personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
172.67.200.230301 Moved Permanently 0 B URL User Request GET HTTP/1.1 personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
IP 172.67.200.230:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/ HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 30 May 2023 16:02:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 30 May 2023 17:02:40 GMT
Location: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=183yXdhmURpTiYhC7j8cAsm%2FEUqhyLQPyXJ9zEyj8uJmbeMgL5zTC8qnzkJX6ZmPwLfPZMfxVgQOhM28cLeuwmJkHZktmW5A6LsEvFdDijxhbTapHISVlzD16cavyNbWEzJiO3s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cf833e8e85ab4f1-OSL
alt-svc: h2=":443"; ma=60
personas.hgdsa.com/panel/mua/img/info.jpg
172.67.200.230200 OK 3.4 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/info.jpg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 62x61, components 3\012- data
Hash 72f07f88a708281bb165235fb88649ee
d2e7284036b30a170dc68c2ad476d664234ed66c
13df691e5ad1109013261983ff6272aa37353f3b28525a9e8b0b29355a1ebec4
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/info.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 3438
etag: "d6e-5fce05bea749e"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lISAVlkdLI5m6coM3OXckipmUOgJGp%2FFzfXvoSaQ%2BIVosCWgP0EgvmgOWBlHCXl%2BvrimJ32Qfe6KBHQS77kCvCPczKsDxoRPCsVDiUbnkyOdBf4i9B0USoTTNw27JphfzfAXMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0fe031bfe-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/politica.jpg
172.67.200.230200 OK 2.6 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/politica.jpg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash 7bb6c2ef23b43c8b8723d9e68ddf2fec
351b75536ef2c3244b7ba1eec7fe13215990a177
7b4d681b13b2beeab7a0dbd807eac72b762dec8e3bb18410776270a51860ac86
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/politica.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 2615
etag: "a37-5fce05bf48a6b"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0HAOnb6kaZH32GmS4F69g2zIvQcR7g69ptOhszdVtGgUjtxZhilc%2BixNfzViDMNskLZDrZ82lyLwRk4Yxr%2F6S5rPwcu%2B%2BPmDLwAU6%2FMF1FCxXHpa3b%2Fv8RFQoUT7hNzwGEXv2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0fe0c1bfe-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/demo.jpg
172.67.200.230200 OK 1.5 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/demo.jpg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash 992039d1b794268d688a19b3563b7cd2
9116dbfe0fe620a6351952c1053017501537002f
61541605fc80557ad8cbc03b7d7ea64e94732198e536d4618dea0cb70191eb48
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/demo.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 1465
etag: "5b9-5fce05bef55d5"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxrAj1p%2BDPjyVwdPNhWRCain5jK%2BMVg3hIaffjkx0TzAbeL4UiFO0i05Y5JicR5hLXCxeEbtdJ0%2F%2FIeRWdpC4eBAm7yIPtjCdJMFV4VIB1BMgWpT2P87tP5mZd2YD7foa0IKJo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0fe0b1bfe-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/seguridad.jpg
172.67.200.230200 OK 1.9 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/seguridad.jpg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash 1aa9d62d948208093b507e8e1439b309
72f701f1204320b47d9966d5d0ed496a733adb80
1800e5e993450b4f547840ccb7abf5cd1f285f6cf9784b3ec23675528a49ff8c
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/seguridad.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 1935
etag: "78f-5fce05bef9e4d"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCvYMFB0gXPmsPWvaWgeEge0CTgsWwTCeOCA14KiqguwiryUzYCQBEdSqBONCFgXQJtBvDHHdiB7CSwnduGsxmOLs3XLf3iNZKFg8OYF25npQgtZd6g1aebmKDwk8o3y9i6nLVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0fe0d1bfe-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/inicio.jpg
