fedeb

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(107) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#38 JavaScript::Eval (size: 127) - SHA256: c6ca3f814f70ec55a1cabc8e69532f38ad0cedc0d7726b7002173f8a45b9ebb9

(function() {
    return function(a, b, c) {
        window.dataLayer.push({
            event: "trackEvent",
            eventCategory: a,
            eventAction: b,
            eventLabel: c
        })
    }
})();

#39 JavaScript::Eval (size: 231) - SHA256: 9b8bda9ed9049b4f25562f7961331e6b6f2c442fa2f3bc98843aa4b941e19139

(function() {
    try {
        var a = document.location.pathname.toLowerCase();
        if (-1 != a.indexOf("prestamos/solicitar")) return sessionStorage.onb2_pressubtype;
        if (/tarjetas\/.+pag(o|ar).*/i.test(a)) return sessionStorage.onb2_paymtype
    } catch (b) {}
})();

#40 JavaScript::Eval (size: 202) - SHA256: 9a2f34fd4e6e2a49d177ac4acc8ab5bfa1443776170966b59110bfb966e787c2

(function() {
    try {
        for (var b = google_tag_manager["GTM-M6B9RZQ"].macro(78), c = document.location.pathname, a = 0; a < b.length; a++) try {
            var d = RegExp(b[a], "ig");
            if (d.test(c)) return !0
        } catch (e) {}
        return !1
    } catch (e) {}
})();

#41 JavaScript::Eval (size: 144) - SHA256: 2e78e49c3ad33b2be9e06a09143c164acd642792e15a1e4fc36832cf9104cc2d

(function() {
    try {
        var a = document.location.pathname,
            b = /^\/inversiones(.*)-fima-?|^\/inversiones(.*)_fima/i;
        return b.test(a)
    } catch (c) {
        return !1
    }
})();

#42 JavaScript::Eval (size: 143) - SHA256: 1823d2afc6738df269be9791f4ae60e4f6263f3b4b5199c36dbe4c151bc8eb4d

(function() {
    return function(a, b, c) {
        try {
            window.dataLayer.push({
                event: "uiInteraction",
                uiInteractionPlace: a,
                uiAction: b,
                uiText: c
            })
        } catch (d) {}
    }
})();

#43 JavaScript::Eval (size: 121) - SHA256: 4ebb5dba6929186c51e2566cd295556371b3d30fceceaa76e4300b9ef49965db

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(14) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#44 JavaScript::Eval (size: 32677) - SHA256: 827d13583d3617938dc99525649cc26035dba9711e3cb8a7722a5184d7a74753

