Overview

URLc1481833.ferozo.com/img/index_files/galicia
IP 200.58.112.174 (Argentina)
ASN#27823 Dattatec.com
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 05:55:04 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts
19
Phishing - Galicia
Tags None

Domain Summary (35)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
galiciabanco.demdex.net (2) 580522 No data No data 52.31.124.224
www.google.no (2) 25607 2016-04-05 19:50:59 UTC 2022-12-05 10:29:06 UTC 142.250.74.35
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
gal.bgsensors.co (1) 0 2022-08-23 14:58:41 UTC 2022-12-02 15:03:57 UTC 104.21.25.208 Unknown ranking
www.googleadservices.com (1) 107 2012-07-21 05:05:30 UTC 2022-12-05 14:38:54 UTC 142.250.74.98
libs.coremetrics.com (1) 12517 2012-06-22 08:55:08 UTC 2020-04-23 20:10:08 UTC 23.61.236.51
detectca.easysol.net (3) 60033 2012-08-17 16:57:34 UTC 2021-05-07 20:40:37 UTC 107.23.44.14
dpm.demdex.net (3) 204 2018-07-06 04:53:56 UTC 2020-04-29 23:04:31 UTC 54.72.35.25
googleads.g.doubleclick.net (2) 42 2021-02-20 15:43:32 UTC 2022-12-05 13:27:30 UTC 142.250.74.2
www.google.com.ar (2) 24055 2016-03-19 20:09:33 UTC 2022-12-06 02:15:11 UTC 172.217.21.163
cm.everesttech.net (1) 996 2018-09-03 07:40:22 UTC 2020-04-29 11:27:39 UTC 99.80.65.0
c1481833.ferozo.com (47) 0 No data No data 200.58.112.174 Domain (ferozo.com) ranked at: 237713
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.38.227.80
sifo.bancogalicia.com.ar (4) 778628 2017-06-08 06:32:18 UTC 2018-03-06 12:02:53 UTC 34.196.56.54
www.galicia.ar (2) 0 2021-12-17 15:21:15 UTC 2022-12-01 05:42:37 UTC 151.101.219.10 Unknown ranking
galiciabanco.tt.omtrdc.net (1) 741080 No data No data 54.74.22.74
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 54.230.111.8
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-12-05 08:37:19 UTC 142.250.74.40
analytics.google.com (1) 924 2013-06-03 21:16:55 UTC 2022-12-06 02:26:46 UTC 142.250.74.14
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-12-05 14:40:05 UTC 64.233.164.155
assets.adobedtm.com (4) 512 2014-01-31 22:40:14 UTC 2020-05-14 16:29:33 UTC 23.38.200.237
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.23
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-12-05 09:18:03 UTC 142.250.74.164
onlinebanking.bancogalicia.com.ar (2) 838359 2017-11-08 13:18:56 UTC 2022-12-06 04:10:49 UTC 161.190.1.97
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
log-ad1a29c5.us.v2.we-stats.com (1) 783057 2022-07-05 00:04:06 UTC 2022-11-16 02:34:08 UTC 52.238.253.184
data.coremetrics.com (1) 11875 2017-01-30 06:15:31 UTC 2022-12-05 13:43:26 UTC 54.224.36.233
ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
www.google-analytics.com (3) 40 2012-10-03 01:04:21 UTC 2022-12-05 12:07:35 UTC 216.239.38.178
wup-ad1a29c5.us.v2.we-stats.com (1) 805485 2022-07-05 00:04:03 UTC 2022-11-16 02:34:05 UTC 52.141.217.134

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 c1481833.ferozo.com/img/index_files/galicia/index_files/seguloginborders Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 200.58.112.174
Date UQ / IDS / BL URL IP
2023-01-18 20:56:10 +0000 0 - 0 - 6 www.xn--standr-fva.com/t/verificar.php 200.58.112.174
2023-01-18 20:55:52 +0000 0 - 0 - 7 www.xn--standr-fva.com/t/clave.php 200.58.112.174
2023-01-18 20:55:33 +0000 0 - 0 - 6 www.xn--standr-fva.com/t/ 200.58.112.174
2022-12-08 13:15:52 +0000 0 - 0 - 7 c1481833.ferozo.com/css/ciudad/verificar.php 200.58.112.174
2022-12-08 13:15:38 +0000 0 - 0 - 15 c1481833.ferozo.com/css/ciudad/iniciosesion.php 200.58.112.174


Last 5 reports on ASN: Dattatec.com
Date UQ / IDS / BL URL IP
2023-02-01 09:57:03 +0000 0 - 1 - 18 www.suprememagician.com.ar/sidr/ 200.58.111.17
2023-02-01 09:55:32 +0000 0 - 1 - 4 c1450565.ferozo.com/fichier/ajax/Cuidad/verif (...) 200.58.111.68
2023-02-01 09:55:19 +0000 0 - 1 - 18 c1450565.ferozo.com/fichier/ajax/Cuidad/inici (...) 200.58.111.68
2023-02-01 09:54:56 +0000 0 - 1 - 17 c1450565.ferozo.com/fichier/ajax/Cuidad/ 200.58.111.68
2023-02-01 09:34:36 +0000 0 - 1 - 2 environ-mental.com.ar/css/UltraBranch/login.p (...) 200.58.111.46


Last 5 reports on domain: ferozo.com
Date UQ / IDS / BL URL IP
2023-02-01 09:55:32 +0000 0 - 1 - 4 c1450565.ferozo.com/fichier/ajax/Cuidad/verif (...) 200.58.111.68
2023-02-01 09:55:19 +0000 0 - 1 - 18 c1450565.ferozo.com/fichier/ajax/Cuidad/inici (...) 200.58.111.68
2023-02-01 09:54:56 +0000 0 - 1 - 17 c1450565.ferozo.com/fichier/ajax/Cuidad/ 200.58.111.68
2023-02-01 03:21:50 +0000 0 - 1 - 4 c1450565.ferozo.com/fichier/ajax/Cuidad/verif (...) 200.58.111.68
2023-02-01 03:21:29 +0000 0 - 1 - 18 c1450565.ferozo.com/fichier/ajax/Cuidad/inici (...) 200.58.111.68


No other reports with similar screenshot

JavaScript

Executed Scripts (66)