172.67.200.230200 OK 48 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/inicio.jpg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 627x327, components 3\012- data
Hash 085532800ace541124cb3472d27a2365
153ac0b32e31c472e021e450b6e48f4564a4c40f
35500fe4c97323624f089389243374c56e666e25478685a849c2456461a6163d
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/inicio.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 47804
etag: "babc-5fce05beda441"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFzA%2FFB9p40mjzANhH7Q3dkK8x89BuDgFrtgWxgqCvoBE4PO0OUTLGrJ5GBBQU4%2BSpBgoMiZ3sY9LQHRSdW7c3gOiFtRwhXlxPYIp5GTMjzN4qYdW4g21%2FeMq3rnmpDyEZSFV80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0fe0f1bfe-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/reglamento.jpg
172.67.200.230200 OK 1.8 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/reglamento.jpg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\012- data
Hash be3af886cffea048856b7fc77eaeebfc
96c0ec1895b5544070fd9c3ff371812ea04c7932
4d31c93eab87267a6e5e827fedd488a02c824a79ded4f00ef19f7431eaedab12
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/reglamento.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 1764
etag: "6e4-5fce05bf3d6ed"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t68ay4iTJKfJQBRR435EHfchMg2VMmQO%2BvSMZ%2BSkSty5mHk7raLVRI2xcSbER%2BaaIRbsgxUFfMT5YAsQ33QBFSp%2FimOjzDnVr%2FrBSgdFO1rfeooEyaNJLHxriTMUMPa5I9A9RDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0fe081bfe-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/error.jpg
172.67.200.230200 OK 5.4 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/error.jpg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 195x194, components 3\012- data
Hash 845eeed3b61d4c19ed0059c42fa7fc2e
ace747921c0b92d8451a1562759c867296c31b44
f68c633109e951014c6c401f878be7196c8894f6723215afb18388dbbbb83f1d
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/error.jpg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/jpeg
content-length: 5363
etag: "14f3-5fce05bf2a362"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH1IIsuIcCtm7a8vynJszlb5QeXyACJEKp1nu2ZSsIrNTLr%2FobxLil3PHpDgJ5zRW253Hu6UXU3S9QMH8yv1N8kGyj7pXJ%2Bo9GpnqqE9UWurJexksTUEs%2FIZukUmTz8V0A%2BuQqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0fe021bfe-OSL
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/user.png
172.67.200.230200 OK 447 B URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/user.png
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e3457ed5ea858d1e9287ef66dcbbfe4
006c99b62e141ebbc69f6e06cab757995d3f7417
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/user.png HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/png
content-length: 447
etag: "1bf-5fce05bef0a74"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TT9bUm79GEszJZgXhpdWi4DQDw14BMfSDCMf0uyit%2Bxpctn8Hwe%2FfDadhvmVUaNnL0W1d57j%2FPP3gzcNcVEdpnGMvKBpe3s7zW5SB%2BIwAO1YOkrzGIs8aEKER0eQjA62hvj20g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f83fcf1bfe-OSL
alt-svc: h3=":443"; ma=86400
ocsp.godaddy.com/
192.124.249.22 1.8 kB IP 192.124.249.22:0
Hash f679006cb76213b6fe566819ce8f2e3b
58e3e7925235c2b285b5894b576cbf9d793e1a3b
aa168f7063ce45e06c53f4086fc8e6aa8bee9a2bc973c240ec95912739075a3a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 30 May 2023 16:02:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 30 May 2023 00:05:05 GMT
Expires: Wed, 31 May 2023 00:05:05 GMT
ETag: "58e3e7925235c2b285b5894b576cbf9d793e1a3b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
images-cdn.info/444/image.gif
54.86.140.52200 OK 43 B URL GET HTTP/1.1 images-cdn.info/444/image.gif
IP 54.86.140.52:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoDaddy.com, Inc.