(function() {
    return function(b, a, c) {
        function d(e, f) {
            return e + f
        }
        try {
            var g;
            b = b.toLowerCase();
            a = a.toLowerCase();
            var h = [-1 != a.indexOf("?"), -1 != b.indexOf("ir a una terminal") && -1 != a.indexOf("tu tarjeta"), -1 != b.indexOf("elegiste tu cuenta corriente") && -1 != a.indexOf("al operar con esta cuenta"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("record\u00e1 que al no definir"), -1 != b.indexOf("pedido de chequera") && -1 != a.indexOf("tu pedido queda sujeto a"), -1 != b.indexOf("editar alias de cbu") && -1 != a.indexOf("\u00bfdeseas cancelar la edici"), -1 != b.indexOf("eliminar alias") && -1 != a.indexOf("\u00bfdeseas cancelar la baja"), -1 != b.indexOf("alta de alias de cbu") && -1 != a.indexOf("\u00bfdeseas cancelar el alta"), -1 != b.indexOf("no pod\u00e9s realizar esta transferencia") && -1 != a.indexOf("tu saldo es insuficiente para realizar esta operaci\u00f3n"), -1 != b.indexOf("no podemos ofrecerte un upgrade") && -1 != a.indexOf("no pudimos obtener una mejor oferta"), -1 != b.indexOf("no podemos ofrecerte un upgrade") && -1 != a.indexOf("ya ten\u00e9s la mejor oferta disponible"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("para desbloquearlo ingres\u00e1 a la opci\u00f3n token galicia de la app y segu\u00ed las instrucciones"), -1 != b.indexOf("cuenta proyecto") && -1 != a.indexOf("desea cerrar la cuenta proyecto?"), -1 != b.indexOf("segu\u00eds ah\u00ed?"), -1 != b.indexOf("compra/venta de d\u00f3lares") && -1 != a.indexOf("para realizar una compra o venta de d\u00f3lares necesit\u00e1s tener"), -1 != b.indexOf("operaciones de riesgo revocada") && -1 != a.indexOf("actualmente ten\u00e9s revocadas"), -1 != b.indexOf("bienvenido"), -1 != b.indexOf("configurar alertas") && -1 != a.indexOf("est\u00e1s abandonando esta p\u00e1"), -1 != b.indexOf("configurar alertas") && -1 != a.indexOf("la alerta se modific\u00f3 exi"), -1 != b.indexOf("cuenta proyecto") && -1 != a.indexOf("\u00bfdesea cerrar la cuent"), -1 != b.indexOf("sesi\u00f3n expirada") && -1 != a.indexOf("voluntariamente o por exceso de tiempo inactivo"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el importe ingresado es mayor al saldo"), -1 != b.indexOf("saldo insuficiente") &&
                    -1 != a.indexOf("importe ingresado es mayor al saldo"), -1 != b.indexOf("eliminar tarjeta") && -1 != a.indexOf("para recargarla deber\u00e1s volver a ingresar los datos")
                ],
                k = [-1 != b.indexOf("abr\u00ed una cuenta comitente") && -1 != a.indexOf("para invertir necesit\u00e1s abrir una cuenta comitente"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el monto ingresado es mayor al saldo"), -1 != b.indexOf("compra/venta de d\u00f3lares") && -1 != a.indexOf("es necesario que tengas una caja de ahorro en d\u00f3lares"), "ADELANTO_SINOFERTA" ==
                    c, "PREST_ADELANTO_SINOFERTA" == c, "PREST_SOLIC_EVAL_OFERPRES_SOLICITUD_PENDIENTE" == c, "PREST_SOLIC_RECHAZADA" == c, "NO_HABILOTADO_OPERACIONES_RIESGO" == c, "UPGR_TARJ_N" == c, "AAMETODOBLOQUEADO_SOFTTOKEN" == c, "AAMETODOBLOQUEADO_COORDENADAS" == c, -1 != a.indexOf("si estas adherido al d\u00e9bito autom\u00e1tico y vas a pagar tu tarjeta entre el cierre y el vencimiento"), -1 != a.indexOf("para obtener tu tarjeta deber\u00e1s dirigirte a una de nuestras sucursales"), -1 != b.indexOf("aumentar l\u00edmite transitorio") &&
                    -1 != a.indexOf("detectamos que ten\u00e9s una solicitud de modificaci\u00f3n anterior"), -1 != b.indexOf("pago de tarjeta") && -1 != a.indexOf("pod\u00e9s pagar el importe en d\u00f3lares desde una caja de ahorro en pesos o cuenta corriente en pesos d\u00edas h\u00e1biles"), -1 != b.indexOf("fuera de horario"), -1 != a.indexOf("el nuevo l\u00edmite seleccionado es igual al actual"), -1 != a.indexOf("por favor ingres\u00e1 un mail que no sea @bancogalicia.com.ar"), -1 != a.indexOf("pod\u00e9s detener el d\u00e9bito autom\u00e1tico para este vencimiento luego de"), -1 != a.indexOf("tenes una sola cuenta asociada en pesos y ya es primaria"), -1 != a.indexOf("esta funcionalidad se encuentra en proceso de desarrollo"), -1 != b.indexOf("activar token virtual") && -1 != a.indexOf("detectamos que tu token a"), -1 != b.indexOf("agendar contacto") && -1 != a.indexOf("no podemos agendar al contacto porque el banco al que le quer\u00e9s tranferir"), -1 != b.indexOf("apertura de cuenta proyecto") && -1 != a.indexOf("para crear una cuenta pro"), -1 != b.indexOf("apertura de cuenta proyecto") && -1 !=
                    a.indexOf("superaste la cantidad de"), -1 != b.indexOf("aumentar l\u00edmite transitorio") && -1 != a.indexOf("detectamos que ten\u00e9s una"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("la clave que ingresaste y"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("record\u00e1 que los n\u00fameros q"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("el importe total que dest"), -1 != b.indexOf("comprar/vender bonos y acciones") && -1 != a.indexOf("especie no disponible par"), -1 != b.indexOf("configuraci\u00f3n de alertas:") &&
                    -1 != a.indexOf("disculp\u00e1, solo podes ingr"), -1 != b.indexOf("constituir plazo fijo") && -1 != a.indexOf("el monto ingresado no pue"), -1 != b.indexOf("editar clave galicia") && -1 != a.indexOf("la clave ingresada es inv"), -1 != b.indexOf("editar clave galicia") && -1 != a.indexOf("la clave ingresada no deb"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el usuario no debe ser un"), -1 != b.indexOf("el importe ingresado es menor al m\u00ednimo permitido") && -1 != a.indexOf("el importe no debe ser in"), -1 != b.indexOf("el importe supera el l\u00edmite diario") &&
                    -1 != a.indexOf("el importe a transferir n"), -1 != b.indexOf("el importe supera el l\u00edmite mensual") && -1 != a.indexOf("el importe a transferir n"), -1 != b.indexOf("el monto que quer\u00e9s transferir excede el l\u00edmite") && -1 != a.indexOf("pod\u00e9s solicitar una trans"), -1 != b.indexOf("eliminar celular") && -1 != a.indexOf("el celular al que queres"), -1 != b.indexOf("eliminar celular") && -1 != a.indexOf("no pod\u00e9s eliminar un celu"), -1 != b.indexOf("eliminar mail") && -1 != a.indexOf("no pod\u00e9s eliminar un mail"), -1 != b.indexOf("est\u00e1s eligiendo un fondo fima en dolares") && -1 != a.indexOf("la moneda del fondo debe"), -1 != b.indexOf("est\u00e1s eligiendo un fondo fima en d\u00f3lares") && -1 != a.indexOf("no encontramos una cuenta"), -1 != b.indexOf("est\u00e1s eligiendo un fondo fima en pesos") && -1 != a.indexOf("la moneda del fondo debe"), -1 != b.indexOf("fondo fima") && -1 != a.indexOf("pod\u00e9s realizar esta opera"), -1 != b.indexOf("fondos fima") && -1 != a.indexOf("pod\u00e9s realizar esta opera"), -1 != b.indexOf("funcionalidad no disponible") &&
                    -1 != a.indexOf("esta funcionalidad se enc"), -1 != b.indexOf("la cantidad de cuotapartes es menor al m\u00ednimo permitido") && -1 != a.indexOf("la cantidad de cuotaparte"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el motivo no puede estar"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el saldo de tu cuenta es"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el saldo en tu cuenta es"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("para consultar las \u00f3rdene"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("para realizar esta invers"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("solo pod\u00e9s seleccionar"), -1 != b.indexOf("mensaje.") && -1 != a.indexOf("el monto ingresado no puede ser menor"), -1 != b.indexOf("no se puede continuar con la operaci\u00f3n") && -1 != a.indexOf("en este momento no tenemo"), -1 != b.indexOf("no se puede continuar con la operaci\u00f3n") && -1 != a.indexOf("para acceder al pr\u00e9stamo"), -1 != b.indexOf("nuevo pr\u00e9stamo") && -1 != a.indexOf("no ten\u00e9s una cuenta activ"), -1 != b.indexOf("operaci\u00f3n exclusiva para clientes habilitados.") &&
                    -1 != a.indexOf("si quer\u00e9s realizar operac"), -1 != b.indexOf("pagar haberes") && -1 != a.indexOf("esta operaci\u00f3n es exclusi"), -1 != b.indexOf("pago de haberes") && -1 != a.indexOf("disculp\u00e1 solo pod\u00e9s pagar"), -1 != b.indexOf("pedido de chequera") && -1 != a.indexOf("el pedido excede el cupo"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("la persona que ingresaste"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("para poder recomendar gal"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n t"), -1 != b.indexOf("solicitar caja de ahorro") && -1 != a.indexOf("para continuar ten\u00e9s que"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("para obtener tu tarjeta d"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("ya realizaste una solicit"), -1 != b.indexOf("solicitar tarjetas adicionales") && -1 != a.indexOf("solo podes pedir adiciona"), -1 != b.indexOf("transferencias a terceros") && -1 != a.indexOf("la moneda de la cuenta or"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el banco al que le quer\u00e9s"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("la cuenta a la que quer\u00e9s"), -1 != b.indexOf("ups!") && -1 != a.indexOf("no ten\u00e9s las credenciales"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("alcanzaste la cantidad m\u00e1"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que no ten\u00e9s p"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que ten\u00e9s una"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que ya ten\u00e9s u"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, detectamos que"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, superaste el l\u00ed"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, tu saldo es ins"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el importe de la deuda qu"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el importe de la/s deuda/"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el importe supera el l\u00edmi"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el monto a operar es meno"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el monto que ingresaste s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el monto supera el l\u00edmite"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("la cantidad de transaccio"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("limite diario superado 0"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("nacionalidad no permitida"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("no ten\u00e9s mail de seguridad registrado para editar tu usuario"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para acceder al pr\u00e9stamo"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para realizar un rescate"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para realizar una suscrip"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para realizar una transfe"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("por favor verific\u00e1 si tu"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("por tu seguridad, esta op"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("realizaste una solicitud"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("registramos que ya ten\u00e9s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("tu tarjeta no permite aum"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("voluntariamente o por exc"), -1 != b.indexOf("ups, algo sali\u00f3 malups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("no ten\u00e9s mail de segurida"), -1 != b.indexOf("usuario blanqueado") && -1 != a.indexOf("disculp\u00e1, para poder ingr"), -1 != b.indexOf("usuario no adherido") && -1 != a.indexOf("acercate a la sucursal m\u00e1"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el importe total que dest"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el precio m\u00e1ximo que est\u00e1"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("usuario inv\u00e1lido. deb\u00e9s i"), -1 != b.indexOf("generar usuario") &&
                    -1 != a.indexOf("el usuario ingresado es i"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el usuario ingresado es i"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias podr\u00e1 ser modifi"), -1 != b.indexOf("apertura de cuenta proyecto") && -1 != a.indexOf("el nombre de la cuenta pr"), -1 != b.indexOf("fuera de horario") && -1 != a.indexOf("el horario habilitado par"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("el horario para compra de"), -1 != b.indexOf("constituir plazo fijo") &&
                    -1 != a.indexOf("el horario de constituci\u00f3"), -1 != b.indexOf("fuera de horario") && -1 != a.indexOf("no se encuentra en un hor"), -1 != b.indexOf("plazo incorrecto.") && -1 != a.indexOf("la fecha de vencimiento q"), -1 != b.indexOf("rescate de cuenta proyecto") && -1 != a.indexOf("el horario de rescates de"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el horario para venta de"), -1 != b.indexOf("reserva en cuenta proyecto") && -1 != a.indexOf("el horario de reservas a"), -1 != b.indexOf("modificar acci\u00f3n al vencimiento") &&
                    -1 != a.indexOf("la acci\u00f3n al vencimiento"), -1 != b.indexOf("plazo incorrecto.") && -1 != a.indexOf("el plazo ingresado no pue"), -1 != b.indexOf("adhiriendo d\u00e9bito autom\u00e1tico") && -1 != a.indexOf("no es posible realizar la"), -1 != a.indexOf("el horario para licitar es de lunes a viernes de"), -1 != b.indexOf("lamentablemente no podemos otorgarte un pre-acuerdo") && -1 != a.indexOf("para acceder a un pr\u00e9stamo hipotecario"), -1 != a.indexOf("en este momento no hay especies disponibles para licitar"), -1 !=
                    b.indexOf("deteniendo d\u00e9bito autom\u00e1tico") && -1 != a.indexOf("est\u00e1 operaci\u00f3n s\u00f3lo se puede realizar luego de"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("el horario para compra venta de bonos y acciones es de d\u00edas h\u00e1biles"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("el monto que ingresaste es mayor al saldo de tu cuenta"), -1 != b.indexOf("aviso") && -1 != a.indexOf("esta operaci\u00f3n est\u00e1 disponible los d\u00edas h\u00e1biles de"), -1 != b.indexOf("bandas de precio permitidas") && -1 != a.indexOf("el mercado no acepta \u00f3rdenes de compra cuyo precio sea mayor al \u00faltimo operado"), -1 != b.indexOf("dinero ingresado supera tu monto disponible") && -1 != a.indexOf("notamos que el monto que quer\u00e9s invertir supera el saldo que ten\u00e9s en tu cuenta"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("ingresaste un monto mayor al permitido"), -1 != a.indexOf("para realizar esta inversi\u00f3n ten\u00e9s que abrir una cuenta comitente"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("ingresaste un monto menor al permitido"), -1 != b.indexOf("bandas de precio permitidas") && -1 != a.indexOf("el mercado no acepta \u00f3rdenes de compra cuyo precio sea mayor al \u00falitmo operado"), -1 != b.indexOf("ya realizaste con anterioridad esta operaci\u00f3n") && -1 != a.indexOf("disculp\u00e1 las molestias ocasionadas"), -1 != b.indexOf("rango de fechas es incorrecto") && -1 != a.indexOf("eleg\u00ed un per\u00edodo de hasta"), -1 != b.indexOf("sin tenencia para vender") &&
                    -1 != a.indexOf("en este momento no ten\u00e9s especies para vender en la cuenta comitente seleccionada"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("el monto de dinero que ingresaste equivale a una cantidad de nominales mayor a la que ten\u00e9s"), -1 != b.indexOf("importante") && -1 != a.indexOf("el monto de la operaci\u00f3n es mayor al saldo disponible de tu cuenta"), -1 != b.indexOf("saldo insuficiente en Cuenta Corriente") && -1 != a.indexOf("la cuenta no tiene fondos suficientes para realizar el d\u00e9bito"), -1 != b.indexOf("asociar caja de ahorro en d\u00f3lares") && -1 != a.indexOf("detectamos que tu caja de ahorro en d\u00f3lares n\u00famero"), -1 != b.indexOf("mercado cerrado") && -1 != a.indexOf("podr\u00e1s operar d\u00edas h\u00e1biles"), -1 != b.indexOf("no ten\u00e9s una caja de ahorro en d\u00f3lares") && -1 != a.indexOf("para constituir un plazo fijo en d\u00f3lares"), -1 != b.indexOf("el dinero ingresado supera tu monto disponible") && -1 != a.indexOf("notamos que el monto que quer\u00e9s invertir supera el saldo que ten\u00e9s en tu cuenta"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("ingresaste una cantidad de nominales mayor a tu tenencia"), -1 != b.indexOf("no ten\u00e9s una caja de ahorro en d\u00f3lares") && -1 != a.indexOf("para constituir un plazo fijo en d\u00f3lares"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el horario para compra venta de bonos y acciones es de d\u00edas h\u00e1biles"), -1 != b.indexOf("por favor seleccion\u00e1 otra clase") && -1 != a.indexOf("la clase que seleccionaste no es la correcta teniendo en cuenta tu tenencia y el monto"), -1 != b.indexOf("el rango de fechas es incorrecto") && -1 != a.indexOf("hoy es la m\u00e1xima fecha de fin disponible"), -1 != b.indexOf("inversiones") && -1 != a.indexOf("el horario para operar es de"), -1 != b.indexOf("el rango de fechas es incorrecto") && -1 != a.indexOf("por favor, eleg\u00ed una fecha anterior"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("el importe a rescatar supera el monto de la tenencia valorizada"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") &&
                    -1 != a.indexOf("el monto a operar es menor al m\u00ednimo"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("de acuerdo a las reglamentaciones vigentes"), -1 != b.indexOf("registro de alta de comitente pendiente") && -1 != a.indexOf("tu operaci\u00f3n no pudo realizarse"), -1 != b.indexOf("tu cuenta comitente ya est\u00e1 dada de baja") && -1 != a.indexOf("el estado de la cuenta lo vas a ver actualizado"), -1 != b.indexOf("no cont\u00e1s con caja de ahorro en d\u00f3lares") && -1 != a.indexOf("en caso que el bono pague capital o intereses en d\u00f3lares"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("el precio limite ingresado es mayor que el 5% del \u00faltimo operado"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("el precio limite ingresado es menor que el 5% del \u00faltimo operado"), -1 != b.indexOf("el importe ingresado supera la tenencia") && -1 != a.indexOf("el importe no debe ser su")
                ],
                l = [-1 != a.indexOf("ultimo precio operado vac\u00edo"), -1 != a.indexOf("disculp\u00e1 no hemos podido completar la operaci\u00f3n ahora.por favor intent\u00e1 m\u00e1s tarde."), -1 != b.indexOf("compartir comprobante") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("configurar alertas") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("detalle de cuotas de pr\u00e9stamo") && -1 != a.indexOf("no pudimos env\u00edar el mail"), -1 != b.indexOf("disculpa, hubo un error") && -1 != a.indexOf("ocurri\u00f3 un error cargando"), -1 != b.indexOf("disculp\u00e1, no podemos completar esta tarea.") && -1 != a.indexOf("en este momento no podemo"), -1 != b.indexOf("editar contacto") &&
                    -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("editar descripci\u00f3n de cuentas") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("disculp\u00e1 no podemos edita"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("disculp\u00e1 no podemos recup"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("no se pudo validar el c\u00f3d"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("no se pudo validar tu usu"), -1 != b.indexOf("fondo fima") &&
                    -1 != a.indexOf("fondo fima no disponible"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("ocurri\u00f3 un error al valid"), -1 != b.indexOf("hubo un problema con algunos pagos") && -1 != a.indexOf("revis\u00e1 m\u00e1s tarde si adora"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("error al ingresar a galic"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("no pudimos enviar el mail"), -1 != b.indexOf("no es posible realizar tu pago.") && -1 != a.indexOf("en este momento no podemo"), -1 != b.indexOf("no se puede continuar con la operaci\u00f3n") &&
                    -1 != a.indexOf("por favor, volv\u00e9 a intent"), -1 != b.indexOf("pr\u00e9stamos") && -1 != a.indexOf("disculp\u00e1, no hemos podido"), -1 != b.indexOf("primer ingreso") && -1 != a.indexOf("moment\u00e1neamente no es pos"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("disculp\u00e1, no podemos acce"), -1 != b.indexOf("solicitar tarjetas adicionales") && -1 != a.indexOf("hubo un error al validar"), -1 != b.indexOf("ups 404") && -1 != a.indexOf("no encontramos lo que est"), -1 != b.indexOf("ups, algo sali\u00f3 mal :(") && -1 !=
                    a.indexOf("estamos trabajando para s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, funcionalidad n"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el motivo no puede estar"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("en este momento no es pos"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("en este momento no podemo"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("en este momento no se pue"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("ingreso por url o por vol"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("no encontramos la factura"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("por favor comunicate con"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("por favor reintent\u00e1 la op"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("reintenta la operaci\u00f3n y,"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("the operation has timed o"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("unable to connect to the"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias podr\u00e1 volver a c"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("no pudimos obtener el det")
                ],
                m = ["LOGIN_ERR_ADHESION_INEXISTENTE" == c, "LOGIN_ERR_ADHESION_NOADHERIDO" == c, "LOGIN_ERR_ADHEBLOQ" == c, "LOGIN_ERR_LOGIN_USUARIOALFANUMERICOBLANQUEADO" == c, "LOGIN_ERR_ADHESPRD" == c, "LOGIN_ERR_USUNOCOI" == c, "LOGIN_ERR_CLIBLOHB" ==
                    c, "LOGIN_ERR_AUTH_TO" == c, "LOGIN_ERR_CLIBLO" == c, -1 != b.indexOf("adherir servicio") && -1 != a.indexOf("est\u00e1s ingresando una refe"), -1 != b.indexOf("agregar celular") && -1 != a.indexOf("el n\u00famero de celular que"), -1 != b.indexOf("agregar mail") && -1 != a.indexOf("debes ingresar el mail pa"), -1 != b.indexOf("agregar mail") && -1 != a.indexOf("el mail que ingresaste ya"), -1 != b.indexOf("agregar mail de seguridad") && -1 != a.indexOf("ya ten\u00e9s un mail de segur"), -1 != b.indexOf("alta contacto") && -1 != a.indexOf("est\u00e1s ingresando un conta"), -1 != b.indexOf("alta contacto") && -1 != a.indexOf("est\u00e1s ingresando una desc"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("est\u00e1s repitiendo incorrec"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("la clave actual que est\u00e1s"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("la cuenta no tiene fondos"), -1 != b.indexOf("cuenta primaria de tarjeta de d\u00e9bito") && -1 != a.indexOf("tenes una sola cuenta aso"), -1 != b.indexOf("editar celular") && -1 != a.indexOf("el n\u00famero de celular que"), -1 != b.indexOf("editar clave galicia") && -1 != a.indexOf("las claves deben coincidi"), -1 != b.indexOf("editar contacto") && -1 != a.indexOf("est\u00e1s ingresando un conta"), -1 != b.indexOf("editar domicilio") && -1 != a.indexOf("deb\u00e9s seleccionar una pro"), -1 != b.indexOf("editar domicilio") && -1 != a.indexOf("el domicilio ingresado es"), -1 != b.indexOf("editar mail") && -1 != a.indexOf("el mail que ingresaste ya"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("el mail que ingresaste ya"), -1 != b.indexOf("editar mail de seguridad") &&
                    -1 != a.indexOf("superaste los intentos de"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("los usuarios deben coinci"), -1 != b.indexOf("el c\u00f3digo de servicio ingresado es incorrecto.") && -1 != a.indexOf("verificalo y volv\u00e9 a ingr"), -1 != b.indexOf("el n\u00famero telef\u00f3nico ingresado es incorrecto.") && -1 != a.indexOf("verificalo y volv\u00e9 a ingr"), -1 != b.indexOf("eliminar celular") && -1 != a.indexOf("el n\u00famero de celular que"), -1 != b.indexOf("eliminar mail") && -1 != a.indexOf("el mail al que quer\u00e9s tra"), -1 != b.indexOf("eliminar mail") && -1 != a.indexOf("el mail que ingresaste no"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("el campo mail no puede es"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("alcanzaste la cantidad m\u00e1"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("detectamos que ya cont\u00e1s"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("el tipo y/o n\u00famero de doc"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("la clave ingresada es inv"), -1 != b.indexOf("generar clave") &&
                    -1 != a.indexOf("las claves no coinciden."), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("la clave ingresada es inv"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("los usuarios no coinciden"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("para acceder a online ban"), -1 != b.indexOf("la cantidad de cuotapartes supera la tenencia") && -1 != a.indexOf("la cantidad de cuotaparte"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("debe ingresar una descrip"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el monto ingresado no es"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("por favor, ingres"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("por favor, ingres"), -1 != b.indexOf("mensaje.") && -1 != a.indexOf("el monto ingresado no es"), -1 != b.indexOf("mensaje.") && -1 != a.indexOf("el monto ingresado no puede ser mayor al saldo de la cuenta seleccionada"), -1 != b.indexOf("modificar l\u00edmite de tarjeta") && -1 != a.indexOf("el nuevo l\u00edmite seleccion"), -1 != b.indexOf("modificar opci\u00f3n de resumen") && -1 != a.indexOf("la opci\u00f3n que seleccionas"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("la empresa que est\u00e1s refi"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("la persona que est\u00e1s refi"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("superaste los intentos de"), -1 != b.indexOf("repetir transferencia") && -1 != a.indexOf("disculp\u00e1 no podemos repet"), -1 != b.indexOf("saldo insuficiente") && -1 != a.indexOf("el saldo de la cuenta sel"), -1 != b.indexOf("saldo insuficiente") && -1 != a.indexOf("no es posible rescatar el"), -1 !=
                    b.indexOf("saldo insuficiente") && -1 != a.indexOf("no es posible reservar el"), -1 != b.indexOf("saldo insuficiente.") && -1 != a.indexOf("no es posible reservar el"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("el c\u00f3digo postal que ingr"), -1 != b.indexOf("tarjeta de coordenadas") && -1 != a.indexOf("se han producido reiterad"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("detectamos que no diste d"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("se han producido reiterad"), -1 != b.indexOf("token galicia.") &&
                    -1 != a.indexOf("se han producido reiterad"), -1 != b.indexOf("token galicia.") && -1 != a.indexOf("ten\u00e9s el token bloqueado."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el cdi no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el cuil no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el cuit no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("la cuenta a la cual inten"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("descripci\u00f3n inv\u00e1lida. c\u00f3d"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que alguna de"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el cliente no tiene cuent"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el usuario ingresado ya e"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("esta operaci\u00f3n ya fue rea"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("esta operaci\u00f3n ya fue sol"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("esta recomendaci\u00f3n ya fue"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("est\u00e1s ingresando un conta"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("la factura seleccionada,"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("los datos ingresados no s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("no ten\u00e9s mail de seguridad registrado para recuperar tu usuario"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("para operar con esta cuen"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("pregunta ya realizada."), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("superaste los intentos de"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("tu clave galicia ha sido"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("tu usuario ha sido bloque"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("ya generaste tu usuario a"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("ya realizaste un pago par"), -1 != b.indexOf("detectamos un error") && -1 != a.indexOf("encontramos un error en l"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("el usuario ingresado es i"), -1 != b.indexOf("tarjeta de coordenadas") && -1 != a.indexOf("ingreso incorrecto. la ta"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n q"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("disculp\u00e1, detectamos un e"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("token galicia se bloquea"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("el c\u00f3digo ingresado es in"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias ingresado es ine"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("el captcha ingresado es i"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("el c\u00f3digo ingresado es in"), -1 != b.indexOf("error") && -1 != a.indexOf("monto inv\u00e1lido."), -1 != b.indexOf("asociaci\u00f3n de nuevo mail a online banking") && -1 != a.indexOf("el formato del mail es in"), -1 != b.indexOf("transferir a terceros") &&
                    -1 != a.indexOf("est\u00e1s ingresando un alias"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculpa, detectamos un e"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias corresponde a ot"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu numero d"), -1 != b.indexOf("edicion de alias de cbu") && -1 != a.indexOf("este alias ya est\u00e1 siendo"), -1 != b.indexOf("alta mail para recepci\u00f3n de beneficios") && -1 != a.indexOf("el formato del mail es in"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el usuario actual que ing"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu nro. de"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("el campo mail es inv\u00e1lido"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("n\u00famero de tel\u00e9fono inv\u00e1li"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n q"), -1 != b.indexOf("agendar contacto") && -1 != a.indexOf("no podemos agendar al contacto porque el cbu o alias no se encuentra habilitado"), -1 != b.indexOf("error") && -1 != a.indexOf("n\u00famero inv\u00e1lido"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("disculp\u00e1, el cbu o alias"), -1 != b.indexOf("creaci\u00f3n de alias de cbu") && -1 != a.indexOf("este alias ya est\u00e1 siendo"), -1 != b.indexOf("agregar mail de seguridad") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n q"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("el formato del mail es in"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el c\u00f3digo ingresado es in"), -1 != b.indexOf("agendar contacto") && -1 != a.indexOf("disculp\u00e1, el cbu o alias"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("el mail ingresado es inv\u00e1"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu clave de"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu codigo d"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu dni cuit"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu legajo +"), -1 != b.indexOf("cbu no identificado") && -1 != a.indexOf("disculp\u00e1, detectamos un e"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("el documento ingresado es"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("el cuit que ingresaste es"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("cbu no identificado c\u00f3dig"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu codigo b"), -1 != b.indexOf("usuario inexistente") && -1 != a.indexOf("si est\u00e1s interesado en al"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("la fecha desde no puede s"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("la fecha de nacimiento qu"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("el formato de las fechas"), -1 != b.indexOf("no encontramos la deuda a pagar") && -1 != a.indexOf("por favor, verific\u00e1 que la factura est\u00e9 dentro de los vencimientos"), -1 != b.indexOf("recuperando tu usuario galicia") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n que ingresaste es incorrecto, por favor verificalo e ingresalo nuevamente")
                ];
            return g = 0 < l.reduce(d, 0) ? "System" : 0 < k.reduce(d, 0) ? "Function" : 0 < m.reduce(d, 0) ? "User" : 0 < h.reduce(d, 0) ? "Alert" : "System"
        } catch (e) {
            b = google_tag_manager["GTM-M6B9RZQ"].macro(94), b(e)
        }
    }
})();

