Report - dinamicabancolombia2245368.brizy.site/

Report Overview

Visited public
2023-11-27 13:15:31
Tags
bancolombia financial phishing
URL
dinamicabancolombia2245368.brizy.site/
Finishing URL
dinamicabancolombia2245368.brizy.site/
IP / ASN
13.248.211.84
#16509 AMAZON-02
Title
Bancolombia Sucursal Virtual Personas
Phishing - Bancolombia

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
t.dtscout.com	11951	2013-11-01	2017-01-30 05:52:42	2023-11-27 05:18:44	1.1 kB	29 kB	141.101.120.11
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-27 07:17:39	503 B	4.2 kB	142.250.74.106
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	719 B	41 kB	142.250.74.132
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-11-27 07:09:06	939 B	58 kB	142.250.74.131
waust.at	38137	unknown	2016-01-28 19:24:33	2023-11-26 15:15:54	423 B	9.3 kB	104.26.5.7
dinamicabancolombia2245368.brizy.site	unknown	unknown	No data	No data	504 B	3.7 kB	13.248.211.84
a-cloud.b-cdn.net	529626	2016-04-25	2021-08-23 17:38:08	2023-11-24 19:42:10	495 B	6.3 kB	194.242.11.186
validaciones.uno	unknown	2023-09-24	2023-09-24 22:31:55	2023-11-19 04:41:37	6.3 kB	325 kB	204.93.224.184
cloud-1de12d.b-cdn.net	unknown	2016-04-25	2023-07-30 17:48:27	2023-11-24 04:12:33	488 B	6.3 kB	194.242.11.186
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-11-27 08:05:54	443 B	31 kB	151.101.66.137
b-cloud.b-cdn.net	451504	2016-04-25	2021-02-03 07:26:15	2023-11-24 19:42:10	2.0 kB	662 kB	194.242.11.186
fonts.bunny.net	unknown	1999-11-22	2022-03-21 08:38:02	2023-11-27 09:14:05	812 B	20 kB	194.242.11.186
sucursalpersonas.transaccionesbancolombia.com	190375	2015-06-26	2015-07-24 23:04:19	2023-11-24 16:29:43	959 B	15 kB	162.159.254.116

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-27	medium	dinamicabancolombia2245368.brizy.site/	Bancolombia

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	dinamicabancolombia2245368.brizy.site/	ScriptElement	63 B	2023-10-22	2024-08-21
Pretty URL dinamicabancolombia2245368.brizy.site/ IP 13.248.211.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-22 14:08 Last Seen2024-08-21 03:51 Times Seen47 Hash 09daf16c8649dc52c9ef7d07073be415 ce598f1ba9d1f46cb855e42a83e9eee100ead94f cefb58f6b0a0f25459fe41968d1b22568fdbc48b778487a98cf3d3a14ca28198 Loading...

	dinamicabancolombia2245368.brizy.site/	ScriptElement	104 B	2023-03-07	2025-03-30
Pretty URL dinamicabancolombia2245368.brizy.site/ IP 13.248.211.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:25 Last Seen2025-03-30 11:03 Times Seen364 Hash ca52c62d963ac40ea2fabec74eb7807f 63bbf430d0f5335a6590c49d7d52578133d5f38b b51951eec6669e007453f4f7a215e705010a2d7b908db083ec06ee4cb25ddf30 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy	ScriptElement	69 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:23 Times Seen116155 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	code.jquery.com/jquery-3.7.0.min.js	ScriptElement	88 kB	2023-05-12	2025-05-09
Pretty URL code.jquery.com/jquery-3.7.0.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 23:07 Last Seen2025-05-09 04:01 Times Seen5996 Hash e6c2415c0ace414e5153670314ce99a9 5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6 d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8 Loading...