Executed Evals (67)
#1 JavaScript::Eval (size: 2560) - SHA256: 6636122fab5287a0f0992ea1c85618d5351a4d5dabb3a0b06558dea613fa22c6
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(69),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(70);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#2 JavaScript::Eval (size: 273) - SHA256: 9fb732b9f525b717beb9f8d1ae40206d514bfaed346c39fa65fbfe28fe783fc5
(function() {
    try {
        return urlConsultas = "/cuentas/mis-cuentas /tarjetas/consumos-adicional /tarjetas/consumos /tarjetas/resumen /tarjetas/consumos-tarjeta-debito /inversiones/mis-fondos-fima /inversiones/bonos-acciones /inversiones/consultar-ordenes".split(" ")
    } catch (a) {}
})();
#3 JavaScript::Eval (size: 121) - SHA256: 7d2a0d7c5bb46847da53e6ab2205d1b5e7f38e90a53fdfa66a4553d851644320
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(88) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#4 JavaScript::Eval (size: 326) - SHA256: aa19bdf77030bf7ef26bd86a4155f1bab9e643442f5faa7bdfd24bd07dcd9691
(function() {
    try {
        var a = new Date,
            c = -a.getTimezoneOffset(),
            d = 0 <= c ? "+" : "-",
            b = function(a) {
                a = Math.abs(Math.floor(a));
                return (10 > a ? "0" : "") + a
            };
        return a.getFullYear() + "-" + b(a.getMonth() + 1) + "-" + b(a.getDate()) + "T" + b(a.getHours()) + ":" + b(a.getMinutes()) + ":" + b(a.getSeconds()) + "." + b(a.getMilliseconds()) + d + b(c / 60) + ":" + b(c % 60)
    } catch (e) {}
})();
#5 JavaScript::Eval (size: 92) - SHA256: 2a967b9ccbab6ad1d3eed94b9157cb3dd9cbb57286e20a481d5a5c62a11fd8ca
(function() {
    return window.location.pathname + window.location.search + window.location.hash
})();
#6 JavaScript::Eval (size: 2560) - SHA256: 7f0fe65a61184432775d3ad08de49823a2565f41fd0611a1601ec526f8c30fff
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(71),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(72);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#7 JavaScript::Eval (size: 249) - SHA256: 6c9a183d0a51bdedd979a32e48b3e638e7356aa7ff79ecf960dda3d59295f2bc
(function() {
    try {
        for (var a = google_tag_manager["GTM-M6B9RZQ"].macro(75), c = document.location.pathname, b = 0; b < a.length; b++) {
            var d = RegExp(a[b], "ig");
            if (d.test(c)) return !0
        }
        return !1
    } catch (e) {
        return a = google_tag_manager["GTM-M6B9RZQ"].macro(77), a(e), !1
    }
})();
#8 JavaScript::Eval (size: 121) - SHA256: 0561f175474e835f017b8923db89557a5382f5d870e9a498d8edcf1732814281
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(90) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#9 JavaScript::Eval (size: 121) - SHA256: 7ebeb0e6417749c4905e73e3d8158ca2445971f98a9c9aef0c08362ec3e4229e
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(73) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#10 JavaScript::Eval (size: 311) - SHA256: d164549b2cdb186cf05dd249f57366514f9fa0aa74b6b15bbec5cf51cc1ad597
(function() {
    try {
        return urlSidebar = "^/inicio/?$ /cuentas/inicio/?$ /cuentas/mis-cuentas/?$ /tarjetas/consumos /transferencias/inicio/?$ /transferencias/informacion-contacto /inversiones/inicio/?$ /ayuda/inicio/?$ /perfil/inicio/?$".split(" ")
    } catch (a) {
        var b = google_tag_manager["GTM-M6B9RZQ"].macro(80);
        b(a)
    }
})();
#11 JavaScript::Eval (size: 121) - SHA256: d8bc99fa3e2abc55637ef17099935d89352330af62e630cb1f9ebbefce2e2ec4
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(98) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#12 JavaScript::Eval (size: 243) - SHA256: 86d407bb22071d75c3af6d68bb6de7892144257412e747e7cc19b18650d454cd
(function() {
    return function(b) {
        try {
            var c = {
                "\u00e1": "a",
                "\u00e9": "e",
                "\u00ed": "i",
                "\u00f3": "o",
                "\u00fa": "u"
            };
            return b.toLowerCase().replace(/[^a-z]/gi, function(a) {
                return c[a] || a
            }).replace(/[\u00a1!\u00bf\?]/g, "").trim()
        } catch (a) {
            return b
        }
    }
})();
#13 JavaScript::Eval (size: 845) - SHA256: d62f147b2ae48b2c4c4148cae70b5a43cccce7e50b62da8c649c09c0b96887cb
(function() {
    function b(a) {
        try {
            var b = document.createElement("a");
            b.href = a;
            var c = b.pathname,
                d = b.hostname,
                e = c.startsWith("/") ? 1 : 0,
                f = c.split("/")[e];
            return [f.toLowerCase(), d]
        } catch (g) {
            a = google_tag_manager["GTM-M6B9RZQ"].macro(30), a(g)
        }
    }
    try {
        var d = document.location.href,
            a = b(d);
        if ("error" == a[0]) try {
            if (a = b(document.referrer), -1 != document.referrer.toLowerCase().indexOf("seguridad/tarjeta-coordenadas") || -1 != document.referrer.toLowerCase().indexOf("seguridad/token-virtual")) a = b(sessionStorage.onb2_prereferrer)
        } catch (c) {
            var e = google_tag_manager["GTM-M6B9RZQ"].macro(32);
            e(c)
        }
        if (-1 != d.toLowerCase().indexOf("seguridad/tarjeta-coordenadas") || -1 != d.toLowerCase().indexOf("seguridad/token-virtual")) a = b(document.referrer);
        "cuentasproyecto" == a[0] && (a[0] = "cuentas");
        return a[0] || "(not set)"
    } catch (c) {
        e = google_tag_manager["GTM-M6B9RZQ"].macro(34), e(c)
    }
})();
#14 JavaScript::Eval (size: 121) - SHA256: 26b7de0015e7fffb6d3e8ed9e517f0faba6b98a51d701036060d8f28448ca949
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(53) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#15 JavaScript::Eval (size: 121) - SHA256: 452aa66d742049933a2bcd0f68206856809ca0446eb8283db752217ab9aca41e
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(76) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#16 JavaScript::Eval (size: 248) - SHA256: 258735b9f3ba8a1fac35630ee9decda80a55a260200bc7a2d3ddb8c7c6ab9877
(function() {
    try {
        return urlConsultas = ["/inversiones/cargar-capital-plazo-fijo/?$", "/inversiones/constituir-plazo-fijo/?$", "/inversiones/suscribir-fondo-fima-monto/?$", "/tarjetas/solicitar-titular/?$", "/tarjetas/solicitar_titular/?$"]
    } catch (a) {}
})();
#17 JavaScript::Eval (size: 111) - SHA256: 7a8018f4a9b4a2388b49d9706baee0a5181a0863b0f0630b015c8999b43ccbe3
(function() {
    try {
        return 0 < $("p.error-404").length && -1 != $("h5").text().indexOf("Ups 404")
    } catch (a) {
        return !1
    }
})();
#18 JavaScript::Eval (size: 311) - SHA256: ff12d0c247f062d8871ed1bb716f4f5b7443296356ddd5c571ebf03f9d7963e7
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(21),
            b = "Live",
            c = "Test",
            d = google_tag_manager["GTM-M6B9RZQ"].macro(22),
            e = -1 < a.indexOf("localhost");
        a = google_tag_manager["GTM-M6B9RZQ"].macro(23) == b || google_tag_manager["GTM-M6B9RZQ"].macro(24) == c;
        return d || e || a ? "test" : "live"
    } catch (f) {
        return "live"
    }
})();
#19 JavaScript::Eval (size: 2560) - SHA256: c4fffa62aadfae37690ec3364a3c7ecbdef31e4db23d1b057523324866e87cc8
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(63),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(64);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#20 JavaScript::Eval (size: 121) - SHA256: affbbe0dfb17d7d3a06889ec919522d7efadae86444cdd6966b2e203e0d56033
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(82) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#21 JavaScript::Eval (size: 121) - SHA256: 902c7b9563a0cf3160266c1bc0a2bde4bd1e643fd772f89c7b8bcd12b0b9f7a9
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(84) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#22 JavaScript::Eval (size: 121) - SHA256: 3c5fb4ab627975c586421a8e8526b0c2dcbb17984141df155bbb6009e3d51dc6
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(96) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#23 JavaScript::Eval (size: 2558) - SHA256: f1349f088515057b108079b020311bfa2b358c827cdb64e3d11e872ee069978f
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(3),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(4);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#24 JavaScript::Eval (size: 514) - SHA256: 3114c2a5c978e06af2cd90cd45371bffd0c1ff4947285e9c9f11fe9bdae50b4a
(function() {
    try {
        if ("true" == google_tag_manager["GTM-M6B9RZQ"].macro(35)) {
            if ("operationSuccessValidated" == google_tag_manager["GTM-M6B9RZQ"].macro(36)) {
                var a = google_tag_manager["GTM-M6B9RZQ"].macro(37),
                    b = [];
                if (-1 != b.indexOf(a.name)) return "false"
            }
            if ("operationEvent" == google_tag_manager["GTM-M6B9RZQ"].macro(38) && (a = google_tag_manager["GTM-M6B9RZQ"].macro(39), b = [], -1 != b.indexOf(a.name))) return "false"
        }
        return google_tag_manager["GTM-M6B9RZQ"].macro(40)
    } catch (c) {
        return google_tag_manager["GTM-M6B9RZQ"].macro(41)
    }
})();
#25 JavaScript::Eval (size: 2560) - SHA256: b22066c2b45ca4fe9b2da93c04aaea8b2a8f0cd86b25a023bea4f22991f69d5d
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(66),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(67);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#26 JavaScript::Eval (size: 132) - SHA256: 62148cea1e0ee49731a9a457f95c41989ea2024c917ebbe1867c1df217e7676e
(function() {
    return function(a) {
        try {
            return a.replace(/[0-9]/g, "*")
        } catch (b) {
            a = google_tag_manager["GTM-M6B9RZQ"].macro(91), a(b)
        }
    }
})();
#27 JavaScript::Eval (size: 122) - SHA256: 38c9fc401e85cc7bde2cf8d679031f29f0312c768ba2dbb80d7a1a294e732c98
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(101) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#28 JavaScript::Eval (size: 122) - SHA256: aca598569086eeaf54d3db6444df5374acc94c09d693637cc2399ffdd044a1c8
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(103) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#29 JavaScript::Eval (size: 36) - SHA256: 3a432892366ff54070e907455807f9f5f767ccaa664a1164fa862e6dccc38398
dca = document.createElement('script')
#30 JavaScript::Eval (size: 2558) - SHA256: ac00f6ee577df284a31a9eae04b30a363222f8f055c1e3441140284a625eed92
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(7),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(8);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#31 JavaScript::Eval (size: 121) - SHA256: e3d9fae404cead5bd2d35bc4b0a7dcba25a053de494277ba781c463da59e46a8
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(12) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#32 JavaScript::Eval (size: 121) - SHA256: 177fc78504c5e510160d83623c51255b1510984e471a98cb6bb57092d8eef3ce
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(51) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#33 JavaScript::Eval (size: 2859) - SHA256: 0dccf0db5b41ce424cc4ce4825d2f035f64663270d50f48042bfb53da0c949ac
(function() {
    try {
        return operationsInfo = [{
            url: "/seguridad/primer-ingreso-exito",
            operation: {
                name: "Onboarding"
            }
        }, {
            url: "/seguridad/generar-usuario-confirmacion",
            operation: {
                name: "Generar usuario"
            }
        }, {
            url: "/seguridad/generar-clave-exito",
            operation: {
                name: "Generar clave"
            }
        }, {
            url: "/seguridad/recuperar-usuario-confirmacion",
            operation: {
                name: "Recuperaci\u00f3n de usuario"
            }
        }, {
            url: "/seguridad/cambiar-clave-expirada-confirmacion",
            operation: {
                name: "Cambiar clave expirada"
            }
        }, {
            url: "/cuentas/editar-alias-cbu-confirmacion",
            operation: {
                name: "Editar alias de CBU"
            }
        }, {
            url: "/cuentas/alta-alias-cbu-confirmacion",
            operation: {
                name: "Alta de alias de CBU"
            }
        }, {
            url: "/cuentas/eliminar-alias-cbu-confirmacion",
            operation: {
                name: "Eliminar alias"
            }
        }, {
            url: "/cuentas/modificar-cuenta-principal-confirmacion",
            operation: {
                name: "Modificar cuenta principal"
            }
        }, {
            url: "/cuentas/nueva-caja-ahorro-exito",
            operation: {
                name: "Apertura de caja de ahorro"
            }
        }, {
            url: "/tarjetas/agregar-cuenta-asociada-exito",
            operation: {
                name: "Agregar cuenta asociada"
            }
        }, {
            url: "/tarjetas/reponer-tarjeta-debito-danada-confirmacion",
            operation: {
                name: "Reponer tarjeta de d\u00e9bito da\u00f1ada"
            }
        }, {
            url: "/tarjetas/reponer-tarjeta-debito-robo-extravio-confirmacion",
            operation: {
                name: "Reponer tarjeta de d\u00e9bito robo"
            }
        }, {
            url: "/transferencias/nuevocontactoconfirmar",
            operation: {
                name: "Agenda de contacto"
            }
        }, {
            url: "/inversiones/suscribir-cuenta-comitente-confirmacion",
            operation: {
                name: "Suscribir Cuenta Comitente"
            }
        }, {
            url: "/inversiones/anular-programacion-fondo-fima-confirmacion",
            operation: {
                name: "Anular suscripci\u00f3n programada Fondo Fima"
            }
        }, {
            url: "/editar-cuenta-debito-exito",
            operation: {
                name: "Editar cuenta d\u00e9bito pr\u00e9stamo"
            }
        }, {
            url: "/quiero/confirmarinscripcion",
            operation: {
                name: "Inscripcion a Quiero"
            }
        }, {
            url: "/perfil/alta-celular-confirmacion",
            operation: {
                name: "Agregar celular"
            }
        }, {
            url: "/perfil/alta-mail-confirmacion",
            operation: {
                name: "Agregar mail"
            }
        }, {
            url: "/alta-mail-seguridad-confirmacion",
            operation: {
                name: "Agregar mail de seguridad"
            }
        }, {
            url: "/perfil/editar-celular-confirmacion",
            operation: {
                name: "Editar celular"
            }
        }, {
            url: "/perfil/editar-mail-confirmacion",
            operation: {
                name: "Editar mail"
            }
        }, {
            url: "/perfil/editar-mail-seguridad-confirmacion",
            operation: {
                name: "Editar mail seguridad"
            }
        }, {
            url: "/perfil/editar-domicilio-confirmacion",
            operation: {
                name: "Editar domicilio"
            }
        }, {
            url: "/perfil/editar-clave-exito",
            operation: {
                name: "Editar clave"
            }
        }, {
            url: "/perfil/editar-usuario-confirmacion",
            operation: {
                name: "Editar usuario"
            }
        }, {
            url: "/perfil/eliminar-mail-confirmacion",
            operation: {
                name: "Eliminar mail"
            }
        }, {
            url: "/perfil/eliminar-celular-confirmacion",
            operation: {
                name: "Eliminar celular"
            }
        }, {
            url: "/perfil/recomendar-persona-confirmacion",