#45 JavaScript::Eval (size: 2562) - SHA256: e751baf73f385706d7e8a9500d9bc0aaadc01c33fbd5064bb4b5bf53cc68d213

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(118),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(119);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#46 JavaScript::Eval (size: 44) - SHA256: 1260373596fccab9f78ef49644de6a84937c8dc65de99f5ff1c273ec30de4327

s = document.getElementsByTagName('script')[0]

#47 JavaScript::Eval (size: 97) - SHA256: 75e2683e6e4e71249e801997fbfa82a5792c06a8055b770bb84aa79b65493955

(function() {
    try {
        return 0 < $("script[src\x3d'/Scripts/eluminate.js']").length ? !0 : !1
    } catch (a) {}
})();

#48 JavaScript::Eval (size: 121) - SHA256: a4c350517c36395370e4663094ba808fde72397d170eaa14c4c1c4b01b2f600c

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(26) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#49 JavaScript::Eval (size: 121) - SHA256: a639f5c1d4c570cd67dd9db57bd1ddc482f8523a50f1dc66185bcc982225c0dc

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(29) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#50 JavaScript::Eval (size: 310) - SHA256: 97466979a59667408afd771a3225fc4a4ccd02e2587064776a0b96dccb11a0c4

(function() {
    try {
        for (var d = google_tag_manager["GTM-M6B9RZQ"].macro(11), e = document.location.pathname, a = 0; a < d.length; a++) try {
            var f = RegExp(d[a].url, "ig");
            if (f.test(e)) return !0
        } catch (b) {
            var c = google_tag_manager["GTM-M6B9RZQ"].macro(13);
            c(b)
        }
        return !1
    } catch (b) {
        c = google_tag_manager["GTM-M6B9RZQ"].macro(15), c(b)
    }
})();

#51 JavaScript::Eval (size: 311) - SHA256: 487a6da1765ae333597a0b72256aa58a08846e09585cc17bfddf436407b22fd1

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(16),
            b = "Live",
            c = "Test",
            d = google_tag_manager["GTM-M6B9RZQ"].macro(17),
            e = -1 < a.indexOf("localhost");
        a = google_tag_manager["GTM-M6B9RZQ"].macro(18) == b || google_tag_manager["GTM-M6B9RZQ"].macro(19) == c;
        return d || e || a ? "test" : "live"
    } catch (f) {
        return "live"
    }
})();

#52 JavaScript::Eval (size: 121) - SHA256: 442419b3e8141856a9638d3ae97f639278ad7614828054df6781f675237e9dd8

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(31) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#53 JavaScript::Eval (size: 121) - SHA256: 69ab95e9c58c5ee850b48207460abc51d14e0726f9ddc4969ec040fd64165a02

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(33) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#54 JavaScript::Eval (size: 240) - SHA256: d4db79ee07e591abc8e248d15dd7c62c3d6bd2330faabb8e6bcae30703512e36

(function() {
    try {
        if ("gtm.js" != google_tag_manager["GTM-M6B9RZQ"].macro(42) && "gtm.dom" != google_tag_manager["GTM-M6B9RZQ"].macro(43) && "gtm.load" != google_tag_manager["GTM-M6B9RZQ"].macro(44)) return sessionStorage.onb2_prereferrer
    } catch (a) {}
})();

#55 JavaScript::Eval (size: 121) - SHA256: 0d7fa751d817173cbb3ed4da1f041541058e02a776edce1edf6532583842b88b

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(55) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#56 JavaScript::Eval (size: 249) - SHA256: 8f1e191d0e33be67787ff3ef1448074f7d1cc9f01b239e7d9a3a3f7142b7cea4

(function() {
    try {
        for (var a = google_tag_manager["GTM-M6B9RZQ"].macro(81), c = document.location.pathname, b = 0; b < a.length; b++) {
            var d = RegExp(a[b], "ig");
            if (d.test(c)) return !0
        }
        return !1
    } catch (e) {
        return a = google_tag_manager["GTM-M6B9RZQ"].macro(83), a(e), !1
    }
})();

#57 JavaScript::Eval (size: 122) - SHA256: d84bafab088da647219867a1bc15be0ea2237a907fe5431e03316abb443b4e90

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(109) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#58 JavaScript::Eval (size: 190) - SHA256: c92c27a1131be0d103380e6d6b9644488dd32b70490d8744347777b5c351d80e

(function() {
    try {
        for (var b = google_tag_manager["GTM-M6B9RZQ"].macro(120), c = document.location.pathname, a = 0; a < b.length; a++) {
            var d = RegExp(b[a], "ig");
            if (d.test(c)) return !0
        }
        return !1
    } catch (e) {}
})();

#59 JavaScript::Eval (size: 120) - SHA256: c533779295c4481f461ccd837dee1fddc989343f7a2c62ec882e29c85fa585f1

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(9) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#60 JavaScript::Eval (size: 102) - SHA256: 90c3ee356906c5f64bcedc7328ec0145c22f59fdbc00a86985e615e4a2c04490

(function() {
    try {
        return (new Date).getTime() + "." + Math.random().toString(36).substring(5)
    } catch (a) {}
})();

#61 JavaScript::Eval (size: 38) - SHA256: 21e1463f2dbdf773d27eb5b59524062b4aedb68414d396e65bb440516cdeae44

(function() {
    return document.title
})();

#62 JavaScript::Eval (size: 525) - SHA256: c5426ec3cc3e03fb179e0f3b24b092ce24471bba86d6a82cb9cfe667d4004d68

(function() {
    try {
        return urlHeader = "/cuentas/inicio/?$ /cuentas/mis-cuentas/?$ /tarjetas/inicio/?$ /tarjetas/consumos-adicional /tarjetas/consumos /tarjetas/resumen /tarjetas/consumos-tarjeta-debito /pagos/inicio/?$ /transferencias/inicio/?$ /transferencias/informacion-contacto /inversiones/inicio/?$ /inversiones/mis-fondos-fima/?$ /inversiones/bonos-acciones /inversiones/perfil-especie /prestamos/inicio/?$ /ayuda/inicio/?$ /perfil/inicio/?$".split(" ")
    } catch (a) {
        var b = google_tag_manager["GTM-M6B9RZQ"].macro(74);
        b(a)
    }
})();

#63 JavaScript::Eval (size: 121) - SHA256: 7d75d9a81ec4a592dd5062f6ba8f462968922a6ca27e5d7b221c4a8d7fa1aad7

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(79) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#64 JavaScript::Eval (size: 121) - SHA256: f86064228600c62f344906127c56ac3077afbe1ce2834ef61831f8cbde5c10e7

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(93) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

#65 JavaScript::Eval (size: 2558) - SHA256: c8354d318a487e33fafbbf4655a5c1a60b10ac3dd88384480bdce0a01136bbc8

(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(5),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(6);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();

#66 JavaScript::Eval (size: 46) - SHA256: 440fa8b7ebd592133f264e34e97aaef2de6c839f9a3b623d58119c80c7a8bd31

(function() {
    return document.location.href
})();

#67 JavaScript::Eval (size: 121) - SHA256: 7812b9f42cb62d42cd77571c13436031b6050fa7ba4f018343f967f7eec97fe9

(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(86) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

Executed Writes (1)