Subjectimages-cdn.info
Fingerprint9B:95:3E:E4:E8:F5:63:C3:BC:A0:E0:3A:CA:BD:74:8D:50:61:82:2E
ValiditySun, 30 Apr 2023 18:08:05 GMT - Fri, 31 May 2024 18:08:05 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /444/image.gif HTTP/1.1
Host: images-cdn.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 May 2023 16:02:43 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
personas.hgdsa.com/panel/mua/img/logo.png
172.67.200.230200 OK 9.5 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/logo.png
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type PNG image data, 521 x 520, 8-bit/color RGBA, non-interlaced\012- data
Hash 2903c67701750d246b77ee1c1c9188f1
028e6e88d6563e81eb77807c38f401cf5e7f2be0
c2fd3f9e79070fdbcb7ed3270a428a6ecd22ae089ab6e573eb4dfe91079c41fb
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/logo.png HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:45 GMT
content-type: image/png
content-length: 9489
etag: "2511-5fce05bf2e7b2"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WXa1mzd07fUf5DP9TPrkGjSuWdiwGmwgAsrYi44NsG0tyyFCudQbwp832cR30PGdRw7J%2F9HZEKNtl7zzG3xL1HbvioEib0L6km8cvzazphhWOkw4IMwxm%2BWziUZ9Ckwfvc3t6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833fbdbfc1bfe-OSL
alt-svc: h3=":443"; ma=86400
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=45b9078c9f
172.64.203.28200 OK 1.8 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=45b9078c9f
IP 172.64.203.28:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1803), with no line terminators
Hash 97b548129a2bcf8588519009187c2c39
945ad038ab7f6ddaee01dda882fc07dbf3c56af0
7792fc000372bac02c70b61f4e98f5c0af19f74a07176bb2ff117cacf7752d81
GET /releases/v6.4.0/css/free-v4-font-face.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 16:02:41 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"9e7f9f634ace089bcdacc3fcc5f23ce5"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7309328e91f012108061822748228b68.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: djic5j_SFltRJVPsHLjWX0O5dIouXGU6dCwDeY-TyCskzKT7-50MkA==
age: 10221
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp3%2Blq9E%2B%2BCrIJQ7KyWgsXPc5yCycpRVhytsFij3IZcII8YE3nSR6n7uEmXqsRle4zDjEwlGx47yQeSyAiOF8SLNs9bF%2BPmUfomT9BynQn3M8yhfwZ1dAzWqTmQup7dybj6hRmMQoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf833f229d54171-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/css/style.css
172.67.200.230200 OK 6.0 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/css/style.css
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type ASCII text, with very long lines (6818), with no line terminators
Hash c336cc87007f639f2b6282f744233afe
1edb56913d600419c86ad0173b7a2a37711c4233
4095ccc9e9de7b596e76cb91ede4f9d80c7bf1115ffd88e043aee2cf366db197
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/css/style.css HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: text/css
etag: W/"1779-5fce05be5ba01"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60P7SDng8j6IahKNfHwjJ32YGCwCnJlYPbt2ro5gvntw459TobU%2Fc0X6a7oxAcAR1kUEiGqHpqVXST4hB6juAUwibQ%2F2KMiRG9MzhwYnSrarhzkt2LaRQ%2FyFvtee2sHcVqvIpPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0edf01bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=45b9078c9f
172.64.203.28200 OK 103 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=45b9078c9f
IP 172.64.203.28:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (65321)
Size 103 kB (102557 bytes)
Hash 5febfb939e2fc4ddf14fffae53b72cf0
e0e62217708a9cfd0b78a8574e07a66d95cf1344
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1
GET /releases/v6.4.0/css/free.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 16:02:41 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:21 GMT
etag: W/"5febfb939e2fc4ddf14fffae53b72cf0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f40585e1285ddfba696e566c1dd902de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 3jKUGG5vXtSDQZEuYQWbhG9twkA2PRNbGmg8ujRMT3dIA7O1m8i2Cg==
age: 10221
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWxiKQuRJGHf%2ByxbD3zJyRWHxJikGYXq8pis4fEJkO%2F%2Fmz5X%2Bu%2BssW7ku2obCjYJPJtfvj1lv0xBLz4Ga5D5KNXibz4MJeyQ079OQqcNCRnypD0WPYw1%2Bn%2FLnEzjNiMGOFYr%2BhcqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf833f229ba4171-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=45b9078c9f
172.64.203.28200 OK 823 B URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=45b9078c9f
IP 172.64.203.28:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (845), with no line terminators
Hash 2294fec50bebe1dc04d4936722c3c08e
05902d67eb724a4569ceeadb7b4e1eef75c0efee
1a0aefc152cf12c1e6ea5027b3449b301fddc172a581b382ff69216cd2c26781