	t.dtscout.com/i/?l=https%3A%2F%2Fdinamicabancolombia2245368.brizy.site%2F&j=	ScriptElement	2.1 kB	2023-03-07	2025-05-09
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Fdinamicabancolombia2245368.brizy.site%2F&j= IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 06:37 Times Seen3857 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	t.dtscout.com/pv/?_a=v&_h=dinamicabancolombia2245368.brizy.site&_ss=1tqt6eapwf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5mdg&_cb=_dtspv.c	ScriptElement	52 B	2023-11-27	2023-11-27
Pretty URL t.dtscout.com/pv/?_a=v&_h=dinamicabancolombia2245368.brizy.site&_ss=1tqt6eapwf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5mdg&_cb=_dtspv.c IP 141.101.120.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 14:15 Last Seen2023-11-27 14:15 Times Seen1 Hash 3749815135f11dbc9148c195a00ddd66 b6b2d460d3a8530abc3b12a08db9ab32d4d3f687 54f32fed31065753407277932787fd21e6e4b3a70e48a114c71f8d9e884d38d2 Loading...

	b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/preview.min.js	ScriptElement	443 kB	2023-11-07	2024-08-20
Pretty URL b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/preview.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-07 03:22 Last Seen2024-08-20 20:36 Times Seen6 Hash 99cd8312a1e55fa5c641b58516aa6bb1 2ed9071ad91139ea452f42cacface0bffa020d29 e9d01180f1252c429ddf9c40aef3877939178e2fc9042066673a2d15b20de33d Loading...

	validaciones.uno/_user.php?&_=1701090918299	ScriptElement	4.6 kB	2023-10-21	2024-08-21
Pretty URL validaciones.uno/_user.php?&_=1701090918299 IP 204.93.224.184 ASN #23352 SERVERCENTRAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-21 14:20 Last Seen2024-08-21 03:56 Times Seen85 Hash 2b63dc45f813cda528091ec1fcc2d42c ec107f94d7f27367423eafed66a3666cd6a5b05f 7dded95d55e6af6686067cb3068a93d84708b07acc18ce3ff5dc943d5368f228 Loading...

	validaciones.uno/js/jquery.jclockNew.js	ScriptElement	7.8 kB	2023-03-07	2025-05-08
Pretty URL validaciones.uno/js/jquery.jclockNew.js IP 204.93.224.184 ASN #23352 SERVERCENTRAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-08 21:51 Times Seen212 Hash d5bd855b1a1ae610dab2f426107bc101 f3172d1d3ce6a90da44554d3c0d7bbc9910134a0 c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074 Loading...

	unknown	ScriptElement	9 B	2023-03-07	2025-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 07:51 Times Seen20193 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy	ScriptElement	54 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:44 Last Seen2024-08-20 17:44 Times Seen1 Hash 927ee43b1414d9377ee437f073027bf2 c6aaf1a23b001b11aca44aa647cdbb926aaa3d4b b227ec74859bac43222f3e72b14f1d6416ccf69a2158950ca6340efec8e5ada4 Loading...

	waust.at/s.js	ScriptElement	8.6 kB	2023-03-08	2025-04-19
Pretty URL waust.at/s.js IP 104.26.5.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29 Last Seen2025-04-19 11:15 Times Seen1788 Hash a41caf5294227669425cd5135a26b2a0 a26a13f88c51c37b58fbd8a6b444e9b9150fae16 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1 Loading...

	b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/group-jq.min.js	ScriptElement	104 kB	2023-06-24	2024-09-19
Pretty URL b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/group-jq.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-24 12:54 Last Seen2024-09-19 22:21 Times Seen242 Hash 382784ac4f4421222995f4d3d6b37e8b 833dc03f9dd6724ec5ad551b211586bb717755e2 ab453409a32214d7e65505f6eab9564c70e757fc9af096b4dfd62bad306eda02 Loading...

	validaciones.uno/script.php?tok=zeus1995	ScriptElement	10 kB	2023-10-22	2024-08-21
Pretty URL validaciones.uno/script.php?tok=zeus1995 IP 204.93.224.184 ASN #23352 SERVERCENTRAL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-22 14:08 Last Seen2024-08-21 03:51 Times Seen27 Hash a881e8b93841c5f06c7f61a1370595ad cbd1f39e79ccbc9f7d887d38022fb4d3ec5da40d f52c88ab6374bfa3dafaf0cd87b49af381852c9b024e78d472e6531deeccc36e Loading...