#1 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Transactions (130)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8950 Expires: Tue, 06 Dec 2022 08:24:02 GMT Date: Tue, 06 Dec 2022 05:54:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2570 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 05:54:52 GMT Etag: "638dc877-1d7" Last-Modified: Tue, 06 Dec 2022 05:12:02 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee088fab9b287e174cfd1f2c735a909f Sha1: 25c3335b514a36ad1a24d00413d60c3d394f5161 Sha256: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 06 Dec 2022 05:20:22 GMT cache-control: public,max-age=3600 age: 2070 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9029 Expires: Tue, 06 Dec 2022 08:25:21 GMT Date: Tue, 06 Dec 2022 05:54:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: PtR2+jMO9AXcrqJ0QQHoW44FVnFcfN0DxRAdZFQ+oCbOYa4Q5CyyzZ4+gBEugnaH3hG7QBUWda4= x-amz-request-id: BDCM85JVJBF3AYHR content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 06 Dec 2022 05:46:59 GMT age: 473 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /img/index_files/galicia HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: c1481833.ferozo.com/img/index_files/galicia FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 7b874b39eec19511cf978d0e76472a829b515b987632e399e4bb8161bdd63091 200.58.112.174 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Location: http://c1481833.ferozo.com/img/index_files/galicia/ Content-Length: 259 Keep-Alive: timeout=10, max=200 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 259 Md5: 75834c7457fd350977a11cf977ab85de Sha1: 1f3a4c45b39d00ed9b50f95e7140ed84d6e43232 Sha256: 7b874b39eec19511cf978d0e76472a829b515b987632e399e4bb8161bdd63091
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 06 Dec 2022 05:54:52 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 06 Dec 2022 05:11:20 GMT cache-control: public,max-age=3600 age: 2612 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /img/index_files/galicia/ HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: c1481833.ferozo.com/img/index_files/galicia/ FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: f60404daebfe8a6bfbc4a961f4dd546da29808faa57d4d5be5bc1119cf76a3d5 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:14 GMT ETag: "16106-5ef20eccb6e7c-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 24559 Keep-Alive: timeout=10, max=199 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18845) Size: 24559 Md5: 156099aa541e3d63332aed1e275e2020 Sha1: f6c5c30ed0b0ec21081a1f60cacb5dbe89b4ef9b Sha256: f60404daebfe8a6bfbc4a961f4dd546da29808faa57d4d5be5bc1119cf76a3d5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2563 Cache-Control: max-age=100483 Date: Tue, 06 Dec 2022 05:54:52 GMT Etag: "638db4ac-1d7" Expires: Wed, 07 Dec 2022 09:49:35 GMT Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2b9d6a686aa3c4ea24568425e43a5221 Sha1: d53bb4c9579bd1db78a0520619e888aec79f750f Sha256: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
GET /img/index_files/galicia/index_files/simple-keyboard.min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 93155dc3675e0282bf1d3b66975faa9fb5a6f4a3e2a7116d3ecdbe53cbb5983e 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "4eff-5ef20ed2bab0b-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5411 Keep-Alive: timeout=10, max=198 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (19664), with CRLF line terminators Size: 5411 Md5: fa2ae80071e1ef732b9589f1ff31cb13 Sha1: cee26cbd904e2a74b5d7e5f76d51ecbf78bc5826 Sha256: 93155dc3675e0282bf1d3b66975faa9fb5a6f4a3e2a7116d3ecdbe53cbb5983e
GET /img/index_files/galicia/index_files/bootstrap.min.css HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: cb7b67b6016de1ece69f8e98d41c2998eb54bf7bc9dea62559c95a68473abee0 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "1e36e-5ef20ed052f8b-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 20122 Keep-Alive: timeout=10, max=200 --- Additional Info --- Magic: ASCII text, with very long lines (65371) Size: 20122 Md5: d77c1068a3646177f9a94955627b80dc Sha1: c8931f1f337ec4a63b685abd0bea724ff4fbb2d2 Sha256: cb7b67b6016de1ece69f8e98d41c2998eb54bf7bc9dea62559c95a68473abee0 Alerts: urlquery: - Phishing - Galicia
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: /6tna5I0T44LzhLGbjUS5A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.38.227.80 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.38.227.80 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: XkKeXycU33WzTB0M2ZFeTehSzlg= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/index_files/galicia/index_files/detect.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 5b2bb905b07e70dac18579486a97a963bc352d12888094b0552e54a9b66befab 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:53 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "66c-5ef20ed083112-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 509 Keep-Alive: timeout=10, max=197 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (1644), with no line terminators Size: 509 Md5: 2809a934f1688b18bc9d5fc0209d5e00 Sha1: 3b3cef5ba7f6b75f4ebb6cd1a7ae2fac50d41e79 Sha256: 5b2bb905b07e70dac18579486a97a963bc352d12888094b0552e54a9b66befab
GET /img/index_files/galicia/index_files/analytics.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 2172506c0cbb4a0f851f60c59097cf9e578de853c1382061395858f5d448ab8d 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT ETag: "c436-5ef20ed020ec5-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 20073 Keep-Alive: timeout=10, max=200 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20073 Md5: 93bde531cb4f65be97d29e35331ca13e Sha1: a893da1a81f92a8b58bba978dbe35780c97235b2 Sha256: 2172506c0cbb4a0f851f60c59097cf9e578de853c1382061395858f5d448ab8d
GET /img/index_files/galicia/index_files/FrontFunctions.min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: c9aa96d3b5941bc0f8537d642f3415c3b092879daae459f615657a673d3003d8 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:53 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "6ec5-5ef20ed10e39e-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8130 Keep-Alive: timeout=10, max=200 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (28350), with no line terminators Size: 8130 Md5: 74a7b99c74687e54ff9f60c3aa5b1122 Sha1: 0544c96af2c1f952bad4d1d7046d586c6eb161cb Sha256: c9aa96d3b5941bc0f8537d642f3415c3b092879daae459f615657a673d3003d8
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e70e92a8e6b3fd69e09a4d28f0abbc7f5e0c7df4a2833dfe9d510c9b3611ed81 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=160587 Date: Tue, 06 Dec 2022 05:54:53 GMT Etag: "638ea978-1d7" Expires: Thu, 08 Dec 2022 02:31:20 GMT Last-Modified: Tue, 06 Dec 2022 02:31:20 GMT Server: nginx Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 4373a5aa59b4e412e37b9c74590bf836 Sha1: 3fa5f29f67f19f133a25f97ab3b930b5f62cfde1 Sha256: e70e92a8e6b3fd69e09a4d28f0abbc7f5e0c7df4a2833dfe9d510c9b3611ed81
GET /img/index_files/galicia/index_files/customcarousel.min.css HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 111c1a6156e62696c66c05d1c226c7ed525d230e5f8d8223c5474bd9575150f9 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 05:54:53 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "79d-5ef20ed0677ab-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 630 Keep-Alive: timeout=10, max=199 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (1920) Size: 630 Md5: bba38d3bea7e2f4c9ad8199063b42b33 Sha1: 64c0555ddf60a1971a289c3268fcfbd2bb0797d9 Sha256: 111c1a6156e62696c66c05d1c226c7ed525d230e5f8d8223c5474bd9575150f9 Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/js(1) HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 980601b25e13391a969b0affdaa6808cef4eff32d6d20fa22ed03a2b2996a7ce 200.58.112.174 HTTP/1.1 200 OK Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "2dd5b-5ef20ed1ac2f2" Accept-Ranges: bytes Content-Length: 187739 Keep-Alive: timeout=10, max=200 --- Additional Info --- Magic: ASCII text, with very long lines (6000) Size: 187739 Md5: f7263e6aa1f18717b6a377e193ad3360 Sha1: 054c3c5df89954441c88465b61ccb18e75aeec21 Sha256: 980601b25e13391a969b0affdaa6808cef4eff32d6d20fa22ed03a2b2996a7ce
GET /img/index_files/galicia/index_files/gtm.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 6517863d0ebac56961f18bfb0b290f522715a7dd786edb065ebb1d328d7cea79 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "81884-5ef20ed177f03-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=10, max=200 Transfer-Encoding: chunked --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65323) Size: 132040 Md5: fe655a0d42da768cd17d7973e37c7aa7 Sha1: 18a820b119f5005764411cf1defb209bfdc2ea68 Sha256: 6517863d0ebac56961f18bfb0b290f522715a7dd786edb065ebb1d328d7cea79
GET /img/index_files/galicia/index_files/seguloginborders HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: c714daca086c41b0915c1eb7cdfc38696582eba1d6a0259e2fec643e84728be6 200.58.112.174 HTTP/1.1 200 OK Date: Tue, 06 Dec 2022 05:54:53 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "28b-5ef20ed2749f5" Accept-Ranges: bytes Content-Length: 651 Keep-Alive: timeout=10, max=198 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (651), with no line terminators Size: 651 Md5: 972ec8df496b03ff74dca5a0f72e21c5 Sha1: bc7837d85c544fd47a87ab6a4b2929e35a36f4be Sha256: c714daca086c41b0915c1eb7cdfc38696582eba1d6a0259e2fec643e84728be6 Alerts: urlquery: - Phishing - Galicia Blocklists: - fortinet: Phishing
GET /img/index_files/galicia/index_files/js HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files/js FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 10fbce2479bd7c3843d173556378ddd29187f3ab00b37a033fcc8e0900fc0654 200.58.112.174 HTTP/1.1 200 OK Date: Tue, 06 Dec 2022 05:54:52 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "36a34-5ef20ed18fdd3" Accept-Ranges: bytes Content-Length: 223796 Keep-Alive: timeout=10, max=200 --- Additional Info --- Magic: ASCII text, with very long lines (22462) Size: 223796 Md5: 9e2f33ffa8542252af1b5282488ee62d Sha1: edf1b4c7d5eefa2fa22bb24de1afef07ac7c051d Sha256: 10fbce2479bd7c3843d173556378ddd29187f3ab00b37a033fcc8e0900fc0654
GET /img/index_files/galicia/index_files/ad1a29c5.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: b2e24b9529777d4c760e2a978d95accf7871a0ee2d3932c584d9282854dd989c 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:53 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT ETag: "979d0-5ef20ed03c05c-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=10, max=199 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (62720), with CRLF, LF line terminators Size: 115962 Md5: 967d78f1fdd2c32abb5e4c8885577304 Sha1: cec7a82d2c1065c60f1b1cbbb431819742b30e25 Sha256: b2e24b9529777d4c760e2a978d95accf7871a0ee2d3932c584d9282854dd989c
GET /img/index_files/galicia/index_files/launch-121f57795303.min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 396f7e740f0b4221d6a146765277c87bbf3cb32baefcf2fad897a309138aa889 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "435b5-5ef20ed201a20-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=10, max=199 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (32763) Size: 88139 Md5: b3c52ad77a49f94f8af203c366b329ce Sha1: 1846158229b999d7d8cc32f013842f954a5e9dbe Sha256: 396f7e740f0b4221d6a146765277c87bbf3cb32baefcf2fad897a309138aa889
GET /img/index_files/galicia/index_files/sharedout HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395 200.58.112.174 HTTP/1.1 200 OK Date: Tue, 06 Dec 2022 05:54:53 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "5e635-5ef20ed2b169b" Accept-Ranges: bytes Content-Length: 386613 Keep-Alive: timeout=10, max=199 Connection: Keep-Alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65435), with no line terminators Size: 386613 Md5: 9861fa51e74a108f05a388c4bc7547ec Sha1: 6227ce8903aafc40485e4adda69f945bcd25ed4e Sha256: c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395 Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/saved_resource HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631 200.58.112.174 HTTP/1.1 200 OK Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "3bf-5ef20ed2601d5" Accept-Ranges: bytes Content-Length: 959 Keep-Alive: timeout=10, max=197 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (959), with no line terminators Size: 959 Md5: e839bf471a5c6d390d59f37d139722ef Sha1: b76fd31a1a820997e39399dbbe71448047f4ae43 Sha256: c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631 Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 329a5cc75044b434042c442985b3e2988d57a0b0e21b7fb4e4334eb84da0c9ed 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "3f3-5ef20ed2492a6-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 543 Keep-Alive: timeout=10, max=199 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (864) Size: 543 Md5: 8ddf8ba3d6a00a02e1e5277d59a08399 Sha1: 98273e04578db79440ae6645848d1553b7a2a997 Sha256: 329a5cc75044b434042c442985b3e2988d57a0b0e21b7fb4e4334eb84da0c9ed
GET /img/index_files/galicia/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 1347f04698e281121676a030d033d51f3248017f446bd0b260156fc7126e000d 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "244-5ef20ed23c786-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 358 Keep-Alive: timeout=10, max=198 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (433) Size: 358 Md5: 41bcf39f9d7b992852bb4bc7f8f5d754 Sha1: a63d37ccf521322e6f125af64e0af9a7dee6e49c Sha256: 1347f04698e281121676a030d033d51f3248017f446bd0b260156fc7126e000d
GET /img/index_files/galicia/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 9d65719adcbdff15d50923f142211bb24e935b2bcdb1435aae73e2bbe343e701 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "15e-5ef20ed251776-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 221 Keep-Alive: timeout=10, max=198 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text Size: 221 Md5: 4d094e935d1758fb5a0715b63321cc30 Sha1: 57a4342f94b3f85e35c8b305542873a9d1c82a5f Sha256: 9d65719adcbdff15d50923f142211bb24e935b2bcdb1435aae73e2bbe343e701
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9056 Expires: Tue, 06 Dec 2022 08:25:50 GMT Date: Tue, 06 Dec 2022 05:54:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9056 Expires: Tue, 06 Dec 2022 08:25:50 GMT Date: Tue, 06 Dec 2022 05:54:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9056 Expires: Tue, 06 Dec 2022 08:25:50 GMT Date: Tue, 06 Dec 2022 05:54:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9056 Expires: Tue, 06 Dec 2022 08:25:50 GMT Date: Tue, 06 Dec 2022 05:54:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9354 x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cmctYGLdoAMFyDw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 0mv3_bOi4kymDF7KB35kOjvgE9egGYnCMAXLGIse_PJE8bBMGLxdqw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 04:07:10 GMT age: 6464 etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9354 Md5: 2e11524d75503e35c404d6c9a12ac540 Sha1: 5626b75f5c2523f1a0fc301839a06a4e2407f106 Sha256: d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8997 x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csT_8F78IAMFY6Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:47:06 GMT age: 29268 etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8997 Md5: 9fda84db003d0cfc70d73dcb6a3763dd Sha1: 5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4 Sha256: f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /img/index_files/galicia/index_files/51630000.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 5442f5ba1ef9467c8cbffca444e379d796dc36fc6e2fdd239404d8950fbc459a 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT ETag: "7d-5ef20ecffa1ae-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 118 Keep-Alive: timeout=10, max=198 Connection: Keep-Alive --- Additional Info --- Magic: core file (Xenix)\012- , ASCII text Size: 118 Md5: 8c4e3a70f133a38fa6bd5e6c86ebab03 Sha1: ef2b21d945dc0899e134155b3c3f25a069aa2eb2 Sha256: 5442f5ba1ef9467c8cbffca444e379d796dc36fc6e2fdd239404d8950fbc459a Alerts: urlquery: - Phishing - Galicia