GET /releases/v6.4.0/css/free-v5-font-face.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 16:02:41 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5856e3f07fbc36fc4d430a95a577a87f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 81dd58fce895623c177df225d0a65d52.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: oy4bHObfKTrfHigJ1bFA7UACR5a2eRPdtPCw7Hdty-S9bPBbUZIKpw==
age: 10221
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Uh6t08zpDXz18met0UsAHHxCPigyK%2FJEJ7gozBXDLm6H69oLnklhHVbFN0SiUiJRQxyOfgbW36yH%2BJmSP9PhWcTvQEcpb6uVQFiYhgT8xp%2FGreqVFfXPwK3IUw%2FEt4V2VIDP9B%2F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f229c44171-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/fonts/opensans/CIBFontSans-Light.ttf
172.67.200.230200 OK 111 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/fonts/opensans/CIBFontSans-Light.ttf
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved.\011CIBFont SansLight1.300;UKWN;CIBFont\012- data
Size 111 kB (110612 bytes)
Hash 69096387df83ff65381f8ee25006b0aa
89689ed7f7547a3815d9fa2d0a2c11513480086e
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/fonts/opensans/CIBFontSans-Light.ttf HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/css/stylesheet.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:43 GMT
content-type: font/ttf
etag: W/"1b014-5fce05bfd25c4"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8OCmsFOknSSBkHUsqXz2TjehOZUtTdnYUNAKvHTsXIYaPtAFMoLVPoHzdUn6bUjze%2FxepraxrptN7HNGdTXxLxcnaQY3SrI1WYDJg7V3fuTfRhq6MNS44W68Ae9hgXfZ3S59vI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f8782d1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/js/jquery-3.6.0.min.js
172.67.200.230200 OK 90 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/js/jquery-3.6.0.min.js
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/js/jquery-3.6.0.min.js HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: application/javascript
etag: W/"15d9d-5fce05be6e06b"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6c7CSx7rHUgHIYfUQFh3RGJ1zUcozcu%2FlMtuXgIm6CuWIs4covvq0OFLqVuHPpJ8ZbBm8FS8elvMmXXIO2Mm8%2Bc5Dnzwk2mhZFc71SHyLfmFlYhtqF%2BvgqLnUklmHAaWQdBWOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0edfa1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/img/logo.svg
172.67.200.230200 OK 7.0 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/img/logo.svg
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7158), with no line terminators
Hash 25dd9ab906a1090c8148571c89804ff1
9bcc8fa0be2694bb947a3205d19424eba45c3993
801fb30278b9eedb6a6c1e9c87b6cb2c5d03765ed74d2e75fc931e52b998707b
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/img/logo.svg HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: image/svg+xml
etag: W/"1b6c-5fce05bf4431b"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxhlhQcQe2SkhXh6CZ%2F4lqujmU2ND%2BLGurBQB8ZywaoPco9yTByz83h9%2FPz2a1P34ZwXPYOxmIsibttys8JxrqYDyk5TcYjeHYkacIF9poJtfs8Lx4T1pwja10yESumVVu1ILMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0edff1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=45b9078c9f
172.64.203.28200 OK 28 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=45b9078c9f
IP 172.64.203.28:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (27377)
Hash 5193a6de5225940ae4ef5f7c82126be9
fa2c2bdb52e9923ccf3387c5908459c9d11bff63
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575
GET /releases/v6.4.0/css/free-v4-shims.min.css?token=45b9078c9f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://personas.hgdsa.com/
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 16:02:41 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
etag: W/"5193a6de5225940ae4ef5f7c82126be9"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: WToYtah3cq6zYe9BZ79Nx-2VTUnGHZkgrRXrOkH_CtQegA9P61Kk0A==
age: 10221
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeM85yQf0v3M8bQnf3cTDR7zINQaKr10dWl30xhu16yhd6zn8pI9kS%2FWo4j%2BY79kFac1eBZCbUH%2BS8kzajV1nS%2BCKVbeM62T8lFSAp6NIoYPQU8l1kNQnGiRV8Ne3DGgOO5rFTQepw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf833f229cd4171-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/45b9078c9f.js
104.18.22.52200 OK 11 kB URL GET HTTP/2 kit.fontawesome.com/45b9078c9f.js
IP 104.18.22.52:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11018)
Hash 46718f089e12e17bd2807cc2b8bf6bfb
dc5970ab5f46c72ef6fb8c80bce20eff184ae915
a24ec9deb5a81c70bdfdb743dd49f8c75ce7b3d30d75d0d1fd9b8a69b87774b1
GET /45b9078c9f.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://personas.hgdsa.com
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 16:02:41 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F2PtCfE7U7f8DVr3qDqh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7cf833f0fbf9b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/js/jquery.jclock-min.js