HTTP Transactions (31)

URL IP Response Size

dinamicabancolombia2245368.brizy.site/

13.248.211.84

200 OK

3.2 kB

URL User Request GET HTTP/2
dinamicabancolombia2245368.brizy.site/
IP
13.248.211.84:443
ASN
#16509 AMAZON-02

Certificate
IssuerSectigo Limited
Subject*.brizy.site
Fingerprint31:73:FA:45:40:C2:3F:11:AE:7D:66:FD:6B:E3:B8:56:28:22:88:F6
ValiditySat, 15 Apr 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8619)
Size
3.2 kB (3233 bytes)
Hash
f3d6335132de0699e1ab6a2622929889
5c7c10c45d4108d60273eecbf0acf5335e1df134
5b7809094ccf3e3cdd5496473b0ed3248a29519d69b6d03ce6bbc0550083770f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bancolombia

HTTP Headers

GET / HTTP/1.1
Host: dinamicabancolombia2245368.brizy.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 13:15:13 GMT
content-type: text/html; charset=UTF-8
content-length: 3233
x-brizy-preview: 1
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 6193434 1216541
age: 129687
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 438
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.7.0.min.js

151.101.66.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.7.0.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (30308 bytes)
Hash
e6c2415c0ace414e5153670314ce99a9
5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

HTTP Headers

GET /jquery-3.7.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-155a6"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Nov 2023 13:15:13 GMT
age: 6288713
x-served-by: cache-lga13623-LGA, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 73, 46280
x-timer: S1701090914.674461,VS0,VE0
vary: Accept-Encoding
content-length: 30308
X-Firefox-Spdy: h2

a-cloud.b-cdn.net/images/cropped-favicon-192x192.png

194.242.11.186

200 OK

5.2 kB

URL GET HTTP/2
a-cloud.b-cdn.net/images/cropped-favicon-192x192.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.2 kB (5170 bytes)
Hash
eab0a1e085d75f8a2c7e533da2fb6dea
b02cd286e0fade446f14c1c122d40faaded4ea47
a7a05115479692b0a78fb2cafcecdbcee9774742117f1ee8bf19f604f96a4744

HTTP Headers

GET /images/cropped-favicon-192x192.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:13 GMT
content-type: image/webp
content-length: 5170
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
last-modified: Mon, 27 Nov 2023 00:51:28 GMT
x-bo-server: DE-132
x-downloadsize: 36913
x-bo-origindownloadtime: 478
x-bo-processingtime: 0
x-bo-compressionratio: 85.99%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/27/2023 00:51:29
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/images/cropped-favicon-192x192.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 2f2362635a3d07b4e2bf6f439edae494
cdn-cache: HIT
X-Firefox-Spdy: h2

b-cloud.b-cdn.net/fonts/europa-bold.otf

194.242.11.186

200 OK

70 kB

URL GET HTTP/2
b-cloud.b-cdn.net/fonts/europa-bold.otf
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
OpenType font data\012- data
Size
70 kB (70044 bytes)
Hash
25f126bc5d17a77fd9ea3dbf22974daa
05e12b987cbfdeae0ce798cc8b30a8b79723b66c
6e64aec446bfc5fb3f7ea819a9c6643881e30175c87a39dafcb395adafcc5b83

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /fonts/europa-bold.otf HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dinamicabancolombia2245368.brizy.site
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:14 GMT
content-type: application/vnd.oasis.opendocument.formula-template
content-length: 70044
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "25f126bc5d17a77fd9ea3dbf22974daa"
last-modified: Fri, 14 Apr 2023 13:50:51 GMT
x-amz-id-2: JryFO6ykz0a/h2G5pNfq1XNEFxCKgyy4jzxx7ybWUD0MDCleaWEE3VoDzr83ITaNuBJqUMQSAJk=
x-amz-request-id: P7CBF8JQJXH20TSN
x-amz-server-side-encryption: AES256
x-amz-version-id: oyWdvT05AY6JnIAYIh6W7aGniCbSquZW
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 21:28:57
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/fonts/europa-bold.otf>; rel="canonical"
cdn-status: 200
cdn-requestid: 761a7ed1b47e8d9beca939464b7cc77d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

validaciones.uno/css/styles.css

204.93.224.184

200 OK

15 kB

URL GET HTTP/2
validaciones.uno/css/styles.css
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (360)
Size
15 kB (15202 bytes)
Hash
f6e40a2d702590c4d467be69ae238112
f736964327eeb514b94fc49c96ab49e0046216a8
2c1b32d98585fee04a38eb732834e0ccc33952800b6077064a197555cff4b551