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11224 x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUINEwdoAMFuOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT x-amz-cf-pop: YVR50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ== via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:09:28 GMT age: 27926 etag: "36082b7329d473829178f280cb71a83b1531e486" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11224 Md5: b15136d60fd0a5e0f657a4f5c75d540f Sha1: 36082b7329d473829178f280cb71a83b1531e486 Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11352 x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSwuF1ToAMFiIA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT x-amz-cf-pop: SFO5-P2, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg== via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:48:22 GMT age: 29192 etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11352 Md5: 7f2c354a00ab51d4a41221b6bf191c10 Sha1: 01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4 Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6422 x-amzn-requestid: 6d0cc220-31bc-4815-ade5-7e3e5403f39f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cniYTGgRoAMF5lA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c7dce-64fbea8330a62e4f741c0c4e;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 11:00:30 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: N7fC93hYwpQYwGJGvXGHf2Z-H0Ek0MvRQsvT1HJy5Q46BnLNGjidSQ== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 07:35:32 GMT age: 80362 etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6422 Md5: 2409529ecac5140de749d864da85af0d Sha1: 99f431b4ca446996dbacb969440e2ecfb11fd9e0 Sha256: 81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12830 x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cmcsxGDyIAMFX4Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 03:41:05 GMT age: 8029 etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12830 Md5: 5d72fb8d20c29763234c2817b119d11b Sha1: d4924ec714f5157bcb2fddcb5f768188a3dd37dc Sha256: e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /img/index_files/galicia/index_files/f.txt HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: e5cbe9fe40968d6258bda40fab415b0796372281824262e86edb9aa5f3b74cb9 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/plain Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "8d1-5ef20ed1089c6-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1018 Keep-Alive: timeout=10, max=198 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (2257), with no line terminators Size: 1018 Md5: a9d8a1f9bc8bcec30b66d5bf99fceb55 Sha1: bddbc8668cb93aa28b7ebdff45edc703cafd2919 Sha256: e5cbe9fe40968d6258bda40fab415b0796372281824262e86edb9aa5f3b74cb9
GET /img/index_files/galicia/index_files/dispatcher-v3.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 4e3ba17d14a08f98165a8724fd6b525fdba14b7e5abebe4f1f0795a508cc142c 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "1392-5ef20ed0acd09-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1228 Keep-Alive: timeout=10, max=198 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text Size: 1228 Md5: a4630b9d3da3bba845510abf73c53859 Sha1: 6543de95aacd38ed6920d735f7fcaf846ebe2d03 Sha256: 4e3ba17d14a08f98165a8724fd6b525fdba14b7e5abebe4f1f0795a508cc142c Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/yahoo-min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 36c712dcb454d4b23a4e63d24a6adc9e503f0cf9a8faf3c4a94457fdd25d102f 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "1bab-5ef20ed2cacda-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3005 Keep-Alive: timeout=10, max=197 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (6013) Size: 3005 Md5: a5b2c161a424aeaf067d6246176d64ee Sha1: 7293cb47259c7065ac91d48096c2a227bc812cbc Sha256: 36c712dcb454d4b23a4e63d24a6adc9e503f0cf9a8faf3c4a94457fdd25d102f Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/cp-v3.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "c-5ef20ed0677ab" Accept-Ranges: bytes Content-Length: 12 Keep-Alive: timeout=10, max=197 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with no line terminators Size: 12 Md5: bc6573647ae421e4cd14dcdf34c877ce Sha1: a567ddefcd1cfc1bbbaf5323bdadba5795c95478 Sha256: 7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/json-min.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 204207a80c315adee6290dfbf2e00e7b96c153621b9d5cc2a732f1859f451705 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "1337-5ef20ed1a70ea-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2204 Keep-Alive: timeout=10, max=197 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (4764) Size: 2204 Md5: 73caddd8ca193f8bbe1008199439f379 Sha1: bb864f4af973871e416dc2cc2da18bba495f4606 Sha256: 204207a80c315adee6290dfbf2e00e7b96c153621b9d5cc2a732f1859f451705 Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/default.min.css HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 812bd2765cc7bb7b921f7d5cc9e0d3044d17d55858a5431a99905b57a2cbd70f 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "12f64e-5ef20ed0cefe8-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=10, max=197 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 140038 Md5: 3a4df7079d9b37d0dd779f8c063ce03a Sha1: de06e613779c3c982a3e76627de92ed487a758c0 Sha256: 812bd2765cc7bb7b921f7d5cc9e0d3044d17d55858a5431a99905b57a2cbd70f
GET /img/index_files/galicia/index_files/keyboard.css HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 9f80bb36c3d476b6cc261ea273592912d9a180c03e39c041daf525cfa04441e4 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "1ec-5ef20ed1bb13a-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 275 Keep-Alive: timeout=10, max=197 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text Size: 275 Md5: 03026484ff3ed14003ed15e7563e9931 Sha1: 84cd9b9c9f9643d9d10e4cf8145756cdfe641566 Sha256: 9f80bb36c3d476b6cc261ea273592912d9a180c03e39c041daf525cfa04441e4 Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/simple-keyboard.css HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 2a90530004faf9e08e48bbdd380c544f1ec36e7940624da859c76f1143fb0b80 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "ae6-5ef20ed29882c-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 871 Keep-Alive: timeout=10, max=196 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text Size: 871 Md5: 44890b556529205fa312c21a0b93a7a3 Sha1: b7d7a862c0e586b311e4be6f5c9b7193e3bcffd7 Sha256: 2a90530004faf9e08e48bbdd380c544f1ec36e7940624da859c76f1143fb0b80 Alerts: urlquery: - Phishing - Galicia
GET /img/index_files/galicia/index_files/hotjar-584153.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 725e509d8d97a59bad0525bcdf7d46055a5c0d114810cb6ac3747911f6296655 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "5574-5ef20ed147995-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5289 Keep-Alive: timeout=10, max=196 Connection: Keep-Alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (15929) Size: 5289 Md5: b73abebd085f043935dded21c5fdaee3 Sha1: ff29f8d6cf5624b2b8ea0c502a1b9911a12526e0 Sha256: 725e509d8d97a59bad0525bcdf7d46055a5c0d114810cb6ac3747911f6296655
GET /img/index_files/galicia/index_files/polyfill.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 34feda018175e4ef4f4f13fdf594f49fe226a1f3f168b62b69c4d88adc493ccc 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "6f6-5ef20ed223147-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 672 Keep-Alive: timeout=10, max=196 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 672 Md5: 5dc5a228625422e92c9b5beb8c7b417d Sha1: 67569836113125adbee2b90730d04ec5322e38dc Sha256: 34feda018175e4ef4f4f13fdf594f49fe226a1f3f168b62b69c4d88adc493ccc
GET /detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.49312707852582793 HTTP/1.1 Host: detectca.easysol.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: detectca.easysol.net/detectca/images/QjL8pgjJN3mpOxVuG7 (...) FQDN: detectca.easysol.net IP: 107.23.44.14 HASH: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491 107.23.44.14 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Tue, 06 Dec 2022 05:54:54 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: Express Access-Control-Allow-Origin: * --- Additional Info --- Magic: PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data Size: 82 Md5: ae11c9259e141875b33cbb6598aa1485 Sha1: 4d71dc1bd4621df68ee846fe3f9409606aabced4 Sha256: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
GET /img/index_files/galicia/index_files/keyboard.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: e1a7b946fdc7a2f409272580fa56bba14924ba0d2ae7d483a8565e4be7e1884a 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "1864-5ef20ed1cd631-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1864 Keep-Alive: timeout=10, max=196 Connection: Keep-Alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with CRLF line terminators Size: 1864 Md5: 88342f45224d49f5f270f4e98afd1ac4 Sha1: b84da59d784943f4625b92c714abe4240b92b01f Sha256: e1a7b946fdc7a2f409272580fa56bba14924ba0d2ae7d483a8565e4be7e1884a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d9339bfb0393ef6575db48a0481f2556 Sha1: 351fa573fc3ea6626f3258061743cad65e0c4fce Sha256: 5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
GET /img/index_files/galicia/index_files/modules.d53d96d4fefc0e537bd8.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: d988a880e6fa6f341a8b50e5ba98df7af46f48542d0d3ef21f4c7a8cdb32e74e 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "41ae1-5ef20ed235256-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=10, max=196 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (48714) Size: 84582 Md5: 3caaa8644257fccf76804c332d6ee64f Sha1: 6741995acd7e8f1be92d053e31facbb93d1bfd7f Sha256: d988a880e6fa6f341a8b50e5ba98df7af46f48542d0d3ef21f4c7a8cdb32e74e
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62726172-14&cid=1969658199.1670306092&jid=2126279852&gjid=1191967864&_gid=486805073.1670306092&_u=aGBAiEABFAAAAEAAI~&z=576026865 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 64.233.164.155 HASH: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a 64.233.164.155 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: http://c1481833.ferozo.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Tue, 06 Dec 2022 05:54:55 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 48c0473b7821185d937e685216e2168b Sha1: 3743e47f8a429a5e87b86cb582d78940733d9d2e Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3ba864a4daffd79d4639e98e35cf5a8f Sha1: 4e2dfdbff3ce773c1c39031bdf854e2b0a31131c Sha256: 73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
GET /img/index_files/galicia/index_files/eluminate.js.descarga HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: a1560b3946737d462dc35d133d49a3720170cc93b5acc99f5aade4ca399d4f49 200.58.112.174 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:54 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "25cb4-5ef20ed0ed447-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 42306 Keep-Alive: timeout=10, max=196 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (65268), with CRLF line terminators Size: 42306 Md5: 00a2494c0f8369a8f777f0648c50a89d Sha1: ed9a2d8bd7217f3b3bc4ac62ac6d21773590b79b Sha256: a1560b3946737d462dc35d133d49a3720170cc93b5acc99f5aade4ca399d4f49
GET /img/index_files/galicia/index_files/f(1).txt HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 9a7f7d26f0dac577b8db566a69bb0332c54fade010dff77f0a071aff41b1f71a 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/plain Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "b394-5ef20ed0ee7cf-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 17403 Keep-Alive: timeout=10, max=195 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (2772) Size: 17403 Md5: 6d5b458014f6c17c0b6287e8dac0b15b Sha1: 2b021139a4734051f488bc135c818b4c9ecd1e4b Sha256: 9a7f7d26f0dac577b8db566a69bb0332c54fade010dff77f0a071aff41b1f71a
GET /detectca/scripts/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/detect.js HTTP/1.1 Host: detectca.easysol.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: detectca.easysol.net/detectca/scripts/QjL8pgjJN3mpOxVuG (...) FQDN: detectca.easysol.net IP: 107.23.44.14 HASH: f6d0448700281e0d7bae82dfdf56ed258c5e026bdaae7449bd4e679fd6a59e62 107.23.44.14 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Tue, 06 Dec 2022 05:54:55 GMT Content-Length: 1640 Last-Modified: Tue, 24 Aug 2021 00:00:00 GMT Connection: keep-alive ETag: "61243680-668" Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with very long lines (1640), with no line terminators Size: 1640 Md5: aef7b7e1e7819c8d35e55d721f410939 Sha1: 9ef9629efb99fc8912d7d9f2a72660ec65155de4 Sha256: f6d0448700281e0d7bae82dfdf56ed258c5e026bdaae7449bd4e679fd6a59e62
GET /img/index_files/galicia/Content/fonts/Inter-Regular.woff2 HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=195 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /gtm.js?id=GTM-M6B9RZQ&gtm_auth=TiByp1Z92r_vHHqYjmr5yQ&gtm_preview=env-6&gtm_cookies_win=x HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-M6B9RZQ&gtm_auth (...) FQDN: www.googletagmanager.com IP: 142.250.74.40 HASH: 0bf161ce7ec233efc753f33897800d3fdd327a9a95adb8bb2e1a206453a7def9 142.250.74.40 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: * date: Tue, 06 Dec 2022 05:54:55 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 132073 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65323) Size: 132073 Md5: 3da5e9aef96637477ffec47ff8854d57 Sha1: bede27a7ca46b4c41a863e6f2315d52750c70f87 Sha256: 0bf161ce7ec233efc753f33897800d3fdd327a9a95adb8bb2e1a206453a7def9
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3ba864a4daffd79d4639e98e35cf5a8f Sha1: 4e2dfdbff3ce773c1c39031bdf854e2b0a31131c Sha256: 73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 414bb632f1616fef1643a58f0f35bba3b6910dc437ba3afa84531382fd632164 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 05:54:55 GMT Etag: "638d98ac-118" Server: ECS (amb/6BC2) Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 69d6e7d7a4f52bf8c54b6e8c7bd88a4a Sha1: c782a8791e56606bb83345ab4006dac83ea2d9a7 Sha256: 414bb632f1616fef1643a58f0f35bba3b6910dc437ba3afa84531382fd632164
GET /detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.15498958627258685 HTTP/1.1 Host: detectca.easysol.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: detectca.easysol.net/detectca/images/QjL8pgjJN3mpOxVuG7 (...) FQDN: detectca.easysol.net IP: 107.23.44.14 HASH: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491 107.23.44.14 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Tue, 06 Dec 2022 05:54:55 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: Express Access-Control-Allow-Origin: * --- Additional Info --- Magic: PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data Size: 82 Md5: ae11c9259e141875b33cbb6598aa1485 Sha1: 4d71dc1bd4621df68ee846fe3f9409606aabced4 Sha256: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
GET /img/index_files/galicia/index_files/logogalicia.html HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/ Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0 Upgrade-Insecure-Requests: 1	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 1a632706b6fd8b91b9ebaa175f719a9e6e5d460d8a2138f9f133585fcf61e432 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT ETag: "31bf1-5ef20ed20c9e7-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=10, max=195 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (804) Size: 57273 Md5: 7c08d2537a26aed61fda343b88a9aa5c Sha1: 82017fe9423f7e896f1aed0d37fb1a09b379bab4 Sha256: 1a632706b6fd8b91b9ebaa175f719a9e6e5d460d8a2138f9f133585fcf61e432
GET /img/index_files/galicia/logo.png HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0	URL: c1481833.ferozo.com/img/index_files/galicia/logo.png FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 465d2570cd777b7581a2abc33a8c455e74b0367bb90743dc027701e127778089 200.58.112.174 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:14 GMT ETag: "8ef-5ef20eccaf17c" Accept-Ranges: bytes Content-Length: 2287 Keep-Alive: timeout=10, max=195 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 140 x 37, 8-bit/color RGBA, non-interlaced\012- data Size: 2287 Md5: 317c48a57bc7bfb38f6421d68ea795d6 Sha1: 11749c9eade31875a8d42d0add1d66b09f0630df Sha256: 465d2570cd777b7581a2abc33a8c455e74b0367bb90743dc027701e127778089
GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.woff2 HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=200 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b266fccee1baec0b93927cf1385b1a3e6987424f00cbf0ac879fcc8f212df56c 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2230 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 05:54:55 GMT Last-Modified: Tue, 06 Dec 2022 05:17:46 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: b967016c92599586200298d67c900ac5 Sha1: 14a6fd8d84b435e154c0ae357a9f8dc24c16e9eb Sha256: b266fccee1baec0b93927cf1385b1a3e6987424f00cbf0ac879fcc8f212df56c
GET /img/index_files/galicia/Content/fonts/galicia-ui.ttf?8esgb8 HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=195 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DF3360B65E15FFB70A495C4A%40AdobeOrg&d_nsid=0&ts=1670306092314 HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_r (...) FQDN: dpm.demdex.net IP: 54.72.35.25 HASH: c41f747afc081398a7bf2c702c094f8a17de305265d2d932320f3919b02fc48c 54.72.35.25 HTTP/1.1 200 OK Content-Type: application/json;charset=utf-8 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: http://c1481833.ferozo.com Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 1 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=76390773508081107682319319525236782209; Max-Age=15552000; Expires=Sun, 04 Jun 2023 05:54:55 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-TID: SP5B4yvlSr8= Content-Length: 564 Connection: keep-alive --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1006), with no line terminators Size: 564 Md5: 0a3468f10689aee386d032d46d0c49b6 Sha1: 578c2854fdf689bc44a8af00b541834073ce4fa1 Sha256: c41f747afc081398a7bf2c702c094f8a17de305265d2d932320f3919b02fc48c
GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js HTTP/1.1 Host: assets.adobedtm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628da (...) FQDN: assets.adobedtm.com IP: 23.38.200.237 HASH: 73126989e913930819159af197416325de64064d2eb0c6e6ef5baa8d8a17768a 23.38.200.237 HTTP/2 200 OK content-type: application/x-javascript accept-ranges: bytes etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014" last-modified: Thu, 17 Nov 2022 14:05:00 GMT server: AkamaiNetStorage vary: Accept-Encoding content-encoding: gzip content-length: 543 cache-control: max-age=3600 expires: Tue, 06 Dec 2022 06:54:55 GMT date: Tue, 06 Dec 2022 05:54:55 GMT access-control-allow-origin: http://c1481833.ferozo.com timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (864) Size: 543 Md5: 6e70c064dcc46bddc302d38e13df7375 Sha1: 11a26413589f01e66bb8638a72b020bfce0df66e Sha256: 73126989e913930819159af197416325de64064d2eb0c6e6ef5baa8d8a17768a
GET /api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=c1481833.ferozo.com&href=http://c1481833.ferozo.com/img/index_files/galicia/ HTTP/1.1 Host: gal.bgsensors.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b1 (...) FQDN: gal.bgsensors.co IP: 104.21.25.208 HASH: 089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278 104.21.25.208 HTTP/2 200 OK content-type: image/png date: Tue, 06 Dec 2022 05:54:55 GMT content-length: 67 x-frame-options: SAMEORIGIN vary: Origin access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7ka6r%2Bs1qzASrwbbDjO%2FXAOHRwKs%2FVNj8diIzRqb2L4q4r026xOzI02bAqJuoaP7gi3alwlO8%2BKxM2oOJf0Kgzed7fxuaS%2BBfegrJWVbwHkB1%2Bo7GlHFz1JTRjo2psY0iT4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7752c5076fdab4ff-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data Size: 67 Md5: 06707af2ef27f407df4958d3abf2a9f7 Sha1: 874a600942cc18a6c71a96ee2e19fecd42886bfb Sha256: 089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278 Alerts: urlquery: - Phishing - Galicia
GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js HTTP/1.1 Host: assets.adobedtm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628da (...) FQDN: assets.adobedtm.com IP: 23.38.200.237 HASH: 9dddf9d548fe2c42b2bd155c1f23564b9ec191ef0f7181b77dd31614cc747d64 23.38.200.237 HTTP/2 200 OK content-type: application/x-javascript accept-ranges: bytes etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014" last-modified: Thu, 17 Nov 2022 14:05:00 GMT server: AkamaiNetStorage vary: Accept-Encoding content-encoding: gzip content-length: 358 cache-control: max-age=3600 expires: Tue, 06 Dec 2022 06:54:55 GMT date: Tue, 06 Dec 2022 05:54:55 GMT access-control-allow-origin: http://c1481833.ferozo.com timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (433) Size: 358 Md5: 31ea1a7be2ce884825de79c2b2b85636 Sha1: bb090cfd383820961658b024f472706ed7fef996 Sha256: 9dddf9d548fe2c42b2bd155c1f23564b9ec191ef0f7181b77dd31614cc747d64
GET /img/index_files/galicia/Content/fonts/Inter-Regular.woff HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=195 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 414bb632f1616fef1643a58f0f35bba3b6910dc437ba3afa84531382fd632164 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 0 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 05:54:55 GMT Etag: "638d98ac-118" Last-Modified: Tue, 06 Dec 2022 05:54:55 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 69d6e7d7a4f52bf8c54b6e8c7bd88a4a Sha1: c782a8791e56606bb83345ab4006dac83ea2d9a7 Sha256: 414bb632f1616fef1643a58f0f35bba3b6910dc437ba3afa84531382fd632164
GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js HTTP/1.1 Host: assets.adobedtm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/a128628da (...) FQDN: assets.adobedtm.com IP: 23.38.200.237 HASH: e65b48d91b73b4adfa1c555c7f7a1a6729d4ea33d42580d901f5c5a0c0cd99f0 23.38.200.237 HTTP/2 200 OK content-type: application/x-javascript accept-ranges: bytes etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014" last-modified: Thu, 17 Nov 2022 14:05:00 GMT server: AkamaiNetStorage vary: Accept-Encoding content-encoding: gzip content-length: 221 cache-control: max-age=3600 expires: Tue, 06 Dec 2022 06:54:55 GMT date: Tue, 06 Dec 2022 05:54:55 GMT access-control-allow-origin: http://c1481833.ferozo.com timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 221 Md5: 00aacf1a7ee46f4d76dbc88c13b50665 Sha1: 3f98aea9894054c0486320cbe587e7b1927856f6 Sha256: e65b48d91b73b4adfa1c555c7f7a1a6729d4ea33d42580d901f5c5a0c0cd99f0
GET /pagead/conversion.js HTTP/1.1 Host: www.googleadservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: www.googleadservices.com/pagead/conversion.js FQDN: www.googleadservices.com IP: 142.250.74.98 HASH: 9a7a7b257d298e7db6db54901e7bf89361f015742c19276a81fae9e82efdd823 142.250.74.98 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Cross-Origin-Resource-Policy: cross-origin Vary: Accept-Encoding Date: Tue, 06 Dec 2022 05:54:55 GMT Expires: Tue, 06 Dec 2022 05:54:55 GMT Cache-Control: private, max-age=3600 ETag: 6351308751113588399 X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Content-Encoding: gzip Server: cafe Content-Length: 17396 X-XSS-Protection: 0 --- Additional Info --- Magic: ASCII text, with very long lines (2772) Size: 17396 Md5: 4c734f2dee2775f34cf20236a1e454ce Sha1: 8519539acac5a7086a839fc5534f9648c5b0de46 Sha256: 9a7a7b257d298e7db6db54901e7bf89361f015742c19276a81fae9e82efdd823
GET /87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js HTTP/1.1 Host: assets.adobedtm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/launch-12 (...) FQDN: assets.adobedtm.com IP: 23.38.200.237 HASH: 4c2ab4845f61dea6e37f239073fa781636c359dd3550b0301ba0e77b424f8860 23.38.200.237 HTTP/2 200 OK content-type: application/x-javascript accept-ranges: bytes etag: "9e6fd0a59e71085ed8c04063c3bef56e:1668693899.426046" last-modified: Thu, 17 Nov 2022 14:04:59 GMT server: AkamaiNetStorage vary: Accept-Encoding content-encoding: gzip content-length: 88143 cache-control: max-age=3600 expires: Tue, 06 Dec 2022 06:54:55 GMT date: Tue, 06 Dec 2022 05:54:55 GMT access-control-allow-origin: http://c1481833.ferozo.com timing-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32763) Size: 88143 Md5: 728f8e3526301a03588ace633f0bb6f5 Sha1: 96a5c698d252210d919a05bdeacf0c807306814b Sha256: 4c2ab4845f61dea6e37f239073fa781636c359dd3550b0301ba0e77b424f8860
GET /img/index_files/galicia/index_files/box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/ Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y Upgrade-Insecure-Requests: 1	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 1eba453433ead3f057aa3819aa2cc0b764b58c3608b9a2035bac75769da7b113 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT ETag: "9cd-5ef20ed05104b-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1315 Keep-Alive: timeout=10, max=194 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2397) Size: 1315 Md5: 5bc8e01ed61435444e02ebbbfb6c3488 Sha1: a58080b2d6595196a4315514d3e2f7e3f40faaf5 Sha256: 1eba453433ead3f057aa3819aa2cc0b764b58c3608b9a2035bac75769da7b113
GET /img/index_files/galicia/index_files/saved_resource.html HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/ Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y Upgrade-Insecure-Requests: 1	URL: c1481833.ferozo.com/img/index_files/galicia/index_files (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 682e5b3b42807f8a40d9f12d20c12a824dbf1dfcda7fefab7c81a08a35c9bfca 200.58.112.174 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT ETag: "95-5ef20ed266b4d-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 145 Keep-Alive: timeout=10, max=194 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 145 Md5: 5e610eda263540ba05be0d6b5cf807a2 Sha1: 269663c27bdb68d880847d4f7bd4b62796926c93 Sha256: 682e5b3b42807f8a40d9f12d20c12a824dbf1dfcda7fefab7c81a08a35c9bfca
POST /collect HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: text/plain;charset=UTF-8 Content-Length: 427 Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: www.google-analytics.com/collect FQDN: www.google-analytics.com IP: 216.239.38.178 HASH: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 216.239.38.178 HTTP/1.1 200 OK Content-Type: image/gif Access-Control-Allow-Origin: http://c1481833.ferozo.com Date: Tue, 06 Dec 2022 05:54:55 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Last-Modified: Sun, 17 May 1998 03:00:00 GMT X-Content-Type-Options: nosniff Access-Control-Allow-Credentials: true Cross-Origin-Resource-Policy: cross-origin Server: Golfe2 Content-Length: 35 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: 28d6814f309ea289f847c69cf91194c6 Sha1: 0f4e929dd5bb2564f7ab9c76338e04e292a42ace Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3a825294334cd38686b167d31f0226c236f254228f159a12ade3c3b545dfa0d6 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5832 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 05:54:55 GMT Last-Modified: Tue, 06 Dec 2022 04:17:43 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6b159fdabe241a0f38997a068b31c58a Sha1: e97bd85cc2e0a389a07ffbe17f990678cb0955d5 Sha256: 3a825294334cd38686b167d31f0226c236f254228f159a12ade3c3b545dfa0d6
GET /img/index_files/galicia/Content/fonts/galicia-ui.woff?8esgb8 HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=194 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.woff HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=194 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ee6bfe50f8e4b9c142f971a55496ac26 Sha1: 8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64 Sha256: 4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /g/collect?v=2&tid=G-NK1ZTDWVWL&gtm=2oebu0&_p=1086889195&_gaz=1&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&dt=Online%20Banking&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&sid=1670306092&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.page_path=%2Fimg%2Findex_files%2Fgalicia%2F HTTP/1.1 Host: analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: analytics.google.com/g/collect?v=2&tid=G-NK1ZTDWVWL&gtm (...) FQDN: analytics.google.com IP: 142.250.74.14 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 142.250.74.14 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: http://c1481833.ferozo.com date: Tue, 06 Dec 2022 05:54:55 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 76 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.godaddy.com/ FQDN: ocsp.godaddy.com IP: 192.124.249.23 HASH: 3802068c5eb245d9675ed4af5ed889bd9ec33b858b2a20b8c408f8e4f0d7fe9f 192.124.249.23 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Tue, 06 Dec 2022 05:54:55 GMT Content-Length: 1778 Connection: keep-alive X-Sucuri-ID: 19023 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Mon, 05 Dec 2022 20:41:09 GMT Expires: Tue, 06 Dec 2022 20:41:09 GMT ETag: "29d975e08d716f6d33e3c3bd6405a6322df6ca65" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1778 Md5: 1fad8e834ba3c602a0fff059a7a40552 Sha1: 29d975e08d716f6d33e3c3bd6405a6322df6ca65 Sha256: 3802068c5eb245d9675ed4af5ed889bd9ec33b858b2a20b8c408f8e4f0d7fe9f
GET /img/index_files/galicia/Content/fonts/Inter-Regular.ttf HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=194 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ee6bfe50f8e4b9c142f971a55496ac26 Sha1: 8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64 Sha256: 4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
GET /Scripts/eluminate.js HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/ Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y; mbox=session#95b84a3a802c48eab403f0d1399b55c6#1670307953; at_check=true	URL: c1481833.ferozo.com/Scripts/eluminate.js FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=194 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 387b351f5e28c394c86129e1be8dd5ee8cedfc635ae6ac8eb0c2e0755bd24525 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=100469 Date: Tue, 06 Dec 2022 05:54:55 GMT Etag: "638dbea4-1d7" Expires: Wed, 07 Dec 2022 09:49:24 GMT Last-Modified: Mon, 05 Dec 2022 09:49:24 GMT Server: nginx Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9a20b032c5f1d81fba2f07aae1c4aa53 Sha1: bf5ebc48e6fcc2f5f0f21681cd5106cbaa544c56 Sha256: 387b351f5e28c394c86129e1be8dd5ee8cedfc635ae6ac8eb0c2e0755bd24525
POST /client/v3.1/web/wup?cid=gamora HTTP/1.1 Host: wup-ad1a29c5.us.v2.we-stats.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 172 Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: wup-ad1a29c5.us.v2.we-stats.com/client/v3.1/web/wup?cid (...) FQDN: wup-ad1a29c5.us.v2.we-stats.com IP: 52.141.217.134 HASH: 5249f03d2b9bf3cb85752cb02a1354d9af78644ac9648d7047aee5734bdb72a3 52.141.217.134 HTTP/2 200 OK content-type: application/json content-length: 565 date: Tue, 06 Dec 2022 05:54:55 GMT server: uvicorn access-control-allow-origin: * access-control-allow-credentials: true cache-control: no-cache, no-store pragma: no-cache tail-id: 00859549-1c2e-4e79-882b-a4120bd50888 strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (565), with no line terminators Size: 565 Md5: 1476681319e51abc40b1caabdf291b35 Sha1: 89b87f0ad23660075db9c01530c9ef498c0353ac Sha256: 5249f03d2b9bf3cb85752cb02a1354d9af78644ac9648d7047aee5734bdb72a3
GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.ttf HTTP/1.1 Host: c1481833.ferozo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y; mbox=session#95b84a3a802c48eab403f0d1399b55c6#1670307953; at_check=true	URL: c1481833.ferozo.com/img/index_files/galicia/Content/fon (...) FQDN: c1481833.ferozo.com IP: 200.58.112.174 HASH: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 200.58.112.174 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Dec 2022 05:54:55 GMT Server: Apache Content-Length: 196 Keep-Alive: timeout=10, max=193 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