172.67.200.230200 OK 3.3 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/js/jquery.jclock-min.js
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type ASCII text, with very long lines (3485), with no line terminators
Hash 552f8daf31a5ada0cc58457b80523305
87a3070b3d7acf3f83ac22f1a2443199648f02e4
8c97612b3b2289ae2d216af6b4e69fb218d78cc2f6c48e05cabfe8bb3e841fe6
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/js/jquery.jclock-min.js HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: application/javascript
etag: W/"d09-5fce05be92c11"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHc%2BJKaO3gpF637Zjd9N38dPpZO16XR32XNh7I%2BbsVNoZN1l2LdxXRhJAx09dD8B9FWGWx8KVC2QOssLmGZ5jSTlswLSfBY9TV348VlRp%2BhqZjnlPLBDeyFh5PXC89StruBfbLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0edfc1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/js/functions.js
172.67.200.230200 OK 3.7 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/js/functions.js
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type ASCII text, with very long lines (3882), with no line terminators
Hash b8c7a345d8f138cb36fae067adeba673
cbc5efeb3a227c7998c3c30288eca75bf9977673
35fbed899f30b0207c06f9af89e9e3ef37a1a9f98e666ca148da563d551ad0e4
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/js/functions.js HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: application/javascript
etag: W/"e4e-5fce05be7624a"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efwWrJeMPmRVEYwXYf%2BxJymnw%2BeakrM9LaAC84Sy4DqlLZmd8OJs0VN1CUq7GtL7WJvsHowCu5rY2%2BwFTWk%2BvJOaJ1s1s1J2eO3Vf8dpFBJv0NxD56uNNgQfKFnY3uqAEbwLvVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0edfd1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/fonts/opensans/OpenSans-Regular.ttf
172.67.200.230200 OK 217 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/fonts/opensans/OpenSans-Regular.ttf
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Size 217 kB (217276 bytes)
Hash d7d5d4588a9f50c99264bc12e4892a7c
513966e260bb7610d47b2329dba194143831893e
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/css/stylesheet.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:43 GMT
content-type: font/ttf
etag: W/"350bc-5fce05bfe7f4d"
last-modified: Tue, 30 May 2023 02:57:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Gofo%2Flr5rRuKcCNMRkmnOoXLKDPOYPXc%2BOTOKQYxTPOK6Jh3W53Z13Mg25w%2FePr9hvCwaZGVSKBLyPKKD5iE1s0qXsNjVqOu50b%2BJqauky%2B%2B%2FrGpqT3AFrxRk%2BEIjxqplrtRKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f858031bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button
172.67.200.230301 Moved Permanently 6.4 kB URL User Request GET HTTP/2 personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button
IP 172.67.200.230:443
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 30 May 2023 16:02:40 GMT
content-type: text/html; charset=iso-8859-1
location: http://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zfr95jM5K09QB4a3coDVuX7b1WZmBw%2FC1wIQVsEp%2BK5lHFZg97AfWjUCdRSElyfVIVNmUJjFePuCunqtt%2BNO9xyhwaYTfRz85D%2Bp42r76x1FaYjW6J77e5RYGrtGsmKGYwP1f8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf833e06a131bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
personas.hgdsa.com/panel/mua/css/stylesheet.css
172.67.200.230200 OK 2.9 kB URL GET HTTP/3 personas.hgdsa.com/panel/mua/css/stylesheet.css
IP 172.67.200.230:443
Requested by https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Certificate IssuerGoogle Trust Services LLC
Subjecthgdsa.com
FingerprintC7:9D:8E:16:F1:D1:3B:50:A8:D3:96:BF:4D:EB:1B:15:7C:4A:87:60
ValidityTue, 30 May 2023 02:18:13 GMT - Mon, 28 Aug 2023 02:18:12 GMT
File type ASCII text, with very long lines (3126), with no line terminators
Hash 997ae37ceeacbd062fd1936a8cb50332
e37292cc1fdef4d71ac902383f5fba345b8f3749
f34be6d89d1ebb8a52e40ad2c961609bc7f21625c729aea6220d0eb45d15d0da
Analyzer Verdict Alert urlquery phishing Phishing - Bancolombia
urlquery phishing Phishing - Bancolombia
GET /panel/mua/css/stylesheet.css HTTP/1.1
Host: personas.hgdsa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://personas.hgdsa.com/panel/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 16:02:42 GMT
content-type: text/css
etag: W/"b82-5fce05be55b55"
last-modified: Tue, 30 May 2023 02:57:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6PCfrQmdMtFsy1ZytfWgNMFSAkbIRrCTw1q%2Bwp59AEFOtfamX6qm7xkTEfLH4PCP6UFp5RovFkCkcoCsGIDNrXFXNg8NEFcslTkm55rTz9Wc9d6Nkv%2BMAwZZUhCABx1tNrZb%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf833f0edf21bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400