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /css/styles.css HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: text/css
last-modified: Mon, 29 May 2023 14:44:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15202
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

fonts.bunny.net/css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap

194.242.11.186

200 OK

19 kB

URL GET HTTP/2
fonts.bunny.net/css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerLet's Encrypt
Subjectfonts.bunny.net
FingerprintDE:8E:DD:36:41:BD:57:62:70:98:7E:53:BE:EF:71:86:67:A8:68:58
ValidityMon, 16 Oct 2023 05:08:36 GMT - Sun, 14 Jan 2024 05:08:35 GMT

File type
ASCII text
Size
19 kB (18618 bytes)
Hash
c33693edea623c285508557ae596222a
77647c6b4251739ee8a3312328a0cbc57e13181c
1a74212d88a33b796d0a8068e7bd6e1d2acb9a4ef5305c2ac68beec657076d18

HTTP Headers

GET /css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:13 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Tue, 05 Sep 2023 16:05:37 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/05/2023 16:05:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ff5344b2425be0b71bde5731b9b48c39
cdn-cache: STALE
content-encoding: br
X-Firefox-Spdy: h2

b-cloud.b-cdn.net/builds/free/269-cloud/editor/css/preview.min.css

194.242.11.186

200 OK

42 kB

URL GET HTTP/2
b-cloud.b-cdn.net/builds/free/269-cloud/editor/css/preview.min.css
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41460 bytes)
Hash
f27440de0e01545cda326e1d9a3de945
bdd1829e0b6510b4969e1168d5fe54d06a946423
adbd4f0477b5a38e59f89ce0e36fffa25dbf4e7f1c5b20259ff2ba6ac27183ba

HTTP Headers

GET /builds/free/269-cloud/editor/css/preview.min.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:14 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"f27440de0e01545cda326e1d9a3de945"
last-modified: Fri, 03 Nov 2023 13:46:08 GMT
x-amz-id-2: Tzi0N2M9+2XKUMUSuVR3GGemfkRqI9kojre85BbZeIv345vGXnv3koy6i6u5hBzSFr/FFORr6k0=
x-amz-request-id: 4VWWZ55Z7G36H2MW
x-amz-server-side-encryption: AES256
x-amz-version-id: sthqug60UDzZE7WUY5rtAqtZACA8LL5x
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/27/2023 13:15:14
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/269-cloud/editor/css/preview.min.css>; rel="canonical"
cdn-status: 200
cdn-requestid: fd6dcd2e66800207256f868b7cc5b69a
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2

validaciones.uno/css/jquery-ui.css

204.93.224.184

200 OK

5.7 kB

URL GET HTTP/2
validaciones.uno/css/jquery-ui.css
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1363)
Size
5.7 kB (5738 bytes)
Hash
2b936d08a6d742e862a089716f02d90d
6afd4058ec593fbca3c56a423c24a3c47eb87171
c9eeb55f7cf16683b871600ce998b61b1031629097be96069d5741f33adaf6d1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /css/jquery-ui.css HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: text/css
last-modified: Mon, 29 May 2023 02:43:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5738
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400italic,400,700&subset=latin,cyrillic

142.250.74.106

200 OK

3.6 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400italic,400,700&subset=latin,cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
3.6 kB (3576 bytes)
Hash
80bc84642de0fa38fd0275d7f8897df4
24373d6d86b190fa246a06bbd052bf887b4d6aff
87d7e3b5582939d19473f43600adde0900afe8d52085f1127d91c69252dd05a7

HTTP Headers

GET /css?family=Open+Sans:400italic,400,700&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Nov 2023 13:15:13 GMT
date: Mon, 27 Nov 2023 13:15:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

validaciones.uno/script.php?tok=zeus1995

204.93.224.184

200 OK

3.1 kB

URL GET HTTP/2
validaciones.uno/script.php?tok=zeus1995
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, Unicode text, UTF-8 text
Size
3.1 kB (3111 bytes)
Hash
a881e8b93841c5f06c7f61a1370595ad
cbd1f39e79ccbc9f7d887d38022fb4d3ec5da40d
f52c88ab6374bfa3dafaf0cd87b49af381852c9b024e78d472e6531deeccc36e