            operation: {
                name: "Recomendar Galicia Persona"
            }
        }, {
            url: "/perfil/recomendar-empresa-confirmacion",
            operation: {
                name: "Recomendar Galicia Empresa"
            }
        }]
    } catch (a) {
        var b = google_tag_manager["GTM-M6B9RZQ"].macro(10);
        b(a)
    }
})();
#34 JavaScript::Eval (size: 329) - SHA256: bbf9c318856832806f04c608c91e5b4f4a108fa0fb4f4488537ae6a5c0e4af6f
(function() {
    try {
        var b = void 0;
        if (0 < document.referrer.length) {
            var a = document.createElement("a");
            a.href = document.referrer; - 1 == a.hostname.indexOf("onlinebanking.bancogalicia") && (b = a.hostname + a.pathname + a.search + a.hash);
            b = a.pathname + a.search + a.hash
        }
        return b
    } catch (c) {
        google_tag_manager["GTM-M6B9RZQ"].macro(28) && console.error(c)
    }
})();
#35 JavaScript::Eval (size: 311) - SHA256: c9f964f0f3f063a2dd501b6c48ef2d9237caf16b94070df838969c1aaf2922bd
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(45),
            b = "Live",
            c = "Test",
            d = google_tag_manager["GTM-M6B9RZQ"].macro(46),
            e = -1 < a.indexOf("localhost");
        a = google_tag_manager["GTM-M6B9RZQ"].macro(47) == b || google_tag_manager["GTM-M6B9RZQ"].macro(48) == c;
        return d || e || a ? "test" : "live"
    } catch (f) {
        return "live"
    }
})();
#36 JavaScript::Eval (size: 122) - SHA256: 17317b97a1a9cac0973abe35b17e681c281bfd3bd22fd40cbd37205fdf2aba03
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(105) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#37 JavaScript::Eval (size: 122) - SHA256: d9ad7e12fe90675bc858459c2157bc27d1a1bc580485502179425067327fedeb
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(107) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#38 JavaScript::Eval (size: 127) - SHA256: c6ca3f814f70ec55a1cabc8e69532f38ad0cedc0d7726b7002173f8a45b9ebb9
(function() {
    return function(a, b, c) {
        window.dataLayer.push({
            event: "trackEvent",
            eventCategory: a,
            eventAction: b,
            eventLabel: c
        })
    }
})();
#39 JavaScript::Eval (size: 231) - SHA256: 9b8bda9ed9049b4f25562f7961331e6b6f2c442fa2f3bc98843aa4b941e19139
(function() {
    try {
        var a = document.location.pathname.toLowerCase();
        if (-1 != a.indexOf("prestamos/solicitar")) return sessionStorage.onb2_pressubtype;
        if (/tarjetas\/.+pag(o|ar).*/i.test(a)) return sessionStorage.onb2_paymtype
    } catch (b) {}
})();
#40 JavaScript::Eval (size: 202) - SHA256: 9a2f34fd4e6e2a49d177ac4acc8ab5bfa1443776170966b59110bfb966e787c2
(function() {
    try {
        for (var b = google_tag_manager["GTM-M6B9RZQ"].macro(78), c = document.location.pathname, a = 0; a < b.length; a++) try {
            var d = RegExp(b[a], "ig");
            if (d.test(c)) return !0
        } catch (e) {}
        return !1
    } catch (e) {}
})();
#41 JavaScript::Eval (size: 144) - SHA256: 2e78e49c3ad33b2be9e06a09143c164acd642792e15a1e4fc36832cf9104cc2d
(function() {
    try {
        var a = document.location.pathname,
            b = /^\/inversiones(.*)-fima-?|^\/inversiones(.*)_fima/i;
        return b.test(a)
    } catch (c) {
        return !1
    }
})();
#42 JavaScript::Eval (size: 143) - SHA256: 1823d2afc6738df269be9791f4ae60e4f6263f3b4b5199c36dbe4c151bc8eb4d
(function() {
    return function(a, b, c) {
        try {
            window.dataLayer.push({
                event: "uiInteraction",
                uiInteractionPlace: a,
                uiAction: b,
                uiText: c
            })
        } catch (d) {}
    }
})();
#43 JavaScript::Eval (size: 121) - SHA256: 4ebb5dba6929186c51e2566cd295556371b3d30fceceaa76e4300b9ef49965db
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(14) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#44 JavaScript::Eval (size: 32677) - SHA256: 827d13583d3617938dc99525649cc26035dba9711e3cb8a7722a5184d7a74753
(function() {
    return function(b, a, c) {
        function d(e, f) {
            return e + f
        }
        try {
            var g;
            b = b.toLowerCase();
            a = a.toLowerCase();
            var h = [-1 != a.indexOf("?"), -1 != b.indexOf("ir a una terminal") && -1 != a.indexOf("tu tarjeta"), -1 != b.indexOf("elegiste tu cuenta corriente") && -1 != a.indexOf("al operar con esta cuenta"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("record\u00e1 que al no definir"), -1 != b.indexOf("pedido de chequera") && -1 != a.indexOf("tu pedido queda sujeto a"), -1 != b.indexOf("editar alias de cbu") && -1 != a.indexOf("\u00bfdeseas cancelar la edici"), -1 != b.indexOf("eliminar alias") && -1 != a.indexOf("\u00bfdeseas cancelar la baja"), -1 != b.indexOf("alta de alias de cbu") && -1 != a.indexOf("\u00bfdeseas cancelar el alta"), -1 != b.indexOf("no pod\u00e9s realizar esta transferencia") && -1 != a.indexOf("tu saldo es insuficiente para realizar esta operaci\u00f3n"), -1 != b.indexOf("no podemos ofrecerte un upgrade") && -1 != a.indexOf("no pudimos obtener una mejor oferta"), -1 != b.indexOf("no podemos ofrecerte un upgrade") && -1 != a.indexOf("ya ten\u00e9s la mejor oferta disponible"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("para desbloquearlo ingres\u00e1 a la opci\u00f3n token galicia de la app y segu\u00ed las instrucciones"), -1 != b.indexOf("cuenta proyecto") && -1 != a.indexOf("desea cerrar la cuenta proyecto?"), -1 != b.indexOf("segu\u00eds ah\u00ed?"), -1 != b.indexOf("compra/venta de d\u00f3lares") && -1 != a.indexOf("para realizar una compra o venta de d\u00f3lares necesit\u00e1s tener"), -1 != b.indexOf("operaciones de riesgo revocada") && -1 != a.indexOf("actualmente ten\u00e9s revocadas"), -1 != b.indexOf("bienvenido"), -1 != b.indexOf("configurar alertas") && -1 != a.indexOf("est\u00e1s abandonando esta p\u00e1"), -1 != b.indexOf("configurar alertas") && -1 != a.indexOf("la alerta se modific\u00f3 exi"), -1 != b.indexOf("cuenta proyecto") && -1 != a.indexOf("\u00bfdesea cerrar la cuent"), -1 != b.indexOf("sesi\u00f3n expirada") && -1 != a.indexOf("voluntariamente o por exceso de tiempo inactivo"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el importe ingresado es mayor al saldo"), -1 != b.indexOf("saldo insuficiente") &&
                    -1 != a.indexOf("importe ingresado es mayor al saldo"), -1 != b.indexOf("eliminar tarjeta") && -1 != a.indexOf("para recargarla deber\u00e1s volver a ingresar los datos")
                ],
                k = [-1 != b.indexOf("abr\u00ed una cuenta comitente") && -1 != a.indexOf("para invertir necesit\u00e1s abrir una cuenta comitente"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el monto ingresado es mayor al saldo"), -1 != b.indexOf("compra/venta de d\u00f3lares") && -1 != a.indexOf("es necesario que tengas una caja de ahorro en d\u00f3lares"), "ADELANTO_SINOFERTA" ==
                    c, "PREST_ADELANTO_SINOFERTA" == c, "PREST_SOLIC_EVAL_OFERPRES_SOLICITUD_PENDIENTE" == c, "PREST_SOLIC_RECHAZADA" == c, "NO_HABILOTADO_OPERACIONES_RIESGO" == c, "UPGR_TARJ_N" == c, "AAMETODOBLOQUEADO_SOFTTOKEN" == c, "AAMETODOBLOQUEADO_COORDENADAS" == c, -1 != a.indexOf("si estas adherido al d\u00e9bito autom\u00e1tico y vas a pagar tu tarjeta entre el cierre y el vencimiento"), -1 != a.indexOf("para obtener tu tarjeta deber\u00e1s dirigirte a una de nuestras sucursales"), -1 != b.indexOf("aumentar l\u00edmite transitorio") &&
                    -1 != a.indexOf("detectamos que ten\u00e9s una solicitud de modificaci\u00f3n anterior"), -1 != b.indexOf("pago de tarjeta") && -1 != a.indexOf("pod\u00e9s pagar el importe en d\u00f3lares desde una caja de ahorro en pesos o cuenta corriente en pesos d\u00edas h\u00e1biles"), -1 != b.indexOf("fuera de horario"), -1 != a.indexOf("el nuevo l\u00edmite seleccionado es igual al actual"), -1 != a.indexOf("por favor ingres\u00e1 un mail que no sea @bancogalicia.com.ar"), -1 != a.indexOf("pod\u00e9s detener el d\u00e9bito autom\u00e1tico para este vencimiento luego de"), -1 != a.indexOf("tenes una sola cuenta asociada en pesos y ya es primaria"), -1 != a.indexOf("esta funcionalidad se encuentra en proceso de desarrollo"), -1 != b.indexOf("activar token virtual") && -1 != a.indexOf("detectamos que tu token a"), -1 != b.indexOf("agendar contacto") && -1 != a.indexOf("no podemos agendar al contacto porque el banco al que le quer\u00e9s tranferir"), -1 != b.indexOf("apertura de cuenta proyecto") && -1 != a.indexOf("para crear una cuenta pro"), -1 != b.indexOf("apertura de cuenta proyecto") && -1 !=
                    a.indexOf("superaste la cantidad de"), -1 != b.indexOf("aumentar l\u00edmite transitorio") && -1 != a.indexOf("detectamos que ten\u00e9s una"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("la clave que ingresaste y"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("record\u00e1 que los n\u00fameros q"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("el importe total que dest"), -1 != b.indexOf("comprar/vender bonos y acciones") && -1 != a.indexOf("especie no disponible par"), -1 != b.indexOf("configuraci\u00f3n de alertas:") &&
                    -1 != a.indexOf("disculp\u00e1, solo podes ingr"), -1 != b.indexOf("constituir plazo fijo") && -1 != a.indexOf("el monto ingresado no pue"), -1 != b.indexOf("editar clave galicia") && -1 != a.indexOf("la clave ingresada es inv"), -1 != b.indexOf("editar clave galicia") && -1 != a.indexOf("la clave ingresada no deb"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el usuario no debe ser un"), -1 != b.indexOf("el importe ingresado es menor al m\u00ednimo permitido") && -1 != a.indexOf("el importe no debe ser in"), -1 != b.indexOf("el importe supera el l\u00edmite diario") &&
                    -1 != a.indexOf("el importe a transferir n"), -1 != b.indexOf("el importe supera el l\u00edmite mensual") && -1 != a.indexOf("el importe a transferir n"), -1 != b.indexOf("el monto que quer\u00e9s transferir excede el l\u00edmite") && -1 != a.indexOf("pod\u00e9s solicitar una trans"), -1 != b.indexOf("eliminar celular") && -1 != a.indexOf("el celular al que queres"), -1 != b.indexOf("eliminar celular") && -1 != a.indexOf("no pod\u00e9s eliminar un celu"), -1 != b.indexOf("eliminar mail") && -1 != a.indexOf("no pod\u00e9s eliminar un mail"), -1 != b.indexOf("est\u00e1s eligiendo un fondo fima en dolares") && -1 != a.indexOf("la moneda del fondo debe"), -1 != b.indexOf("est\u00e1s eligiendo un fondo fima en d\u00f3lares") && -1 != a.indexOf("no encontramos una cuenta"), -1 != b.indexOf("est\u00e1s eligiendo un fondo fima en pesos") && -1 != a.indexOf("la moneda del fondo debe"), -1 != b.indexOf("fondo fima") && -1 != a.indexOf("pod\u00e9s realizar esta opera"), -1 != b.indexOf("fondos fima") && -1 != a.indexOf("pod\u00e9s realizar esta opera"), -1 != b.indexOf("funcionalidad no disponible") &&
                    -1 != a.indexOf("esta funcionalidad se enc"), -1 != b.indexOf("la cantidad de cuotapartes es menor al m\u00ednimo permitido") && -1 != a.indexOf("la cantidad de cuotaparte"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el motivo no puede estar"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el saldo de tu cuenta es"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el saldo en tu cuenta es"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("para consultar las \u00f3rdene"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("para realizar esta invers"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("solo pod\u00e9s seleccionar"), -1 != b.indexOf("mensaje.") && -1 != a.indexOf("el monto ingresado no puede ser menor"), -1 != b.indexOf("no se puede continuar con la operaci\u00f3n") && -1 != a.indexOf("en este momento no tenemo"), -1 != b.indexOf("no se puede continuar con la operaci\u00f3n") && -1 != a.indexOf("para acceder al pr\u00e9stamo"), -1 != b.indexOf("nuevo pr\u00e9stamo") && -1 != a.indexOf("no ten\u00e9s una cuenta activ"), -1 != b.indexOf("operaci\u00f3n exclusiva para clientes habilitados.") &&
                    -1 != a.indexOf("si quer\u00e9s realizar operac"), -1 != b.indexOf("pagar haberes") && -1 != a.indexOf("esta operaci\u00f3n es exclusi"), -1 != b.indexOf("pago de haberes") && -1 != a.indexOf("disculp\u00e1 solo pod\u00e9s pagar"), -1 != b.indexOf("pedido de chequera") && -1 != a.indexOf("el pedido excede el cupo"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("la persona que ingresaste"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("para poder recomendar gal"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n t"), -1 != b.indexOf("solicitar caja de ahorro") && -1 != a.indexOf("para continuar ten\u00e9s que"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("para obtener tu tarjeta d"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("ya realizaste una solicit"), -1 != b.indexOf("solicitar tarjetas adicionales") && -1 != a.indexOf("solo podes pedir adiciona"), -1 != b.indexOf("transferencias a terceros") && -1 != a.indexOf("la moneda de la cuenta or"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el banco al que le quer\u00e9s"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("la cuenta a la que quer\u00e9s"), -1 != b.indexOf("ups!") && -1 != a.indexOf("no ten\u00e9s las credenciales"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("alcanzaste la cantidad m\u00e1"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que no ten\u00e9s p"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que ten\u00e9s una"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que ya ten\u00e9s u"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, detectamos que"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, superaste el l\u00ed"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, tu saldo es ins"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el importe de la deuda qu"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el importe de la/s deuda/"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el importe supera el l\u00edmi"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el monto a operar es meno"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el monto que ingresaste s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el monto supera el l\u00edmite"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("la cantidad de transaccio"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("limite diario superado 0"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("nacionalidad no permitida"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("no ten\u00e9s mail de seguridad registrado para editar tu usuario"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para acceder al pr\u00e9stamo"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para realizar un rescate"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para realizar una suscrip"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("para realizar una transfe"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("por favor verific\u00e1 si tu"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("por tu seguridad, esta op"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("realizaste una solicitud"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("registramos que ya ten\u00e9s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("tu tarjeta no permite aum"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("voluntariamente o por exc"), -1 != b.indexOf("ups, algo sali\u00f3 malups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("no ten\u00e9s mail de segurida"), -1 != b.indexOf("usuario blanqueado") && -1 != a.indexOf("disculp\u00e1, para poder ingr"), -1 != b.indexOf("usuario no adherido") && -1 != a.indexOf("acercate a la sucursal m\u00e1"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el importe total que dest"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el precio m\u00e1ximo que est\u00e1"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("usuario inv\u00e1lido. deb\u00e9s i"), -1 != b.indexOf("generar usuario") &&