POST /g/collect?v=2&tid=G-R462ZWFJX5&gtm=2oebu0&_p=1086889195&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&sid=1670306092&sct=1&seg=0&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&dt=Online%20Banking&en=page_view&_fv=2&_ss=1 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: www.google-analytics.com/g/collect?v=2&tid=G-R462ZWFJX5 (...) FQDN: www.google-analytics.com IP: 216.239.38.178 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.38.178 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: http://c1481833.ferozo.com date: Tue, 06 Dec 2022 05:54:55 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 216.239.38.178 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 216.239.38.178 HTTP/1.1 200 OK Content-Type: text/javascript Strict-Transport-Security: max-age=10886400; includeSubDomains; preload X-Content-Type-Options: nosniff Vary: Accept-Encoding Content-Encoding: gzip Cross-Origin-Resource-Policy: cross-origin Server: Golfe2 Content-Length: 20039 Date: Tue, 06 Dec 2022 04:23:05 GMT Expires: Tue, 06 Dec 2022 06:23:05 GMT Cache-Control: public, max-age=7200 Age: 5511 Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 267006cd6e6820ee4e423414c0fae7fa Sha1: 0161f56b3a6d6d572a9aa4d1bffbaf2c58a20aa1 Sha256: 9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 5006b8e985c5838b7fd2f2b558a65bc4 Sha1: 183ff15e0faedf346305fd6fe1c70c9c7a1eef4a Sha256: fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
GET /pagead/viewthroughconversion/936934836/?random=1670306092907&cv=9&fst=1670306092350&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: googleads.g.doubleclick.net/pagead/viewthroughconversio (...) FQDN: googleads.g.doubleclick.net IP: 142.250.74.2 HASH: 62ce0f91842bf156db24992fc230b0456da25cf5d196354d7b9cd054db2a940d 142.250.74.2 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 06 Dec 2022 05:54:56 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 945 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 06:09:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2135), with no line terminators Size: 945 Md5: 9304424da2144a574a1c6cc4e5c87697 Sha1: e9102bd383d849ed7f68520ed954f0508a4e00f1 Sha256: 62ce0f91842bf156db24992fc230b0456da25cf5d196354d7b9cd054db2a940d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 267006cd6e6820ee4e423414c0fae7fa Sha1: 0161f56b3a6d6d572a9aa4d1bffbaf2c58a20aa1 Sha256: 9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b
GET /pagead/viewthroughconversion/936934836/?random=1670306092350&cv=9&fst=1670306092350&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: googleads.g.doubleclick.net/pagead/viewthroughconversio (...) FQDN: googleads.g.doubleclick.net IP: 142.250.74.2 HASH: 23394f5a7f41b5faf07a5e520ac68ed938822708f2db56c6a974f10145d98138 142.250.74.2 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 06 Dec 2022 05:54:56 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 944 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 06:09:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2135), with no line terminators Size: 944 Md5: 256bcd5cc2296b5a394ea86ceb4998d7 Sha1: 6d3dff38310f61e18f109dc976d20c246c0c608d Sha256: 23394f5a7f41b5faf07a5e520ac68ed938822708f2db56c6a974f10145d98138
GET /pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 Host: www.google.com.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com.ar/pagead/1p-user-list/936934836/?random (...) FQDN: www.google.com.ar IP: 172.217.21.163 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 172.217.21.163 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 06 Dec 2022 05:54:56 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/pagead/1p-user-list/936934836/?random=16 (...) FQDN: www.google.com IP: 142.250.74.164 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.164 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 06 Dec 2022 05:54:56 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NK1ZTDWVWL&cid=1969658199.1670306092&gtm=2oebu0&aip=1&z=1965234860 HTTP/1.1 Host: www.google.com.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com.ar/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r (...) FQDN: www.google.com.ar IP: 172.217.21.163 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 172.217.21.163 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 06 Dec 2022 05:54:56 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 267006cd6e6820ee4e423414c0fae7fa Sha1: 0161f56b3a6d6d572a9aa4d1bffbaf2c58a20aa1 Sha256: 9eeb8a11521ab8adfc3a13ffb4534869818a68b8f7c72396a7f378b3e9e59f8b
GET /requestserver/script/v1/k9t02s/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 Host: sifo.bancogalicia.com.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: sifo.bancogalicia.com.ar/requestserver/script/v1/k9t02s (...) FQDN: sifo.bancogalicia.com.ar IP: 34.196.56.54 HASH: 3f2054b0bb91912c2c4447308efddc5d5f1029e79b97d9a73967583ca34bbe11 34.196.56.54 HTTP/1.1 200 Content-Type: application/javascript Date: Tue, 06 Dec 2022 05:54:55 GMT Content-Length: 144528 Connection: keep-alive strict-transport-security: max-age=31536000; includeSubDomains; preload referrer-policy: no-referrer-when-downgrade content-security-policy: script-src 'self' permissions-policy: fullscreen=();microphone=();camera=();speaker=(); x-xss-protection: 1;mode=block x-frame-options: DENY x-content-type-options: nosniff --- Additional Info --- Magic: Algol 68 source text\012- Pascal source, ASCII text, with very long lines (938) Size: 144528 Md5: d92e202d987d0b2efe131beb937cc386 Sha1: 2984249d3f13fd65eedf7b902bde84d8530af8dc Sha256: 3f2054b0bb91912c2c4447308efddc5d5f1029e79b97d9a73967583ca34bbe11
GET /cm?ci=Producci%C3%B3n&st=1670306092344&vn1=4.18.138&ec=utf-8&vn2=e4.0&pi=%2Fimg%2Findex_files%2Fgalicia%2F&ul=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&cjen=1&cjuid=&cjsid=&cjvf=&tid=6&rnd=1670313185311&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0 HTTP/1.1 Host: data.coremetrics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: data.coremetrics.com/cm?ci=Producci%C3%B3n&st=167030609 (...) FQDN: data.coremetrics.com IP: 54.224.36.233 HASH: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e 54.224.36.233 HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Dec 2022 05:54:56 GMT Server: Apache Vary: Host Expires: Mon, 05 Dec 2022 05:54:56 GMT Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private Pragma: no-cache Content-Length: 43 P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Connection: close --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: 55fade2068e7503eae8d7ddf5eb6bd09 Sha1: 317496a096d6c86486a71d4521994bcd171a6bb3 Sha256: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /configs/Producci%C3%B3n.js HTTP/1.1 Host: libs.coremetrics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: libs.coremetrics.com/configs/Producci%C3%B3n.js FQDN: libs.coremetrics.com IP: 23.61.236.51 HASH: 493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b 23.61.236.51 HTTP/1.1 404 Not Found Accept-Ranges: bytes Content-Length: 10 Server: AkamaiNetStorage Date: Tue, 06 Dec 2022 05:54:56 GMT Connection: keep-alive --- Additional Info --- Magic: ASCII text Size: 10 Md5: 7605968e79d0ca095ab1231486d2b814 Sha1: a007b420d19ceefa840f0373e050e3b51a4ab480 Sha256: 493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 013b65c5b52bb7855158194ff2024fb8 Sha1: 94eae308d8338735898e90536fc6ba076ff28cdd Sha256: bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 013b65c5b52bb7855158194ff2024fb8 Sha1: 94eae308d8338735898e90536fc6ba076ff28cdd Sha256: bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
GET /pagead/1p-user-list/936934836/?random=1670306092907&cv=9&fst=1670302800000&num=2&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=2017215404&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.no/pagead/1p-user-list/936934836/?random=167 (...) FQDN: www.google.no IP: 142.250.74.35 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.35 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 06 Dec 2022 05:54:56 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/936934836/?random=1670306092350&cv=9&fst=1670302800000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1203412094&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.no/pagead/1p-user-list/936934836/?random=167 (...) FQDN: www.google.no IP: 142.250.74.35 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.35 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 06 Dec 2022 05:54:56 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 05:54:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 013b65c5b52bb7855158194ff2024fb8 Sha1: 94eae308d8338735898e90536fc6ba076ff28cdd Sha256: bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
OPTIONS /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 Host: sifo.bancogalicia.com.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://c1481833.ferozo.com/ Origin: http://c1481833.ferozo.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeat (...) FQDN: sifo.bancogalicia.com.ar IP: 34.196.56.54 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.196.56.54 HTTP/1.1 200 Date: Tue, 06 Dec 2022 05:54:56 GMT Content-Length: 0 Connection: keep-alive access-control-allow-credentials: true access-control-allow-origin: http://c1481833.ferozo.com access-control-allow-methods: POST, OPTIONS access-control-max-age: 3600 access-control-allow-headers: x-requested-with, content-type allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH strict-transport-security: max-age=31536000; includeSubDomains; preload referrer-policy: no-referrer-when-downgrade content-security-policy: script-src 'self' permissions-policy: fullscreen=();microphone=();camera=();speaker=(); x-xss-protection: 1;mode=block x-frame-options: DENY x-content-type-options: nosniff --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8122bbea03e922774e3dfdc5263467c1d94a0c07392ff7468137c610a10db46c 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 226 Cache-Control: max-age=138472 Date: Tue, 06 Dec 2022 05:54:56 GMT Etag: "638e5236-1d7" Expires: Wed, 07 Dec 2022 20:22:48 GMT Last-Modified: Mon, 05 Dec 2022 20:19:02 GMT Server: ECS (amb/6BAE) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c324023e802dee4c6dbfa93520d5e72b Sha1: 0bf5cb7e59f9cf925b137d8534344b96f2cd7165 Sha256: 8122bbea03e922774e3dfdc5263467c1d94a0c07392ff7468137c610a10db46c
POST /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 Host: sifo.bancogalicia.com.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 25033 Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: sifo.bancogalicia.com.ar/requestserver/rest/v1/pageFeat (...) FQDN: sifo.bancogalicia.com.ar IP: 34.196.56.54 HASH: 5b23ddbce779ab2497d5a126aff93425bde3bac8dcabbe2afe22b382412211bb 34.196.56.54 HTTP/1.1 200 Content-Type: application/json Date: Tue, 06 Dec 2022 05:54:56 GMT Transfer-Encoding: chunked Connection: keep-alive access-control-allow-credentials: true access-control-allow-origin: http://c1481833.ferozo.com access-control-allow-methods: POST, OPTIONS access-control-max-age: 3600 access-control-allow-headers: x-requested-with, content-type p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' set-cookie: herok=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6; Expires=Tue, 06-Dec-2022 06:24:56 GMT; SameSite=None; Secure kirby=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6; SameSite=None; Secure strict-transport-security: max-age=31536000; includeSubDomains; preload referrer-policy: no-referrer-when-downgrade content-security-policy: script-src 'self' permissions-policy: fullscreen=();microphone=();camera=();speaker=(); x-xss-protection: 1;mode=block x-frame-options: DENY x-content-type-options: nosniff --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 115 Md5: 78bcb6e49d27426cdf4375932546b00e Sha1: 4c76bfbd622fe498b219966023837e1375d5ecb3 Sha256: 5b23ddbce779ab2497d5a126aff93425bde3bac8dcabbe2afe22b382412211bb
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8122bbea03e922774e3dfdc5263467c1d94a0c07392ff7468137c610a10db46c 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=138246 Date: Tue, 06 Dec 2022 05:54:56 GMT Etag: "638e5236-1d7" Expires: Wed, 07 Dec 2022 20:19:02 GMT Last-Modified: Mon, 05 Dec 2022 20:19:02 GMT Server: nginx Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c324023e802dee4c6dbfa93520d5e72b Sha1: 0bf5cb7e59f9cf925b137d8534344b96f2cd7165 Sha256: 8122bbea03e922774e3dfdc5263467c1d94a0c07392ff7468137c610a10db46c
GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/App-2.jpg HTTP/1.1 Host: www.galicia.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.galicia.ar/content/dam/galicia/banco-galicia/person (...) FQDN: www.galicia.ar IP: 151.101.219.10 HASH: 5f35283bd1018c2a477ae7ac1818f05bcac581b2910d3a104984602f959f4df9 151.101.219.10 HTTP/2 200 OK content-type: image/jpeg last-modified: Mon, 29 Aug 2022 13:47:04 GMT etag: "0x8DA89C4F4D104C7" content-disposition: attachment; filename="App-2.jpg"; filename=UTF-8''App-2.jpg access-control-allow-origin: x-content-type-options: nosniff cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200 accept-ranges: bytes date: Tue, 06 Dec 2022 05:54:56 GMT age: 80007 strict-transport-security: max-age=31557600 x-served-by: cache-eze2230062-EZE x-cache: HIT x-timer: S1670306096.446258,VS0,VS0,VE0 content-length: 231967 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.5 (Macintosh), datetime=2022:08:18 14:50:23], progressive, precision 8, 1000x1309, components 3\012- data Size: 231967 Md5: e5c836a4a0a86a8f73f3483df55b8cb4 Sha1: 22f84e668e0150a6b5dde9ce532e97a640bb589d Sha256: 5f35283bd1018c2a477ae7ac1818f05bcac581b2910d3a104984602f959f4df9 Alerts: urlquery: - Phishing - Galicia
GET /images/assets/logo_ios_152x152.png HTTP/1.1 Host: onlinebanking.bancogalicia.com.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: onlinebanking.bancogalicia.com.ar/images/assets/logo_io (...) FQDN: onlinebanking.bancogalicia.com.ar IP: 161.190.1.97 HASH: 516214aaaf58a361362c9abf9818810f7e34358ed54aacb3c8450128754f900a 161.190.1.97 HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Mon, 03 Oct 2022 17:29:00 GMT Accept-Ranges: bytes ETag: "20f919a04dd7d81:0" Date: Tue, 06 Dec 2022 05:54:57 GMT Content-Length: 3728 --- Additional Info --- Magic: PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data Size: 3728 Md5: 44833eb3871f5915ed3b03557937c593 Sha1: 6a2c0daa8577d261dc4f3fa8864a0bd00f3262e3 Sha256: 516214aaaf58a361362c9abf9818810f7e34358ed54aacb3c8450128754f900a Alerts: urlquery: - Phishing - Galicia
GET /Images/favicon.ico HTTP/1.1 Host: onlinebanking.bancogalicia.com.ar User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://c1481833.ferozo.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: onlinebanking.bancogalicia.com.ar/Images/favicon.ico FQDN: onlinebanking.bancogalicia.com.ar IP: 161.190.1.97 HASH: f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03 161.190.1.97 HTTP/1.1 200 OK Content-Type: image/x-icon Last-Modified: Mon, 03 Oct 2022 17:28:57 GMT Accept-Ranges: bytes ETag: "8051689e4dd7d81:0" Date: Tue, 06 Dec 2022 05:54:57 GMT Content-Length: 1559 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 1559 Md5: b700b544f2fa87e37e6b728fef00fcb0 Sha1: c0735fa743392c2f3032c22d241854b88832cdb7 Sha256: f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03 Alerts: urlquery: - Phishing - Galicia
POST /event?d_dil_ver=9.5&_ts=1670306092617 HTTP/1.1 Host: galiciabanco.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 227 Origin: http://c1481833.ferozo.com Connection: keep-alive Referer: http://c1481833.ferozo.com/	URL: galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1670306 (...) FQDN: galiciabanco.demdex.net IP: 52.31.124.224 HASH: a8154609b15382001ef448b30dead1d1ad7b9e0887487ea8e07865265117f55c 52.31.124.224 HTTP/1.1 200 OK Content-Type: application/json;charset=utf-8 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: http://c1481833.ferozo.com Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-2-v045-05ee5fd88.edge-irl1.demdex.com 2 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=76390773508081107682319319525236782209; Max-Age=15552000; Expires=Sun, 04 Jun 2023 05:54:57 GMT; Path=/; Domain=.demdex.net Vary: Origin X-TID: eSRQNa8qReE= Content-Length: 435 Connection: keep-alive --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (751), with no line terminators Size: 435 Md5: b541f50d52d3599ecee7158d89e04eb0 Sha1: 5c4e40fa25f54fc5c28ffa980b10c133e790cc6a Sha256: a8154609b15382001ef448b30dead1d1ad7b9e0887487ea8e07865265117f55c
POST /rest/v1/delivery?client=galiciabanco&sessionId=95b84a3a802c48eab403f0d1399b55c6&version=2.10.0 HTTP/1.1 Host: galiciabanco.tt.omtrdc.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /

URL	c1481833.ferozo.com/img/index_files/galicia
IP	200.58.112.174 (Argentina)
ASN	#27823 Dattatec.com
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-06 05:55:04 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	19 Phishing - Galicia
Tags	None

Overview

Domain Summary (35)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 200.58.112.174

Last 5 reports on ASN: Dattatec.com

Last 5 reports on domain: ferozo.com

No other reports with similar screenshot

JavaScript

Executed Scripts (66)

Executed Evals (67)

#1 JavaScript::Eval (size: 2560) - SHA256: 6636122fab5287a0f0992ea1c85618d5351a4d5dabb3a0b06558dea613fa22c6

#2 JavaScript::Eval (size: 273) - SHA256: 9fb732b9f525b717beb9f8d1ae40206d514bfaed346c39fa65fbfe28fe783fc5

#3 JavaScript::Eval (size: 121) - SHA256: 7d2a0d7c5bb46847da53e6ab2205d1b5e7f38e90a53fdfa66a4553d851644320

#4 JavaScript::Eval (size: 326) - SHA256: aa19bdf77030bf7ef26bd86a4155f1bab9e643442f5faa7bdfd24bd07dcd9691

#5 JavaScript::Eval (size: 92) - SHA256: 2a967b9ccbab6ad1d3eed94b9157cb3dd9cbb57286e20a481d5a5c62a11fd8ca

#6 JavaScript::Eval (size: 2560) - SHA256: 7f0fe65a61184432775d3ad08de49823a2565f41fd0611a1601ec526f8c30fff

#7 JavaScript::Eval (size: 249) - SHA256: 6c9a183d0a51bdedd979a32e48b3e638e7356aa7ff79ecf960dda3d59295f2bc

#8 JavaScript::Eval (size: 121) - SHA256: 0561f175474e835f017b8923db89557a5382f5d870e9a498d8edcf1732814281

#9 JavaScript::Eval (size: 121) - SHA256: 7ebeb0e6417749c4905e73e3d8158ca2445971f98a9c9aef0c08362ec3e4229e

#10 JavaScript::Eval (size: 311) - SHA256: d164549b2cdb186cf05dd249f57366514f9fa0aa74b6b15bbec5cf51cc1ad597

#11 JavaScript::Eval (size: 121) - SHA256: d8bc99fa3e2abc55637ef17099935d89352330af62e630cb1f9ebbefce2e2ec4

#12 JavaScript::Eval (size: 243) - SHA256: 86d407bb22071d75c3af6d68bb6de7892144257412e747e7cc19b18650d454cd

#13 JavaScript::Eval (size: 845) - SHA256: d62f147b2ae48b2c4c4148cae70b5a43cccce7e50b62da8c649c09c0b96887cb

#14 JavaScript::Eval (size: 121) - SHA256: 26b7de0015e7fffb6d3e8ed9e517f0faba6b98a51d701036060d8f28448ca949

#15 JavaScript::Eval (size: 121) - SHA256: 452aa66d742049933a2bcd0f68206856809ca0446eb8283db752217ab9aca41e

#16 JavaScript::Eval (size: 248) - SHA256: 258735b9f3ba8a1fac35630ee9decda80a55a260200bc7a2d3ddb8c7c6ab9877

#17 JavaScript::Eval (size: 111) - SHA256: 7a8018f4a9b4a2388b49d9706baee0a5181a0863b0f0630b015c8999b43ccbe3

#18 JavaScript::Eval (size: 311) - SHA256: ff12d0c247f062d8871ed1bb716f4f5b7443296356ddd5c571ebf03f9d7963e7

#19 JavaScript::Eval (size: 2560) - SHA256: c4fffa62aadfae37690ec3364a3c7ecbdef31e4db23d1b057523324866e87cc8

#20 JavaScript::Eval (size: 121) - SHA256: affbbe0dfb17d7d3a06889ec919522d7efadae86444cdd6966b2e203e0d56033

#21 JavaScript::Eval (size: 121) - SHA256: 902c7b9563a0cf3160266c1bc0a2bde4bd1e643fd772f89c7b8bcd12b0b9f7a9

#22 JavaScript::Eval (size: 121) - SHA256: 3c5fb4ab627975c586421a8e8526b0c2dcbb17984141df155bbb6009e3d51dc6

#23 JavaScript::Eval (size: 2558) - SHA256: f1349f088515057b108079b020311bfa2b358c827cdb64e3d11e872ee069978f

#24 JavaScript::Eval (size: 514) - SHA256: 3114c2a5c978e06af2cd90cd45371bffd0c1ff4947285e9c9f11fe9bdae50b4a

#25 JavaScript::Eval (size: 2560) - SHA256: b22066c2b45ca4fe9b2da93c04aaea8b2a8f0cd86b25a023bea4f22991f69d5d

#26 JavaScript::Eval (size: 132) - SHA256: 62148cea1e0ee49731a9a457f95c41989ea2024c917ebbe1867c1df217e7676e

#27 JavaScript::Eval (size: 122) - SHA256: 38c9fc401e85cc7bde2cf8d679031f29f0312c768ba2dbb80d7a1a294e732c98

#28 JavaScript::Eval (size: 122) - SHA256: aca598569086eeaf54d3db6444df5374acc94c09d693637cc2399ffdd044a1c8

#29 JavaScript::Eval (size: 36) - SHA256: 3a432892366ff54070e907455807f9f5f767ccaa664a1164fa862e6dccc38398

#30 JavaScript::Eval (size: 2558) - SHA256: ac00f6ee577df284a31a9eae04b30a363222f8f055c1e3441140284a625eed92

#31 JavaScript::Eval (size: 121) - SHA256: e3d9fae404cead5bd2d35bc4b0a7dcba25a053de494277ba781c463da59e46a8

#32 JavaScript::Eval (size: 121) - SHA256: 177fc78504c5e510160d83623c51255b1510984e471a98cb6bb57092d8eef3ce

#33 JavaScript::Eval (size: 2859) - SHA256: 0dccf0db5b41ce424cc4ce4825d2f035f64663270d50f48042bfb53da0c949ac

#34 JavaScript::Eval (size: 329) - SHA256: bbf9c318856832806f04c608c91e5b4f4a108fa0fb4f4488537ae6a5c0e4af6f

#35 JavaScript::Eval (size: 311) - SHA256: c9f964f0f3f063a2dd501b6c48ef2d9237caf16b94070df838969c1aaf2922bd

#36 JavaScript::Eval (size: 122) - SHA256: 17317b97a1a9cac0973abe35b17e681c281bfd3bd22fd40cbd37205fdf2aba03

#37 JavaScript::Eval (size: 122) - SHA256: d9ad7e12fe90675bc858459c2157bc27d1a1bc580485502179425067327fedeb

#38 JavaScript::Eval (size: 127) - SHA256: c6ca3f814f70ec55a1cabc8e69532f38ad0cedc0d7726b7002173f8a45b9ebb9

#39 JavaScript::Eval (size: 231) - SHA256: 9b8bda9ed9049b4f25562f7961331e6b6f2c442fa2f3bc98843aa4b941e19139

#40 JavaScript::Eval (size: 202) - SHA256: 9a2f34fd4e6e2a49d177ac4acc8ab5bfa1443776170966b59110bfb966e787c2

#41 JavaScript::Eval (size: 144) - SHA256: 2e78e49c3ad33b2be9e06a09143c164acd642792e15a1e4fc36832cf9104cc2d

#42 JavaScript::Eval (size: 143) - SHA256: 1823d2afc6738df269be9791f4ae60e4f6263f3b4b5199c36dbe4c151bc8eb4d

#43 JavaScript::Eval (size: 121) - SHA256: 4ebb5dba6929186c51e2566cd295556371b3d30fceceaa76e4300b9ef49965db

#44 JavaScript::Eval (size: 32677) - SHA256: 827d13583d3617938dc99525649cc26035dba9711e3cb8a7722a5184d7a74753

#45 JavaScript::Eval (size: 2562) - SHA256: e751baf73f385706d7e8a9500d9bc0aaadc01c33fbd5064bb4b5bf53cc68d213

#46 JavaScript::Eval (size: 44) - SHA256: 1260373596fccab9f78ef49644de6a84937c8dc65de99f5ff1c273ec30de4327

#47 JavaScript::Eval (size: 97) - SHA256: 75e2683e6e4e71249e801997fbfa82a5792c06a8055b770bb84aa79b65493955

#48 JavaScript::Eval (size: 121) - SHA256: a4c350517c36395370e4663094ba808fde72397d170eaa14c4c1c4b01b2f600c

#49 JavaScript::Eval (size: 121) - SHA256: a639f5c1d4c570cd67dd9db57bd1ddc482f8523a50f1dc66185bcc982225c0dc

#50 JavaScript::Eval (size: 310) - SHA256: 97466979a59667408afd771a3225fc4a4ccd02e2587064776a0b96dccb11a0c4

#51 JavaScript::Eval (size: 311) - SHA256: 487a6da1765ae333597a0b72256aa58a08846e09585cc17bfddf436407b22fd1

#52 JavaScript::Eval (size: 121) - SHA256: 442419b3e8141856a9638d3ae97f639278ad7614828054df6781f675237e9dd8

#53 JavaScript::Eval (size: 121) - SHA256: 69ab95e9c58c5ee850b48207460abc51d14e0726f9ddc4969ec040fd64165a02

#54 JavaScript::Eval (size: 240) - SHA256: d4db79ee07e591abc8e248d15dd7c62c3d6bd2330faabb8e6bcae30703512e36

#55 JavaScript::Eval (size: 121) - SHA256: 0d7fa751d817173cbb3ed4da1f041541058e02a776edce1edf6532583842b88b

#56 JavaScript::Eval (size: 249) - SHA256: 8f1e191d0e33be67787ff3ef1448074f7d1cc9f01b239e7d9a3a3f7142b7cea4

#57 JavaScript::Eval (size: 122) - SHA256: d84bafab088da647219867a1bc15be0ea2237a907fe5431e03316abb443b4e90

#58 JavaScript::Eval (size: 190) - SHA256: c92c27a1131be0d103380e6d6b9644488dd32b70490d8744347777b5c351d80e

#59 JavaScript::Eval (size: 120) - SHA256: c533779295c4481f461ccd837dee1fddc989343f7a2c62ec882e29c85fa585f1

#60 JavaScript::Eval (size: 102) - SHA256: 90c3ee356906c5f64bcedc7328ec0145c22f59fdbc00a86985e615e4a2c04490

Network Intrusion Detection Systems