HTTP Headers

GET /script.php?tok=zeus1995 HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Nov 2023 13:15:13 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

validaciones.uno/css/stylesheet.css

204.93.224.184

200 OK

185 B

URL GET HTTP/2
validaciones.uno/css/stylesheet.css
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
185 B (185 bytes)
Hash
9f0c41693174c65f2817410c62e7b7c0
4b353d309a9a37b3b062bf580d698b0a59ac2d30
70b12b4ea441b91094cc36e8b1ddc40fe4eeee8f7541fe3504abc1693c650ec8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /css/stylesheet.css HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: text/css
last-modified: Mon, 29 May 2023 14:47:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 185
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

validaciones.uno/js/jquery.jclockNew.js

204.93.224.184

200 OK

2.1 kB

URL GET HTTP/2
validaciones.uno/js/jquery.jclockNew.js
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
2.1 kB (2132 bytes)
Hash
d5bd855b1a1ae610dab2f426107bc101
f3172d1d3ce6a90da44554d3c0d7bbc9910134a0
c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /js/jquery.jclockNew.js HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: application/javascript
last-modified: Mon, 29 May 2023 03:43:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2132
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

validaciones.uno/_user.php?&_=1701090918299

204.93.224.184

200 OK

1.6 kB

URL GET HTTP/2
validaciones.uno/_user.php?&_=1701090918299
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (499)
Size
1.6 kB (1557 bytes)
Hash
2b63dc45f813cda528091ec1fcc2d42c
ec107f94d7f27367423eafed66a3666cd6a5b05f
7dded95d55e6af6686067cb3068a93d84708b07acc18ce3ff5dc943d5368f228

HTTP Headers

GET /_user.php?&_=1701090918299 HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:14 GMT
content-length: 1557
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Nov 2023 13:15:14 GMT
X-Firefox-Spdy: h2

sucursalpersonas.transaccionesbancolombia.com/mua/images/icons/icon-user.png

162.159.254.116

200 OK

447 B

URL GET HTTP/2
sucursalpersonas.transaccionesbancolombia.com/mua/images/icons/icon-user.png
IP
162.159.254.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerGlobalSign nv-sa
Subjectsucursalpersonas.transaccionesbancolombia.com
FingerprintD8:00:F5:0F:45:1E:A2:21:06:04:06:AF:14:F3:56:C7:B1:EF:94:24
ValidityMon, 26 Jun 2023 15:16:02 GMT - Sat, 27 Jul 2024 15:16:01 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
447 B (447 bytes)
Hash
0e3457ed5ea858d1e9287ef66dcbbfe4
006c99b62e141ebbc69f6e06cab757995d3f7417
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83

HTTP Headers

GET /mua/images/icons/icon-user.png HTTP/1.1
Host: sucursalpersonas.transaccionesbancolombia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://validaciones.uno/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:15 GMT
content-type: image/png
content-length: 447
x-frame-options: sameorigin, sameorigin, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 27 Apr 2021 13:04:03 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-content-security-policy: default-src 'self';
content-security-policy: default-src 'self'; script-src 'self' static.cloudflareinsights.com *.medallia.com *.kampyle.com https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com api.segment.io *.segment.com *.todo1.com *.ambientesbc.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com https://vars.hotjar.com/ *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://www.google-analytics.com *.medallia.com *.kampyle.com https://sessions.bugsnag.com *.doubleclick.net api.segment.io *.segment.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com https://vars.hotjar.com/ *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/  'self'; img-src *.medallia.com *.kampyle.com https://hexagon-analytics.com https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com images-cdn.info *.ambientesbc.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com https://vars.hotjar.com/ *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com https://vars.hotjar.com/ *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src *.todo-1.com *.medallia.com *.kampyle.com https://checkout.wompi.co 'self' https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.visualforce.com *.ambientesbc.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com https://vars.hotjar.com/ *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
access-control-allow-origin: https://c.na7.visual.fo.todo1.com
cf-cache-status: HIT
age: 468
expires: Mon, 27 Nov 2023 17:15:15 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=KE82wElTddmx6A9L7VqjmfFpxYmO5pp6jHT_PI34Nvg-1701090915-0-AWbhzjOq+7qaTjRh2Qwluvdf59zLGlL7v3iE4+khndeuGiMD0H5Mhjpq8qzff9i2wJuHeMsuI+un02/dAaQegRo=; path=/; expires=Mon, 27-Nov-23 13:45:15 GMT; domain=.transaccionesbancolombia.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82caa38bededdd7c-LHR
X-Firefox-Spdy: h2