                    -1 != a.indexOf("el usuario ingresado es i"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el usuario ingresado es i"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias podr\u00e1 ser modifi"), -1 != b.indexOf("apertura de cuenta proyecto") && -1 != a.indexOf("el nombre de la cuenta pr"), -1 != b.indexOf("fuera de horario") && -1 != a.indexOf("el horario habilitado par"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("el horario para compra de"), -1 != b.indexOf("constituir plazo fijo") &&
                    -1 != a.indexOf("el horario de constituci\u00f3"), -1 != b.indexOf("fuera de horario") && -1 != a.indexOf("no se encuentra en un hor"), -1 != b.indexOf("plazo incorrecto.") && -1 != a.indexOf("la fecha de vencimiento q"), -1 != b.indexOf("rescate de cuenta proyecto") && -1 != a.indexOf("el horario de rescates de"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el horario para venta de"), -1 != b.indexOf("reserva en cuenta proyecto") && -1 != a.indexOf("el horario de reservas a"), -1 != b.indexOf("modificar acci\u00f3n al vencimiento") &&
                    -1 != a.indexOf("la acci\u00f3n al vencimiento"), -1 != b.indexOf("plazo incorrecto.") && -1 != a.indexOf("el plazo ingresado no pue"), -1 != b.indexOf("adhiriendo d\u00e9bito autom\u00e1tico") && -1 != a.indexOf("no es posible realizar la"), -1 != a.indexOf("el horario para licitar es de lunes a viernes de"), -1 != b.indexOf("lamentablemente no podemos otorgarte un pre-acuerdo") && -1 != a.indexOf("para acceder a un pr\u00e9stamo hipotecario"), -1 != a.indexOf("en este momento no hay especies disponibles para licitar"), -1 !=
                    b.indexOf("deteniendo d\u00e9bito autom\u00e1tico") && -1 != a.indexOf("est\u00e1 operaci\u00f3n s\u00f3lo se puede realizar luego de"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("el horario para compra venta de bonos y acciones es de d\u00edas h\u00e1biles"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("el monto que ingresaste es mayor al saldo de tu cuenta"), -1 != b.indexOf("aviso") && -1 != a.indexOf("esta operaci\u00f3n est\u00e1 disponible los d\u00edas h\u00e1biles de"), -1 != b.indexOf("bandas de precio permitidas") && -1 != a.indexOf("el mercado no acepta \u00f3rdenes de compra cuyo precio sea mayor al \u00faltimo operado"), -1 != b.indexOf("dinero ingresado supera tu monto disponible") && -1 != a.indexOf("notamos que el monto que quer\u00e9s invertir supera el saldo que ten\u00e9s en tu cuenta"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("ingresaste un monto mayor al permitido"), -1 != a.indexOf("para realizar esta inversi\u00f3n ten\u00e9s que abrir una cuenta comitente"), -1 != b.indexOf("compra venta de bonos y acciones") && -1 != a.indexOf("ingresaste un monto menor al permitido"), -1 != b.indexOf("bandas de precio permitidas") && -1 != a.indexOf("el mercado no acepta \u00f3rdenes de compra cuyo precio sea mayor al \u00falitmo operado"), -1 != b.indexOf("ya realizaste con anterioridad esta operaci\u00f3n") && -1 != a.indexOf("disculp\u00e1 las molestias ocasionadas"), -1 != b.indexOf("rango de fechas es incorrecto") && -1 != a.indexOf("eleg\u00ed un per\u00edodo de hasta"), -1 != b.indexOf("sin tenencia para vender") &&
                    -1 != a.indexOf("en este momento no ten\u00e9s especies para vender en la cuenta comitente seleccionada"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("el monto de dinero que ingresaste equivale a una cantidad de nominales mayor a la que ten\u00e9s"), -1 != b.indexOf("importante") && -1 != a.indexOf("el monto de la operaci\u00f3n es mayor al saldo disponible de tu cuenta"), -1 != b.indexOf("saldo insuficiente en Cuenta Corriente") && -1 != a.indexOf("la cuenta no tiene fondos suficientes para realizar el d\u00e9bito"), -1 != b.indexOf("asociar caja de ahorro en d\u00f3lares") && -1 != a.indexOf("detectamos que tu caja de ahorro en d\u00f3lares n\u00famero"), -1 != b.indexOf("mercado cerrado") && -1 != a.indexOf("podr\u00e1s operar d\u00edas h\u00e1biles"), -1 != b.indexOf("no ten\u00e9s una caja de ahorro en d\u00f3lares") && -1 != a.indexOf("para constituir un plazo fijo en d\u00f3lares"), -1 != b.indexOf("el dinero ingresado supera tu monto disponible") && -1 != a.indexOf("notamos que el monto que quer\u00e9s invertir supera el saldo que ten\u00e9s en tu cuenta"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("ingresaste una cantidad de nominales mayor a tu tenencia"), -1 != b.indexOf("no ten\u00e9s una caja de ahorro en d\u00f3lares") && -1 != a.indexOf("para constituir un plazo fijo en d\u00f3lares"), -1 != b.indexOf("vender bonos y acciones") && -1 != a.indexOf("el horario para compra venta de bonos y acciones es de d\u00edas h\u00e1biles"), -1 != b.indexOf("por favor seleccion\u00e1 otra clase") && -1 != a.indexOf("la clase que seleccionaste no es la correcta teniendo en cuenta tu tenencia y el monto"), -1 != b.indexOf("el rango de fechas es incorrecto") && -1 != a.indexOf("hoy es la m\u00e1xima fecha de fin disponible"), -1 != b.indexOf("inversiones") && -1 != a.indexOf("el horario para operar es de"), -1 != b.indexOf("el rango de fechas es incorrecto") && -1 != a.indexOf("por favor, eleg\u00ed una fecha anterior"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("el importe a rescatar supera el monto de la tenencia valorizada"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") &&
                    -1 != a.indexOf("el monto a operar es menor al m\u00ednimo"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("de acuerdo a las reglamentaciones vigentes"), -1 != b.indexOf("registro de alta de comitente pendiente") && -1 != a.indexOf("tu operaci\u00f3n no pudo realizarse"), -1 != b.indexOf("tu cuenta comitente ya est\u00e1 dada de baja") && -1 != a.indexOf("el estado de la cuenta lo vas a ver actualizado"), -1 != b.indexOf("no cont\u00e1s con caja de ahorro en d\u00f3lares") && -1 != a.indexOf("en caso que el bono pague capital o intereses en d\u00f3lares"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("el precio limite ingresado es mayor que el 5% del \u00faltimo operado"), -1 != b.indexOf("no es posible continuar con esta operaci\u00f3n") && -1 != a.indexOf("el precio limite ingresado es menor que el 5% del \u00faltimo operado"), -1 != b.indexOf("el importe ingresado supera la tenencia") && -1 != a.indexOf("el importe no debe ser su")
                ],
                l = [-1 != a.indexOf("ultimo precio operado vac\u00edo"), -1 != a.indexOf("disculp\u00e1 no hemos podido completar la operaci\u00f3n ahora.por favor intent\u00e1 m\u00e1s tarde."), -1 != b.indexOf("compartir comprobante") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("configurar alertas") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("detalle de cuotas de pr\u00e9stamo") && -1 != a.indexOf("no pudimos env\u00edar el mail"), -1 != b.indexOf("disculpa, hubo un error") && -1 != a.indexOf("ocurri\u00f3 un error cargando"), -1 != b.indexOf("disculp\u00e1, no podemos completar esta tarea.") && -1 != a.indexOf("en este momento no podemo"), -1 != b.indexOf("editar contacto") &&
                    -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("editar descripci\u00f3n de cuentas") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("disculp\u00e1 no podemos edita"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("disculp\u00e1 no podemos recup"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("no se pudo validar el c\u00f3d"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("no se pudo validar tu usu"), -1 != b.indexOf("fondo fima") &&
                    -1 != a.indexOf("fondo fima no disponible"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("ocurri\u00f3 un error al valid"), -1 != b.indexOf("hubo un problema con algunos pagos") && -1 != a.indexOf("revis\u00e1 m\u00e1s tarde si adora"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("error al ingresar a galic"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("no pudimos enviar el mail"), -1 != b.indexOf("no es posible realizar tu pago.") && -1 != a.indexOf("en este momento no podemo"), -1 != b.indexOf("no se puede continuar con la operaci\u00f3n") &&
                    -1 != a.indexOf("por favor, volv\u00e9 a intent"), -1 != b.indexOf("pr\u00e9stamos") && -1 != a.indexOf("disculp\u00e1, no hemos podido"), -1 != b.indexOf("primer ingreso") && -1 != a.indexOf("moment\u00e1neamente no es pos"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("disculp\u00e1, no podemos acce"), -1 != b.indexOf("solicitar tarjetas adicionales") && -1 != a.indexOf("hubo un error al validar"), -1 != b.indexOf("ups 404") && -1 != a.indexOf("no encontramos lo que est"), -1 != b.indexOf("ups, algo sali\u00f3 mal :(") && -1 !=
                    a.indexOf("estamos trabajando para s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1 no hemos podido"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculp\u00e1, funcionalidad n"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el motivo no puede estar"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("en este momento no es pos"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("en este momento no podemo"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("en este momento no se pue"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("ingreso por url o por vol"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("no encontramos la factura"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("por favor comunicate con"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("por favor reintent\u00e1 la op"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("reintenta la operaci\u00f3n y,"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("the operation has timed o"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("unable to connect to the"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias podr\u00e1 volver a c"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("no pudimos obtener el det")
                ],
                m = ["LOGIN_ERR_ADHESION_INEXISTENTE" == c, "LOGIN_ERR_ADHESION_NOADHERIDO" == c, "LOGIN_ERR_ADHEBLOQ" == c, "LOGIN_ERR_LOGIN_USUARIOALFANUMERICOBLANQUEADO" == c, "LOGIN_ERR_ADHESPRD" == c, "LOGIN_ERR_USUNOCOI" == c, "LOGIN_ERR_CLIBLOHB" ==
                    c, "LOGIN_ERR_AUTH_TO" == c, "LOGIN_ERR_CLIBLO" == c, -1 != b.indexOf("adherir servicio") && -1 != a.indexOf("est\u00e1s ingresando una refe"), -1 != b.indexOf("agregar celular") && -1 != a.indexOf("el n\u00famero de celular que"), -1 != b.indexOf("agregar mail") && -1 != a.indexOf("debes ingresar el mail pa"), -1 != b.indexOf("agregar mail") && -1 != a.indexOf("el mail que ingresaste ya"), -1 != b.indexOf("agregar mail de seguridad") && -1 != a.indexOf("ya ten\u00e9s un mail de segur"), -1 != b.indexOf("alta contacto") && -1 != a.indexOf("est\u00e1s ingresando un conta"), -1 != b.indexOf("alta contacto") && -1 != a.indexOf("est\u00e1s ingresando una desc"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("est\u00e1s repitiendo incorrec"), -1 != b.indexOf("cambio de clave") && -1 != a.indexOf("la clave actual que est\u00e1s"), -1 != b.indexOf("comprar bonos y acciones") && -1 != a.indexOf("la cuenta no tiene fondos"), -1 != b.indexOf("cuenta primaria de tarjeta de d\u00e9bito") && -1 != a.indexOf("tenes una sola cuenta aso"), -1 != b.indexOf("editar celular") && -1 != a.indexOf("el n\u00famero de celular que"), -1 != b.indexOf("editar clave galicia") && -1 != a.indexOf("las claves deben coincidi"), -1 != b.indexOf("editar contacto") && -1 != a.indexOf("est\u00e1s ingresando un conta"), -1 != b.indexOf("editar domicilio") && -1 != a.indexOf("deb\u00e9s seleccionar una pro"), -1 != b.indexOf("editar domicilio") && -1 != a.indexOf("el domicilio ingresado es"), -1 != b.indexOf("editar mail") && -1 != a.indexOf("el mail que ingresaste ya"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("el mail que ingresaste ya"), -1 != b.indexOf("editar mail de seguridad") &&
                    -1 != a.indexOf("superaste los intentos de"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("los usuarios deben coinci"), -1 != b.indexOf("el c\u00f3digo de servicio ingresado es incorrecto.") && -1 != a.indexOf("verificalo y volv\u00e9 a ingr"), -1 != b.indexOf("el n\u00famero telef\u00f3nico ingresado es incorrecto.") && -1 != a.indexOf("verificalo y volv\u00e9 a ingr"), -1 != b.indexOf("eliminar celular") && -1 != a.indexOf("el n\u00famero de celular que"), -1 != b.indexOf("eliminar mail") && -1 != a.indexOf("el mail al que quer\u00e9s tra"), -1 != b.indexOf("eliminar mail") && -1 != a.indexOf("el mail que ingresaste no"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("el campo mail no puede es"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("alcanzaste la cantidad m\u00e1"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("detectamos que ya cont\u00e1s"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("el tipo y/o n\u00famero de doc"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("la clave ingresada es inv"), -1 != b.indexOf("generar clave") &&
                    -1 != a.indexOf("las claves no coinciden."), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("la clave ingresada es inv"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("los usuarios no coinciden"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("para acceder a online ban"), -1 != b.indexOf("la cantidad de cuotapartes supera la tenencia") && -1 != a.indexOf("la cantidad de cuotaparte"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("debe ingresar una descrip"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("el monto ingresado no es"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("por favor, ingres"), -1 != b.indexOf("mensaje") && -1 != a.indexOf("por favor, ingres"), -1 != b.indexOf("mensaje.") && -1 != a.indexOf("el monto ingresado no es"), -1 != b.indexOf("mensaje.") && -1 != a.indexOf("el monto ingresado no puede ser mayor al saldo de la cuenta seleccionada"), -1 != b.indexOf("modificar l\u00edmite de tarjeta") && -1 != a.indexOf("el nuevo l\u00edmite seleccion"), -1 != b.indexOf("modificar opci\u00f3n de resumen") && -1 != a.indexOf("la opci\u00f3n que seleccionas"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("la empresa que est\u00e1s refi"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("la persona que est\u00e1s refi"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("superaste los intentos de"), -1 != b.indexOf("repetir transferencia") && -1 != a.indexOf("disculp\u00e1 no podemos repet"), -1 != b.indexOf("saldo insuficiente") && -1 != a.indexOf("el saldo de la cuenta sel"), -1 != b.indexOf("saldo insuficiente") && -1 != a.indexOf("no es posible rescatar el"), -1 !=
                    b.indexOf("saldo insuficiente") && -1 != a.indexOf("no es posible reservar el"), -1 != b.indexOf("saldo insuficiente.") && -1 != a.indexOf("no es posible reservar el"), -1 != b.indexOf("solicitar tarjeta") && -1 != a.indexOf("el c\u00f3digo postal que ingr"), -1 != b.indexOf("tarjeta de coordenadas") && -1 != a.indexOf("se han producido reiterad"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("detectamos que no diste d"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("se han producido reiterad"), -1 != b.indexOf("token galicia.") &&
                    -1 != a.indexOf("se han producido reiterad"), -1 != b.indexOf("token galicia.") && -1 != a.indexOf("ten\u00e9s el token bloqueado."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el cdi no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el cuil no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el cuit no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("el no es v\u00e1lido."), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("la cuenta a la cual inten"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("descripci\u00f3n inv\u00e1lida. c\u00f3d"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("detectamos que alguna de"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el cliente no tiene cuent"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el usuario ingresado ya e"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("esta operaci\u00f3n ya fue rea"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("esta operaci\u00f3n ya fue sol"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("esta recomendaci\u00f3n ya fue"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("est\u00e1s ingresando un conta"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("la factura seleccionada,"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("los datos ingresados no s"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("no ten\u00e9s mail de seguridad registrado para recuperar tu usuario"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("para operar con esta cuen"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("pregunta ya realizada."), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("superaste los intentos de"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("tu clave galicia ha sido"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("tu usuario ha sido bloque"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("ya generaste tu usuario a"), -1 != b.indexOf("ups, algo sali\u00f3 mal") &&
                    -1 != a.indexOf("ya realizaste un pago par"), -1 != b.indexOf("detectamos un error") && -1 != a.indexOf("encontramos un error en l"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("el usuario ingresado es i"), -1 != b.indexOf("tarjeta de coordenadas") && -1 != a.indexOf("ingreso incorrecto. la ta"), -1 != b.indexOf("recuperar usuario") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n q"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("disculp\u00e1, detectamos un e"), -1 != b.indexOf("token galicia") && -1 != a.indexOf("token galicia se bloquea"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("el c\u00f3digo ingresado es in"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias ingresado es ine"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("el captcha ingresado es i"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("el c\u00f3digo ingresado es in"), -1 != b.indexOf("error") && -1 != a.indexOf("monto inv\u00e1lido."), -1 != b.indexOf("asociaci\u00f3n de nuevo mail a online banking") && -1 != a.indexOf("el formato del mail es in"), -1 != b.indexOf("transferir a terceros") &&
                    -1 != a.indexOf("est\u00e1s ingresando un alias"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("disculpa, detectamos un e"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el alias corresponde a ot"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu numero d"), -1 != b.indexOf("edicion de alias de cbu") && -1 != a.indexOf("este alias ya est\u00e1 siendo"), -1 != b.indexOf("alta mail para recepci\u00f3n de beneficios") && -1 != a.indexOf("el formato del mail es in"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el usuario actual que ing"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu nro. de"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("el campo mail es inv\u00e1lido"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("n\u00famero de tel\u00e9fono inv\u00e1li"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n q"), -1 != b.indexOf("agendar contacto") && -1 != a.indexOf("no podemos agendar al contacto porque el cbu o alias no se encuentra habilitado"), -1 != b.indexOf("error") && -1 != a.indexOf("n\u00famero inv\u00e1lido"), -1 != b.indexOf("transferir a terceros") && -1 != a.indexOf("disculp\u00e1, el cbu o alias"), -1 != b.indexOf("creaci\u00f3n de alias de cbu") && -1 != a.indexOf("este alias ya est\u00e1 siendo"), -1 != b.indexOf("agregar mail de seguridad") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n q"), -1 != b.indexOf("editar mail de seguridad") && -1 != a.indexOf("el formato del mail es in"), -1 != b.indexOf("editar usuario") && -1 != a.indexOf("el c\u00f3digo ingresado es in"), -1 != b.indexOf("agendar contacto") && -1 != a.indexOf("disculp\u00e1, el cbu o alias"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("el mail ingresado es inv\u00e1"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu clave de"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu codigo d"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu dni cuit"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu legajo +"), -1 != b.indexOf("cbu no identificado") && -1 != a.indexOf("disculp\u00e1, detectamos un e"), -1 != b.indexOf("generar usuario") && -1 != a.indexOf("el documento ingresado es"), -1 != b.indexOf("recomendar galicia") && -1 != a.indexOf("el cuit que ingresaste es"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("cbu no identificado c\u00f3dig"), -1 != b.indexOf("ups, algo sali\u00f3 mal") && -1 != a.indexOf("el ingreso de tu codigo b"), -1 != b.indexOf("usuario inexistente") && -1 != a.indexOf("si est\u00e1s interesado en al"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("la fecha desde no puede s"), -1 != b.indexOf("generar clave") && -1 != a.indexOf("la fecha de nacimiento qu"), -1 != b.indexOf("error de validaci\u00f3n") && -1 != a.indexOf("el formato de las fechas"), -1 != b.indexOf("no encontramos la deuda a pagar") && -1 != a.indexOf("por favor, verific\u00e1 que la factura est\u00e9 dentro de los vencimientos"), -1 != b.indexOf("recuperando tu usuario galicia") && -1 != a.indexOf("el c\u00f3digo de validaci\u00f3n que ingresaste es incorrecto, por favor verificalo e ingresalo nuevamente")
                ];
            return g = 0 < l.reduce(d, 0) ? "System" : 0 < k.reduce(d, 0) ? "Function" : 0 < m.reduce(d, 0) ? "User" : 0 < h.reduce(d, 0) ? "Alert" : "System"
        } catch (e) {
            b = google_tag_manager["GTM-M6B9RZQ"].macro(94), b(e)
        }
    }
})();
#45 JavaScript::Eval (size: 2562) - SHA256: e751baf73f385706d7e8a9500d9bc0aaadc01c33fbd5064bb4b5bf53cc68d213
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(118),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(119);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#46 JavaScript::Eval (size: 44) - SHA256: 1260373596fccab9f78ef49644de6a84937c8dc65de99f5ff1c273ec30de4327
s = document.getElementsByTagName('script')[0]
#47 JavaScript::Eval (size: 97) - SHA256: 75e2683e6e4e71249e801997fbfa82a5792c06a8055b770bb84aa79b65493955
(function() {
    try {
        return 0 < $("script[src\x3d'/Scripts/eluminate.js']").length ? !0 : !1
    } catch (a) {}
})();
#48 JavaScript::Eval (size: 121) - SHA256: a4c350517c36395370e4663094ba808fde72397d170eaa14c4c1c4b01b2f600c
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(26) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#49 JavaScript::Eval (size: 121) - SHA256: a639f5c1d4c570cd67dd9db57bd1ddc482f8523a50f1dc66185bcc982225c0dc
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(29) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#50 JavaScript::Eval (size: 310) - SHA256: 97466979a59667408afd771a3225fc4a4ccd02e2587064776a0b96dccb11a0c4
(function() {
    try {
        for (var d = google_tag_manager["GTM-M6B9RZQ"].macro(11), e = document.location.pathname, a = 0; a < d.length; a++) try {
            var f = RegExp(d[a].url, "ig");
            if (f.test(e)) return !0
        } catch (b) {
            var c = google_tag_manager["GTM-M6B9RZQ"].macro(13);
            c(b)
        }
        return !1
    } catch (b) {
        c = google_tag_manager["GTM-M6B9RZQ"].macro(15), c(b)
    }
})();
#51 JavaScript::Eval (size: 311) - SHA256: 487a6da1765ae333597a0b72256aa58a08846e09585cc17bfddf436407b22fd1
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(16),
            b = "Live",
            c = "Test",
            d = google_tag_manager["GTM-M6B9RZQ"].macro(17),
            e = -1 < a.indexOf("localhost");
        a = google_tag_manager["GTM-M6B9RZQ"].macro(18) == b || google_tag_manager["GTM-M6B9RZQ"].macro(19) == c;
        return d || e || a ? "test" : "live"
    } catch (f) {
        return "live"
    }
})();
#52 JavaScript::Eval (size: 121) - SHA256: 442419b3e8141856a9638d3ae97f639278ad7614828054df6781f675237e9dd8
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(31) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#53 JavaScript::Eval (size: 121) - SHA256: 69ab95e9c58c5ee850b48207460abc51d14e0726f9ddc4969ec040fd64165a02
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(33) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#54 JavaScript::Eval (size: 240) - SHA256: d4db79ee07e591abc8e248d15dd7c62c3d6bd2330faabb8e6bcae30703512e36
(function() {
    try {
        if ("gtm.js" != google_tag_manager["GTM-M6B9RZQ"].macro(42) && "gtm.dom" != google_tag_manager["GTM-M6B9RZQ"].macro(43) && "gtm.load" != google_tag_manager["GTM-M6B9RZQ"].macro(44)) return sessionStorage.onb2_prereferrer
    } catch (a) {}
})();
#55 JavaScript::Eval (size: 121) - SHA256: 0d7fa751d817173cbb3ed4da1f041541058e02a776edce1edf6532583842b88b
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(55) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#56 JavaScript::Eval (size: 249) - SHA256: 8f1e191d0e33be67787ff3ef1448074f7d1cc9f01b239e7d9a3a3f7142b7cea4
(function() {
    try {
        for (var a = google_tag_manager["GTM-M6B9RZQ"].macro(81), c = document.location.pathname, b = 0; b < a.length; b++) {
            var d = RegExp(a[b], "ig");
            if (d.test(c)) return !0
        }
        return !1
    } catch (e) {
        return a = google_tag_manager["GTM-M6B9RZQ"].macro(83), a(e), !1
    }
})();
#57 JavaScript::Eval (size: 122) - SHA256: d84bafab088da647219867a1bc15be0ea2237a907fe5431e03316abb443b4e90
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(109) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#58 JavaScript::Eval (size: 190) - SHA256: c92c27a1131be0d103380e6d6b9644488dd32b70490d8744347777b5c351d80e
(function() {
    try {
        for (var b = google_tag_manager["GTM-M6B9RZQ"].macro(120), c = document.location.pathname, a = 0; a < b.length; a++) {
            var d = RegExp(b[a], "ig");
            if (d.test(c)) return !0
        }
        return !1
    } catch (e) {}
})();
#59 JavaScript::Eval (size: 120) - SHA256: c533779295c4481f461ccd837dee1fddc989343f7a2c62ec882e29c85fa585f1
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(9) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#60 JavaScript::Eval (size: 102) - SHA256: 90c3ee356906c5f64bcedc7328ec0145c22f59fdbc00a86985e615e4a2c04490
(function() {
    try {
        return (new Date).getTime() + "." + Math.random().toString(36).substring(5)
    } catch (a) {}
})();
#61 JavaScript::Eval (size: 38) - SHA256: 21e1463f2dbdf773d27eb5b59524062b4aedb68414d396e65bb440516cdeae44
(function() {
    return document.title
})();
#62 JavaScript::Eval (size: 525) - SHA256: c5426ec3cc3e03fb179e0f3b24b092ce24471bba86d6a82cb9cfe667d4004d68
(function() {
    try {
        return urlHeader = "/cuentas/inicio/?$ /cuentas/mis-cuentas/?$ /tarjetas/inicio/?$ /tarjetas/consumos-adicional /tarjetas/consumos /tarjetas/resumen /tarjetas/consumos-tarjeta-debito /pagos/inicio/?$ /transferencias/inicio/?$ /transferencias/informacion-contacto /inversiones/inicio/?$ /inversiones/mis-fondos-fima/?$ /inversiones/bonos-acciones /inversiones/perfil-especie /prestamos/inicio/?$ /ayuda/inicio/?$ /perfil/inicio/?$".split(" ")
    } catch (a) {
        var b = google_tag_manager["GTM-M6B9RZQ"].macro(74);
        b(a)
    }
})();
#63 JavaScript::Eval (size: 121) - SHA256: 7d75d9a81ec4a592dd5062f6ba8f462968922a6ca27e5d7b221c4a8d7fa1aad7
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(79) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#64 JavaScript::Eval (size: 121) - SHA256: f86064228600c62f344906127c56ac3077afbe1ce2834ef61831f8cbde5c10e7
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(93) && console.error(a, a.stack)
        } catch (b) {}
    }
})();
#65 JavaScript::Eval (size: 2558) - SHA256: c8354d318a487e33fafbbf4655a5c1a60b10ac3dd88384480bdce0a01136bbc8
(function() {
    try {
        var a = google_tag_manager["GTM-M6B9RZQ"].macro(5),
            c = "Constituir plazo fijo;Suscripci\u00f3n a Fondo Fima;Suscripci\u00f3n programada a Fondo Fima;Ver detalle de cuenta;Ver resumen tarjeta cr\u00e9dito;Ver consumos tarjeta cr\u00e9dito;Ver consumos tarjeta adicional;Ver consumos tarjeta d\u00e9bito;Ver detalle fondo FIMA;Ver detalle Bonos y Acciones;Ver detalle Ordenes Compra y Venta;Compartir CBU;Edici\u00f3n de contacto;Alta solicitud pr\u00e9stamo hipotecario;Ver inicio inversiones;Onboarding;Generar usuario;Generar clave;Recuperaci\u00f3n de usuario;Cambiar clave expirada;Editar alias de CBU;Alta de alias de CBU;Eliminar alias;Modificar cuenta principal;Agregar cuenta asociada;Reponer tarjeta de d\u00e9bito da\u00f1ada;Reponer tarjeta de d\u00e9bito robo;Agenda de contacto;Suscribir Cuenta Comitente;Inscripcion a Quiero;Agregar celular;Agregar mail;Agregar mail de seguridad;Editar celular;Editar mail;Editar mail seguridad;Editar domicilio;Editar clave;Editar usuario;Eliminar mail;Eliminar celular;Recomendar Galicia Persona;Recomendar Galicia Empresa;Anular suscripci\u00f3n programada Fondo Fima;Apertura de caja de ahorro;Encuesta perfil inversor;Editar cuenta debito pr\u00e9stamo;Solicitar baja de productos;Apertura de cuenta proyecto;Reserva de cuenta proyecto;Reserva programada de cuenta proyecto;Edici\u00f3n de cuenta proyecto;Rescate de cuenta proyecto;Editar reserva programada;Compra de moneda extranjera;Venta de moneda extranjera;Solicitar nueva tarjeta;Pago de tarjetas;Upgrade de Servicio;Modificar limite de compra;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Aumentar l\u00edmite transitorio;Edici\u00f3n del d\u00e9bito automatico de tarjeta;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico de tarjeta;Recarga de celular;Pago de servicios;Adhesi\u00f3n de servicios;Adhesi\u00f3n a d\u00e9bito autom\u00e1tico de pagos;Pausar debito autom\u00e1tico;Desadhesi\u00f3n a d\u00e9bito autom\u00e1tico;Transferencias a terceros;Transferencias a cuentas propias;Pago de haberes;Donaciones;Modificar accion al vencimiento;Rescate Fondo Fima;Vender bonos y acciones;Comprar bonos y acciones;Licitaciones primarias;Solicitar pr\u00e9stamo;Solicitar pr\u00e9stamo hipotecario;Reprogramar env\u00edo;Modificar opcion de resumen;Recargas;Anulaci\u00f3n de pago".split(";"),
            d = ["Compartir CBU", "Edici\u00f3n de contacto"],
            e = -1 != c.indexOf(a),
            b = -1 != d.indexOf(a); - 1 != document.location.pathname.indexOf("/ini/") && (b = !0);
        a = "true" == google_tag_manager["GTM-M6B9RZQ"].macro(6);
        return e && !(!b && a)
    } catch (f) {
        return !1
    }
})();
#66 JavaScript::Eval (size: 46) - SHA256: 440fa8b7ebd592133f264e34e97aaef2de6c839f9a3b623d58119c80c7a8bd31
(function() {
    return document.location.href
})();
#67 JavaScript::Eval (size: 121) - SHA256: 7812b9f42cb62d42cd77571c13436031b6050fa7ba4f018343f967f7eec97fe9
(function() {
    return function(a) {
        try {
            google_tag_manager["GTM-M6B9RZQ"].macro(86) && console.error(a, a.stack)
        } catch (b) {}
    }
})();

Executed Writes (1)
#1 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855


HTTP Transactions (130)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8950
Expires: Tue, 06 Dec 2022 08:24:02 GMT
Date: Tue, 06 Dec 2022 05:54:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2570
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 05:54:52 GMT
Etag: "638dc877-1d7"
Last-Modified: Tue, 06 Dec 2022 05:12:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 05:20:22 GMT
cache-control: public,max-age=3600
age: 2070
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9029
Expires: Tue, 06 Dec 2022 08:25:21 GMT
Date: Tue, 06 Dec 2022 05:54:52 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: PtR2+jMO9AXcrqJ0QQHoW44FVnFcfN0DxRAdZFQ+oCbOYa4Q5CyyzZ4+gBEugnaH3hG7QBUWda4=
x-amz-request-id: BDCM85JVJBF3AYHR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 05:46:59 GMT
age: 473
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /img/index_files/galicia HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         200.58.112.174
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Location: http://c1481833.ferozo.com/img/index_files/galicia/
Content-Length: 259
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   259
Md5:    75834c7457fd350977a11cf977ab85de
Sha1:   1f3a4c45b39d00ed9b50f95e7140ed84d6e43232
Sha256: 7b874b39eec19511cf978d0e76472a829b515b987632e399e4bb8161bdd63091
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 05:54:52 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 05:11:20 GMT
cache-control: public,max-age=3600
age: 2612
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /img/index_files/galicia/ HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:14 GMT
ETag: "16106-5ef20eccb6e7c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24559
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18845)
Size:   24559
Md5:    156099aa541e3d63332aed1e275e2020
Sha1:   f6c5c30ed0b0ec21081a1f60cacb5dbe89b4ef9b
Sha256: f60404daebfe8a6bfbc4a961f4dd546da29808faa57d4d5be5bc1119cf76a3d5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2563
Cache-Control: max-age=100483
Date: Tue, 06 Dec 2022 05:54:52 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:49:35 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /img/index_files/galicia/index_files/simple-keyboard.min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "4eff-5ef20ed2bab0b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5411
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (19664), with CRLF line terminators
Size:   5411
Md5:    fa2ae80071e1ef732b9589f1ff31cb13
Sha1:   cee26cbd904e2a74b5d7e5f76d51ecbf78bc5826
Sha256: 93155dc3675e0282bf1d3b66975faa9fb5a6f4a3e2a7116d3ecdbe53cbb5983e
                                        
                                            GET /img/index_files/galicia/index_files/bootstrap.min.css HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "1e36e-5ef20ed052f8b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20122
Keep-Alive: timeout=10, max=200


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   20122
Md5:    d77c1068a3646177f9a94955627b80dc
Sha1:   c8931f1f337ec4a63b685abd0bea724ff4fbb2d2
Sha256: cb7b67b6016de1ece69f8e98d41c2998eb54bf7bc9dea62559c95a68473abee0

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /6tna5I0T44LzhLGbjUS5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.38.227.80
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XkKeXycU33WzTB0M2ZFeTehSzlg=

                                        
                                            GET /img/index_files/galicia/index_files/detect.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "66c-5ef20ed083112-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 509
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1644), with no line terminators
Size:   509
Md5:    2809a934f1688b18bc9d5fc0209d5e00
Sha1:   3b3cef5ba7f6b75f4ebb6cd1a7ae2fac50d41e79
Sha256: 5b2bb905b07e70dac18579486a97a963bc352d12888094b0552e54a9b66befab
                                        
                                            GET /img/index_files/galicia/index_files/analytics.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT
ETag: "c436-5ef20ed020ec5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20073
Keep-Alive: timeout=10, max=200


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20073
Md5:    93bde531cb4f65be97d29e35331ca13e
Sha1:   a893da1a81f92a8b58bba978dbe35780c97235b2
Sha256: 2172506c0cbb4a0f851f60c59097cf9e578de853c1382061395858f5d448ab8d
                                        
                                            GET /img/index_files/galicia/index_files/FrontFunctions.min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "6ec5-5ef20ed10e39e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8130
Keep-Alive: timeout=10, max=200


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (28350), with no line terminators
Size:   8130
Md5:    74a7b99c74687e54ff9f60c3aa5b1122
Sha1:   0544c96af2c1f952bad4d1d7046d586c6eb161cb
Sha256: c9aa96d3b5941bc0f8537d642f3415c3b092879daae459f615657a673d3003d8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=160587
Date: Tue, 06 Dec 2022 05:54:53 GMT
Etag: "638ea978-1d7"
Expires: Thu, 08 Dec 2022 02:31:20 GMT
Last-Modified: Tue, 06 Dec 2022 02:31:20 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET /img/index_files/galicia/index_files/customcarousel.min.css HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "79d-5ef20ed0677ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 630
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1920)
Size:   630
Md5:    bba38d3bea7e2f4c9ad8199063b42b33
Sha1:   64c0555ddf60a1971a289c3268fcfbd2bb0797d9
Sha256: 111c1a6156e62696c66c05d1c226c7ed525d230e5f8d8223c5474bd9575150f9

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/js(1) HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "2dd5b-5ef20ed1ac2f2"
Accept-Ranges: bytes
Content-Length: 187739
Keep-Alive: timeout=10, max=200


--- Additional Info ---
Magic:  ASCII text, with very long lines (6000)
Size:   187739
Md5:    f7263e6aa1f18717b6a377e193ad3360
Sha1:   054c3c5df89954441c88465b61ccb18e75aeec21
Sha256: 980601b25e13391a969b0affdaa6808cef4eff32d6d20fa22ed03a2b2996a7ce
                                        
                                            GET /img/index_files/galicia/index_files/gtm.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "81884-5ef20ed177f03-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=200
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65323)
Size:   132040
Md5:    fe655a0d42da768cd17d7973e37c7aa7
Sha1:   18a820b119f5005764411cf1defb209bfdc2ea68
Sha256: 6517863d0ebac56961f18bfb0b290f522715a7dd786edb065ebb1d328d7cea79
                                        
                                            GET /img/index_files/galicia/index_files/seguloginborders HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
                                        
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "28b-5ef20ed2749f5"
Accept-Ranges: bytes
Content-Length: 651
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (651), with no line terminators
Size:   651
Md5:    972ec8df496b03ff74dca5a0f72e21c5
Sha1:   bc7837d85c544fd47a87ab6a4b2929e35a36f4be
Sha256: c714daca086c41b0915c1eb7cdfc38696582eba1d6a0259e2fec643e84728be6

Alerts:
  urlquery:
    - Phishing - Galicia
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /img/index_files/galicia/index_files/js HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
                                        
Date: Tue, 06 Dec 2022 05:54:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "36a34-5ef20ed18fdd3"
Accept-Ranges: bytes
Content-Length: 223796
Keep-Alive: timeout=10, max=200


--- Additional Info ---
Magic:  ASCII text, with very long lines (22462)
Size:   223796
Md5:    9e2f33ffa8542252af1b5282488ee62d
Sha1:   edf1b4c7d5eefa2fa22bb24de1afef07ac7c051d
Sha256: 10fbce2479bd7c3843d173556378ddd29187f3ab00b37a033fcc8e0900fc0654
                                        
                                            GET /img/index_files/galicia/index_files/ad1a29c5.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT
ETag: "979d0-5ef20ed03c05c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (62720), with CRLF, LF line terminators
Size:   115962
Md5:    967d78f1fdd2c32abb5e4c8885577304
Sha1:   cec7a82d2c1065c60f1b1cbbb431819742b30e25
Sha256: b2e24b9529777d4c760e2a978d95accf7871a0ee2d3932c584d9282854dd989c
                                        
                                            GET /img/index_files/galicia/index_files/launch-121f57795303.min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "435b5-5ef20ed201a20-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (32763)
Size:   88139
Md5:    b3c52ad77a49f94f8af203c366b329ce
Sha1:   1846158229b999d7d8cc32f013842f954a5e9dbe
Sha256: 396f7e740f0b4221d6a146765277c87bbf3cb32baefcf2fad897a309138aa889
                                        
                                            GET /img/index_files/galicia/index_files/sharedout HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
                                        
Date: Tue, 06 Dec 2022 05:54:53 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "5e635-5ef20ed2b169b"
Accept-Ranges: bytes
Content-Length: 386613
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65435), with no line terminators
Size:   386613
Md5:    9861fa51e74a108f05a388c4bc7547ec
Sha1:   6227ce8903aafc40485e4adda69f945bcd25ed4e
Sha256: c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/saved_resource HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "3bf-5ef20ed2601d5"
Accept-Ranges: bytes
Content-Length: 959
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (959), with no line terminators
Size:   959
Md5:    e839bf471a5c6d390d59f37d139722ef
Sha1:   b76fd31a1a820997e39399dbbe71448047f4ae43
Sha256: c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "3f3-5ef20ed2492a6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 543
Keep-Alive: timeout=10, max=199
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (864)
Size:   543
Md5:    8ddf8ba3d6a00a02e1e5277d59a08399
Sha1:   98273e04578db79440ae6645848d1553b7a2a997
Sha256: 329a5cc75044b434042c442985b3e2988d57a0b0e21b7fb4e4334eb84da0c9ed
                                        
                                            GET /img/index_files/galicia/index_files/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "244-5ef20ed23c786-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (433)
Size:   358
Md5:    41bcf39f9d7b992852bb4bc7f8f5d754
Sha1:   a63d37ccf521322e6f125af64e0af9a7dee6e49c
Sha256: 1347f04698e281121676a030d033d51f3248017f446bd0b260156fc7126e000d
                                        
                                            GET /img/index_files/galicia/index_files/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "15e-5ef20ed251776-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 221
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   221
Md5:    4d094e935d1758fb5a0715b63321cc30
Sha1:   57a4342f94b3f85e35c8b305542873a9d1c82a5f
Sha256: 9d65719adcbdff15d50923f142211bb24e935b2bcdb1435aae73e2bbe343e701
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9056
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:54:54 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0mv3_bOi4kymDF7KB35kOjvgE9egGYnCMAXLGIse_PJE8bBMGLxdqw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:07:10 GMT
age: 6464
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9354
Md5:    2e11524d75503e35c404d6c9a12ac540
Sha1:   5626b75f5c2523f1a0fc301839a06a4e2407f106
Sha256: d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 29268
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8997
Md5:    9fda84db003d0cfc70d73dcb6a3763dd
Sha1:   5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
Sha256: f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
                                        
                                            GET /img/index_files/galicia/index_files/51630000.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:17 GMT
ETag: "7d-5ef20ecffa1ae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 118
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive


--- Additional Info ---
Magic:  core file (Xenix)\012- , ASCII text
Size:   118
Md5:    8c4e3a70f133a38fa6bd5e6c86ebab03
Sha1:   ef2b21d945dc0899e134155b3c3f25a069aa2eb2
Sha256: 5442f5ba1ef9467c8cbffca444e379d796dc36fc6e2fdd239404d8950fbc459a

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 27926
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 29192
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11352
Md5:    7f2c354a00ab51d4a41221b6bf191c10
Sha1:   01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6422
x-amzn-requestid: 6d0cc220-31bc-4815-ade5-7e3e5403f39f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cniYTGgRoAMF5lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c7dce-64fbea8330a62e4f741c0c4e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 11:00:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N7fC93hYwpQYwGJGvXGHf2Z-H0Ek0MvRQsvT1HJy5Q46BnLNGjidSQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:35:32 GMT
age: 80362
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6422
Md5:    2409529ecac5140de749d864da85af0d
Sha1:   99f431b4ca446996dbacb969440e2ecfb11fd9e0
Sha256: 81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 03:41:05 GMT
age: 8029
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12830
Md5:    5d72fb8d20c29763234c2817b119d11b
Sha1:   d4924ec714f5157bcb2fddcb5f768188a3dd37dc
Sha256: e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
                                        
                                            GET /img/index_files/galicia/index_files/f.txt HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "8d1-5ef20ed1089c6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1018
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2257), with no line terminators
Size:   1018
Md5:    a9d8a1f9bc8bcec30b66d5bf99fceb55
Sha1:   bddbc8668cb93aa28b7ebdff45edc703cafd2919
Sha256: e5cbe9fe40968d6258bda40fab415b0796372281824262e86edb9aa5f3b74cb9
                                        
                                            GET /img/index_files/galicia/index_files/dispatcher-v3.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "1392-5ef20ed0acd09-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1228
Keep-Alive: timeout=10, max=198
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1228
Md5:    a4630b9d3da3bba845510abf73c53859
Sha1:   6543de95aacd38ed6920d735f7fcaf846ebe2d03
Sha256: 4e3ba17d14a08f98165a8724fd6b525fdba14b7e5abebe4f1f0795a508cc142c

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/yahoo-min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "1bab-5ef20ed2cacda-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3005
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (6013)
Size:   3005
Md5:    a5b2c161a424aeaf067d6246176d64ee
Sha1:   7293cb47259c7065ac91d48096c2a227bc812cbc
Sha256: 36c712dcb454d4b23a4e63d24a6adc9e503f0cf9a8faf3c4a94457fdd25d102f

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/cp-v3.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "c-5ef20ed0677ab"
Accept-Ranges: bytes
Content-Length: 12
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   12
Md5:    bc6573647ae421e4cd14dcdf34c877ce
Sha1:   a567ddefcd1cfc1bbbaf5323bdadba5795c95478
Sha256: 7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/json-min.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "1337-5ef20ed1a70ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2204
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4764)
Size:   2204
Md5:    73caddd8ca193f8bbe1008199439f379
Sha1:   bb864f4af973871e416dc2cc2da18bba495f4606
Sha256: 204207a80c315adee6290dfbf2e00e7b96c153621b9d5cc2a732f1859f451705

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/default.min.css HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "12f64e-5ef20ed0cefe8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   140038
Md5:    3a4df7079d9b37d0dd779f8c063ce03a
Sha1:   de06e613779c3c982a3e76627de92ed487a758c0
Sha256: 812bd2765cc7bb7b921f7d5cc9e0d3044d17d55858a5431a99905b57a2cbd70f
                                        
                                            GET /img/index_files/galicia/index_files/keyboard.css HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "1ec-5ef20ed1bb13a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 275
Keep-Alive: timeout=10, max=197
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   275
Md5:    03026484ff3ed14003ed15e7563e9931
Sha1:   84cd9b9c9f9643d9d10e4cf8145756cdfe641566
Sha256: 9f80bb36c3d476b6cc261ea273592912d9a180c03e39c041daf525cfa04441e4

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/simple-keyboard.css HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "ae6-5ef20ed29882c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 871
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   871
Md5:    44890b556529205fa312c21a0b93a7a3
Sha1:   b7d7a862c0e586b311e4be6f5c9b7193e3bcffd7
Sha256: 2a90530004faf9e08e48bbdd380c544f1ec36e7940624da859c76f1143fb0b80

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /img/index_files/galicia/index_files/hotjar-584153.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "5574-5ef20ed147995-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5289
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15929)
Size:   5289
Md5:    b73abebd085f043935dded21c5fdaee3
Sha1:   ff29f8d6cf5624b2b8ea0c502a1b9911a12526e0
Sha256: 725e509d8d97a59bad0525bcdf7d46055a5c0d114810cb6ac3747911f6296655
                                        
                                            GET /img/index_files/galicia/index_files/polyfill.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "6f6-5ef20ed223147-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 672
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   672
Md5:    5dc5a228625422e92c9b5beb8c7b417d
Sha1:   67569836113125adbee2b90730d04ec5322e38dc
Sha256: 34feda018175e4ef4f4f13fdf594f49fe226a1f3f168b62b69c4d88adc493ccc
                                        
                                            GET /detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.49312707852582793 HTTP/1.1 
Host: detectca.easysol.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         107.23.44.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Dec 2022 05:54:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Size:   82
Md5:    ae11c9259e141875b33cbb6598aa1485
Sha1:   4d71dc1bd4621df68ee846fe3f9409606aabced4
Sha256: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
                                        
                                            GET /img/index_files/galicia/index_files/keyboard.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "1864-5ef20ed1cd631-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1864
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1864
Md5:    88342f45224d49f5f270f4e98afd1ac4
Sha1:   b84da59d784943f4625b92c714abe4240b92b01f
Sha256: e1a7b946fdc7a2f409272580fa56bba14924ba0d2ae7d483a8565e4be7e1884a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/index_files/galicia/index_files/modules.d53d96d4fefc0e537bd8.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "41ae1-5ef20ed235256-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   84582
Md5:    3caaa8644257fccf76804c332d6ee64f
Sha1:   6741995acd7e8f1be92d053e31facbb93d1bfd7f
Sha256: d988a880e6fa6f341a8b50e5ba98df7af46f48542d0d3ef21f4c7a8cdb32e74e
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62726172-14&cid=1969658199.1670306092&jid=2126279852&gjid=1191967864&_gid=486805073.1670306092&_u=aGBAiEABFAAAAEAAI~&z=576026865 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         64.233.164.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://c1481833.ferozo.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/index_files/galicia/index_files/eluminate.js.descarga HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:54 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "25cb4-5ef20ed0ed447-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 42306
Keep-Alive: timeout=10, max=196
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65268), with CRLF line terminators
Size:   42306
Md5:    00a2494c0f8369a8f777f0648c50a89d
Sha1:   ed9a2d8bd7217f3b3bc4ac62ac6d21773590b79b
Sha256: a1560b3946737d462dc35d133d49a3720170cc93b5acc99f5aade4ca399d4f49
                                        
                                            GET /img/index_files/galicia/index_files/f(1).txt HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "b394-5ef20ed0ee7cf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17403
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2772)
Size:   17403
Md5:    6d5b458014f6c17c0b6287e8dac0b15b
Sha1:   2b021139a4734051f488bc135c818b4c9ecd1e4b
Sha256: 9a7f7d26f0dac577b8db566a69bb0332c54fade010dff77f0a071aff41b1f71a
                                        
                                            GET /detectca/scripts/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/detect.js HTTP/1.1 
Host: detectca.easysol.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         107.23.44.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 06 Dec 2022 05:54:55 GMT
Content-Length: 1640
Last-Modified: Tue, 24 Aug 2021 00:00:00 GMT
Connection: keep-alive
ETag: "61243680-668"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1640), with no line terminators
Size:   1640
Md5:    aef7b7e1e7819c8d35e55d721f410939
Sha1:   9ef9629efb99fc8912d7d9f2a72660ec65155de4
Sha256: f6d0448700281e0d7bae82dfdf56ed258c5e026bdaae7449bd4e679fd6a59e62
                                        
                                            GET /img/index_files/galicia/Content/fonts/Inter-Regular.woff2 HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            GET /gtm.js?id=GTM-M6B9RZQ&gtm_auth=TiByp1Z92r_vHHqYjmr5yQ&gtm_preview=env-6&gtm_cookies_win=x HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: *
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 132073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65323)
Size:   132073
Md5:    3da5e9aef96637477ffec47ff8854d57
Sha1:   bede27a7ca46b4c41a863e6f2315d52750c70f87
Sha256: 0bf161ce7ec233efc753f33897800d3fdd327a9a95adb8bb2e1a206453a7def9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 05:54:55 GMT
Etag: "638d98ac-118"
Server: ECS (amb/6BC2)
Content-Length: 280

                                        
                                            GET /detectca/images/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&sr=1280%20x%201024&url=http://c1481833.ferozo.com/img/index_files/galicia/&rf=&nc=0.15498958627258685 HTTP/1.1 
Host: detectca.easysol.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         107.23.44.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Dec 2022 05:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Size:   82
Md5:    ae11c9259e141875b33cbb6598aa1485
Sha1:   4d71dc1bd4621df68ee846fe3f9409606aabced4
Sha256: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
                                        
                                            GET /img/index_files/galicia/index_files/logogalicia.html HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0
Upgrade-Insecure-Requests: 1

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:19 GMT
ETag: "31bf1-5ef20ed20c9e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (804)
Size:   57273
Md5:    7c08d2537a26aed61fda343b88a9aa5c
Sha1:   82017fe9423f7e896f1aed0d37fb1a09b379bab4
Sha256: 1a632706b6fd8b91b9ebaa175f719a9e6e5d460d8a2138f9f133585fcf61e432
                                        
                                            GET /img/index_files/galicia/logo.png HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:14 GMT
ETag: "8ef-5ef20eccaf17c"
Accept-Ranges: bytes
Content-Length: 2287
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 140 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size:   2287
Md5:    317c48a57bc7bfb38f6421d68ea795d6
Sha1:   11749c9eade31875a8d42d0add1d66b09f0630df
Sha256: 465d2570cd777b7581a2abc33a8c455e74b0367bb90743dc027701e127778089
                                        
                                            GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.woff2 HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=200
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2230
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 05:54:55 GMT
Last-Modified: Tue, 06 Dec 2022 05:17:46 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /img/index_files/galicia/Content/fonts/galicia-ui.ttf?8esgb8 HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DF3360B65E15FFB70A495C4A%40AdobeOrg&d_nsid=0&ts=1670306092314 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.72.35.25
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://c1481833.ferozo.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=76390773508081107682319319525236782209; Max-Age=15552000; Expires=Sun, 04 Jun 2023 05:54:55 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: SP5B4yvlSr8=
Content-Length: 564
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1006), with no line terminators
Size:   564
Md5:    0a3468f10689aee386d032d46d0c49b6
Sha1:   578c2854fdf689bc44a8af00b541834073ce4fa1
Sha256: c41f747afc081398a7bf2c702c094f8a17de305265d2d932320f3919b02fc48c
                                        
                                            GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014"
last-modified: Thu, 17 Nov 2022 14:05:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 543
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (864)
Size:   543
Md5:    6e70c064dcc46bddc302d38e13df7375
Sha1:   11a26413589f01e66bb8638a72b020bfce0df66e
Sha256: 73126989e913930819159af197416325de64064d2eb0c6e6ef5baa8d8a17768a
                                        
                                            GET /api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/?rfr=&hash=&dom=c1481833.ferozo.com&href=http://c1481833.ferozo.com/img/index_files/galicia/ HTTP/1.1 
Host: gal.bgsensors.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.25.208
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 06 Dec 2022 05:54:55 GMT
content-length: 67
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7ka6r%2Bs1qzASrwbbDjO%2FXAOHRwKs%2FVNj8diIzRqb2L4q4r026xOzI02bAqJuoaP7gi3alwlO8%2BKxM2oOJf0Kgzed7fxuaS%2BBfegrJWVbwHkB1%2Bo7GlHFz1JTRjo2psY0iT4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7752c5076fdab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data
Size:   67
Md5:    06707af2ef27f407df4958d3abf2a9f7
Sha1:   874a600942cc18a6c71a96ee2e19fecd42886bfb
Sha256: 089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RC1699ac92c9d8400891bfa4b6e7a932be-source.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014"
last-modified: Thu, 17 Nov 2022 14:05:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (433)
Size:   358
Md5:    31ea1a7be2ce884825de79c2b2b85636
Sha1:   bb090cfd383820961658b024f472706ed7fef996
Sha256: 9dddf9d548fe2c42b2bd155c1f23564b9ec191ef0f7181b77dd31614cc747d64
                                        
                                            GET /img/index_files/galicia/Content/fonts/Inter-Regular.woff HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=195
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 05:54:55 GMT
Etag: "638d98ac-118"
Last-Modified: Tue, 06 Dec 2022 05:54:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /87fc8b53a8b1/118d2b304f55/a128628dac2f/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "7f6ea0b801d7e2a4f0d5ec2acb0074dd:1668693900.209014"
last-modified: Thu, 17 Nov 2022 14:05:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 221
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   221
Md5:    00aacf1a7ee46f4d76dbc88c13b50665
Sha1:   3f98aea9894054c0486320cbe587e7b1927856f6
Sha256: e65b48d91b73b4adfa1c555c7f7a1a6729d4ea33d42580d901f5c5a0c0cd99f0
                                        
                                            GET /pagead/conversion.js HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         142.250.74.98
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Tue, 06 Dec 2022 05:54:55 GMT
Expires: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: private, max-age=3600
ETag: 6351308751113588399
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 17396
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (2772)
Size:   17396
Md5:    4c734f2dee2775f34cf20236a1e454ce
Sha1:   8519539acac5a7086a839fc5534f9648c5b0de46
Sha256: 9a7a7b257d298e7db6db54901e7bf89361f015742c19276a81fae9e82efdd823
                                        
                                            GET /87fc8b53a8b1/118d2b304f55/launch-121f57795303.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "9e6fd0a59e71085ed8c04063c3bef56e:1668693899.426046"
last-modified: Thu, 17 Nov 2022 14:04:59 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 88143
cache-control: max-age=3600
expires: Tue, 06 Dec 2022 06:54:55 GMT
date: Tue, 06 Dec 2022 05:54:55 GMT
access-control-allow-origin: http://c1481833.ferozo.com
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32763)
Size:   88143
Md5:    728f8e3526301a03588ace633f0bb6f5
Sha1:   96a5c698d252210d919a05bdeacf0c807306814b
Sha256: 4c2ab4845f61dea6e37f239073fa781636c359dd3550b0301ba0e77b424f8860
                                        
                                            GET /img/index_files/galicia/index_files/box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y
Upgrade-Insecure-Requests: 1

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:18 GMT
ETag: "9cd-5ef20ed05104b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1315
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2397)
Size:   1315
Md5:    5bc8e01ed61435444e02ebbbfb6c3488
Sha1:   a58080b2d6595196a4315514d3e2f7e3f40faaf5
Sha256: 1eba453433ead3f057aa3819aa2cc0b764b58c3608b9a2035bac75769da7b113
                                        
                                            GET /img/index_files/galicia/index_files/saved_resource.html HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y
Upgrade-Insecure-Requests: 1

search
                                         200.58.112.174
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Last-Modified: Tue, 06 Dec 2022 04:06:20 GMT
ETag: "95-5ef20ed266b4d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 145
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   145
Md5:    5e610eda263540ba05be0d6b5cf807a2
Sha1:   269663c27bdb68d880847d4f7bd4b62796926c93
Sha256: 682e5b3b42807f8a40d9f12d20c12a824dbf1dfcda7fefab7c81a08a35c9bfca
                                        
                                            POST /collect HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 427
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         216.239.38.178
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: http://c1481833.ferozo.com
Date: Tue, 06 Dec 2022 05:54:55 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5832
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 05:54:55 GMT
Last-Modified: Tue, 06 Dec 2022 04:17:43 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /img/index_files/galicia/Content/fonts/galicia-ui.woff?8esgb8 HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.woff HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-NK1ZTDWVWL&gtm=2oebu0&_p=1086889195&_gaz=1&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&dt=Online%20Banking&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&sid=1670306092&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.page_path=%2Fimg%2Findex_files%2Fgalicia%2F HTTP/1.1 
Host: analytics.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         142.250.74.14
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://c1481833.ferozo.com
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.23
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 06 Dec 2022 05:54:55 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 20:41:09 GMT
Expires: Tue, 06 Dec 2022 20:41:09 GMT
ETag: "29d975e08d716f6d33e3c3bd6405a6322df6ca65"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    1fad8e834ba3c602a0fff059a7a40552
Sha1:   29d975e08d716f6d33e3c3bd6405a6322df6ca65
Sha256: 3802068c5eb245d9675ed4af5ed889bd9ec33b858b2a20b8c408f8e4f0d7fe9f
                                        
                                            GET /img/index_files/galicia/Content/fonts/Inter-Regular.ttf HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /Scripts/eluminate.js HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y; mbox=session#95b84a3a802c48eab403f0d1399b55c6#1670307953; at_check=true

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=194
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=100469
Date: Tue, 06 Dec 2022 05:54:55 GMT
Etag: "638dbea4-1d7"
Expires: Wed, 07 Dec 2022 09:49:24 GMT
Last-Modified: Mon, 05 Dec 2022 09:49:24 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST /client/v3.1/web/wup?cid=gamora HTTP/1.1 
Host: wup-ad1a29c5.us.v2.we-stats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.141.217.134
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 565
date: Tue, 06 Dec 2022 05:54:55 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 00859549-1c2e-4e79-882b-a4120bd50888
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (565), with no line terminators
Size:   565
Md5:    1476681319e51abc40b1caabdf291b35
Sha1:   89b87f0ad23660075db9c01530c9ef498c0353ac
Sha256: 5249f03d2b9bf3cb85752cb02a1354d9af78644ac9648d7047aee5734bdb72a3
                                        
                                            GET /img/index_files/galicia/Content/fonts/fontawesome-webfont.ttf HTTP/1.1 
Host: c1481833.ferozo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/img/index_files/galicia/index_files/default.min.css
Cookie: cdContextId=1; bmuid=1670306092066-B0866678-FEEE-4F77-BC2B-81A21247F94A; _ga=GA1.1.1969658199.1670306092; _gid=GA1.2.486805073.1670306092; _dc_gtm_UA-62726172-14=1; _ga_NK1ZTDWVWL=GS1.1.1670306092.1.0.1670306092.60.0.0; AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg=179643557%7CMCIDTS%7C19333%7CvVersion%7C5.5.0; onb2_isreload=false; onb2_prevpath=/img/index_files/galicia/; _ga_R462ZWFJX5=GS1.1.1670306092.1.0.1670306092.0.0.0; cmTPSet=Y; mbox=session#95b84a3a802c48eab403f0d1399b55c6#1670307953; at_check=true

search
                                         200.58.112.174
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Server: Apache
Content-Length: 196
Keep-Alive: timeout=10, max=193
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
                                        
                                            POST /g/collect?v=2&tid=G-R462ZWFJX5&gtm=2oebu0&_p=1086889195&cid=1969658199.1670306092&ul=en-us&sr=1280x1024&_s=1&sid=1670306092&sct=1&seg=0&dl=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&dt=Online%20Banking&en=page_view&_fv=2&_ss=1 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.38.178
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://c1481833.ferozo.com
date: Tue, 06 Dec 2022 05:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         216.239.38.178
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Tue, 06 Dec 2022 04:23:05 GMT
Expires: Tue, 06 Dec 2022 06:23:05 GMT
Cache-Control: public, max-age=7200
Age: 5511
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/936934836/?random=1670306092907&cv=9&fst=1670306092350&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.2
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 945
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 06:09:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2135), with no line terminators
Size:   945
Md5:    9304424da2144a574a1c6cc4e5c87697
Sha1:   e9102bd383d849ed7f68520ed954f0508a4e00f1
Sha256: 62ce0f91842bf156db24992fc230b0456da25cf5d196354d7b9cd054db2a940d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/936934836/?random=1670306092350&cv=9&fst=1670306092350&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.2
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 944
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 06:09:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2135), with no line terminators
Size:   944
Md5:    256bcd5cc2296b5a394ea86ceb4998d7
Sha1:   6d3dff38310f61e18f109dc976d20c246c0c608d
Sha256: 23394f5a7f41b5faf07a5e520ac68ed938822708f2db56c6a974f10145d98138
                                        
                                            GET /pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.com.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/936934836/?random=1670252859239&cv=9&fst=1670252400000&num=1&guid=ON&eid=375603261&u_h=1080&u_w=1920&u_ah=1032&u_aw=1920&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&ref=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1667616965&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NK1ZTDWVWL&cid=1969658199.1670306092&gtm=2oebu0&aip=1&z=1965234860 HTTP/1.1 
Host: www.google.com.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /requestserver/script/v1/k9t02s/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 
Host: sifo.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.196.56.54
HTTP/1.1 200
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 05:54:55 GMT
Content-Length: 144528
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff


--- Additional Info ---
Magic:  Algol 68 source text\012- Pascal source, ASCII text, with very long lines (938)
Size:   144528
Md5:    d92e202d987d0b2efe131beb937cc386
Sha1:   2984249d3f13fd65eedf7b902bde84d8530af8dc
Sha256: 3f2054b0bb91912c2c4447308efddc5d5f1029e79b97d9a73967583ca34bbe11
                                        
                                            GET /cm?ci=Producci%C3%B3n&st=1670306092344&vn1=4.18.138&ec=utf-8&vn2=e4.0&pi=%2Fimg%2Findex_files%2Fgalicia%2F&ul=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&cjen=1&cjuid=&cjsid=&cjvf=&tid=6&rnd=1670313185311&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0 HTTP/1.1 
Host: data.coremetrics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         54.224.36.233
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Server: Apache
Vary: Host
Expires: Mon, 05 Dec 2022 05:54:56 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Length: 43
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Connection: close


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    55fade2068e7503eae8d7ddf5eb6bd09
Sha1:   317496a096d6c86486a71d4521994bcd171a6bb3
Sha256: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
                                        
                                            GET /configs/Producci%C3%B3n.js HTTP/1.1 
Host: libs.coremetrics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         23.61.236.51
HTTP/1.1 404 Not Found
                                        
Accept-Ranges: bytes
Content-Length: 10
Server: AkamaiNetStorage
Date: Tue, 06 Dec 2022 05:54:56 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text
Size:   10
Md5:    7605968e79d0ca095ab1231486d2b814
Sha1:   a007b420d19ceefa840f0373e050e3b51a4ab480
Sha256: 493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/936934836/?random=1670306092907&cv=9&fst=1670302800000&num=2&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=2017215404&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/936934836/?random=1670306092350&cv=9&fst=1670302800000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fc1481833.ferozo.com%2Fimg%2Findex_files%2Fgalicia%2F&tiba=Online%20Banking&fmt=3&is_vtc=1&random=1203412094&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 
Host: sifo.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://c1481833.ferozo.com/
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.196.56.54
HTTP/1.1 200
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: http://c1481833.ferozo.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 226
Cache-Control: max-age=138472
Date: Tue, 06 Dec 2022 05:54:56 GMT
Etag: "638e5236-1d7"
Expires: Wed, 07 Dec 2022 20:22:48 GMT
Last-Modified: Mon, 05 Dec 2022 20:19:02 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /requestserver/rest/v1/pageFeatures?sessionId=x&clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61 HTTP/1.1 
Host: sifo.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 25033
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.196.56.54
HTTP/1.1 200
Content-Type: application/json
                                        
Date: Tue, 06 Dec 2022 05:54:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: http://c1481833.ferozo.com
access-control-allow-methods: POST, OPTIONS
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: herok=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6; Expires=Tue, 06-Dec-2022 06:24:56 GMT; SameSite=None; Secure kirby=2886860804QUDAOsOZVe80EUAzMdcaGOWWpcWlG6; SameSite=None; Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self'
permissions-policy: fullscreen=();microphone=();camera=();speaker=();
x-xss-protection: 1;mode=block
x-frame-options: DENY
x-content-type-options: nosniff


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   115
Md5:    78bcb6e49d27426cdf4375932546b00e
Sha1:   4c76bfbd622fe498b219966023837e1375d5ecb3
Sha256: 5b23ddbce779ab2497d5a126aff93425bde3bac8dcabbe2afe22b382412211bb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=138246
Date: Tue, 06 Dec 2022 05:54:56 GMT
Etag: "638e5236-1d7"
Expires: Wed, 07 Dec 2022 20:19:02 GMT
Last-Modified: Mon, 05 Dec 2022 20:19:02 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET /content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/App-2.jpg HTTP/1.1 
Host: www.galicia.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.219.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Mon, 29 Aug 2022 13:47:04 GMT
etag: "0x8DA89C4F4D104C7"
content-disposition: attachment; filename="App-2.jpg"; filename*=UTF-8''App-2.jpg
access-control-allow-origin: *
x-content-type-options: nosniff
cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges: bytes
date: Tue, 06 Dec 2022 05:54:56 GMT
age: 80007
strict-transport-security: max-age=31557600
x-served-by: cache-eze2230062-EZE
x-cache: HIT
x-timer: S1670306096.446258,VS0,VS0,VE0
content-length: 231967
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.5 (Macintosh), datetime=2022:08:18 14:50:23], progressive, precision 8, 1000x1309, components 3\012- data
Size:   231967
Md5:    e5c836a4a0a86a8f73f3483df55b8cb4
Sha1:   22f84e668e0150a6b5dde9ce532e97a640bb589d
Sha256: 5f35283bd1018c2a477ae7ac1818f05bcac581b2910d3a104984602f959f4df9

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /images/assets/logo_ios_152x152.png HTTP/1.1 
Host: onlinebanking.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         161.190.1.97
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Mon, 03 Oct 2022 17:29:00 GMT
Accept-Ranges: bytes
ETag: "20f919a04dd7d81:0"
Date: Tue, 06 Dec 2022 05:54:57 GMT
Content-Length: 3728


--- Additional Info ---
Magic:  PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size:   3728
Md5:    44833eb3871f5915ed3b03557937c593
Sha1:   6a2c0daa8577d261dc4f3fa8864a0bd00f3262e3
Sha256: 516214aaaf58a361362c9abf9818810f7e34358ed54aacb3c8450128754f900a

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            GET /Images/favicon.ico HTTP/1.1 
Host: onlinebanking.bancogalicia.com.ar
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c1481833.ferozo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         161.190.1.97
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Last-Modified: Mon, 03 Oct 2022 17:28:57 GMT
Accept-Ranges: bytes
ETag: "8051689e4dd7d81:0"
Date: Tue, 06 Dec 2022 05:54:57 GMT
Content-Length: 1559


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1559
Md5:    b700b544f2fa87e37e6b728fef00fcb0
Sha1:   c0735fa743392c2f3032c22d241854b88832cdb7
Sha256: f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03

Alerts:
  urlquery:
    - Phishing - Galicia
                                        
                                            POST /event?d_dil_ver=9.5&_ts=1670306092617 HTTP/1.1 
Host: galiciabanco.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 227
Origin: http://c1481833.ferozo.com
Connection: keep-alive
Referer: http://c1481833.ferozo.com/

search
                                         52.31.124.224
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://c1481833.ferozo.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v045-05ee5fd88.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=76390773508081107682319319525236782209; Max-Age=15552000; Expires=Sun, 04 Jun 2023 05:54:57 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: eSRQNa8qReE=
Content-Length: 435
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (751), with no line terminators
Size:   435
Md5:    b541f50d52d3599ecee7158d89e04eb0
Sha1:   5c4e40fa25f54fc5c28ffa980b10c133e790cc6a
Sha256: a8154609b15382001ef448b30dead1d1ad7b9e0887487ea8e07865265117f55c
                                        
                                            POST /rest/v1/delivery?client=galiciabanco&sessionId=95b84a3a802c48eab403f0d1399b55c6&version=2.10.0 HTTP/1.1 
Host: galiciabanco.tt.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*