validaciones.uno/fonts/opensans/OpenSans-Regular.ttf

204.93.224.184

200 OK

83 kB

URL GET HTTP/2
validaciones.uno/fonts/opensans/OpenSans-Regular.ttf
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Size
83 kB (82652 bytes)
Hash
d7d5d4588a9f50c99264bc12e4892a7c
513966e260bb7610d47b2329dba194143831893e
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dinamicabancolombia2245368.brizy.site
DNT: 1
Connection: keep-alive
Referer: https://validaciones.uno/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:14 GMT
content-type: font/ttf
last-modified: Thu, 24 Jun 2021 21:39:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 82652
date: Mon, 27 Nov 2023 13:15:14 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

validaciones.uno/fonts/opensans/CIBFontSans-Light.ttf

204.93.224.184

200 OK

53 kB

URL GET HTTP/2
validaciones.uno/fonts/opensans/CIBFontSans-Light.ttf
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved.\011CIBFont SansLight1.300;UKWN;CIBFont\012- data
Size
53 kB (52943 bytes)
Hash
69096387df83ff65381f8ee25006b0aa
89689ed7f7547a3815d9fa2d0a2c11513480086e
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /fonts/opensans/CIBFontSans-Light.ttf HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dinamicabancolombia2245368.brizy.site
DNT: 1
Connection: keep-alive
Referer: https://validaciones.uno/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:14 GMT
content-type: font/ttf
last-modified: Thu, 24 Jun 2021 21:38:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 52943
date: Mon, 27 Nov 2023 13:15:14 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

validaciones.uno/fonts/iconfont/icon_font_bc.ttf?61jkgi

204.93.224.184

200 OK

19 kB

URL GET HTTP/2
validaciones.uno/fonts/iconfont/icon_font_bc.ttf?61jkgi
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icon_font_bc\012- data
Size
19 kB (19129 bytes)
Hash
8c9559a3d94688605d1d5e1cf68d5ae0
5c2b8fb865aefcc42f119542faa12bcaeaefbb3a
ad0f43b7fd52d2f1574ba930c85ce401f95d69e21ad997ffe8e7ad98fec2ffda

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /fonts/iconfont/icon_font_bc.ttf?61jkgi HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dinamicabancolombia2245368.brizy.site
DNT: 1
Connection: keep-alive
Referer: https://validaciones.uno/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:14 GMT
content-type: font/ttf
last-modified: Thu, 24 Jun 2021 21:46:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19129
date: Mon, 27 Nov 2023 13:15:14 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy

142.250.74.132

200 OK

40 kB

URL GET HTTP/2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
gzip compressed data\012- data
Size
40 kB (40236 bytes)
Hash
d8d476f9e9a86aa432cff929d21779fe
cd2ae23c3e256a82b6d4eb3e81fb4dac211b5bd3
c898ee21197f30f8e64c7a99b112005c7f96adb5a9bd08a0bd2d49024ddcede9

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Nov 2023 13:15:15 GMT
content-security-policy: script-src 'nonce-7mFQyyiE-Tw3UugmHbOiyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t.dtscout.com/pv/?_a=v&_h=dinamicabancolombia2245368.brizy.site&_ss=1tqt6eapwf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5mdg&_cb=_dtspv.c

141.101.120.11

200 OK

25 kB

URL GET HTTP/2
t.dtscout.com/pv/?_a=v&_h=dinamicabancolombia2245368.brizy.site&_ss=1tqt6eapwf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5mdg&_cb=_dtspv.c
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
FingerprintED:BC:CA:7A:78:18:22:D3:92:DE:9B:2B:FD:8B:46:45:52:B6:A6:40
ValidityMon, 20 Nov 2023 09:56:51 GMT - Sun, 18 Feb 2024 09:56:50 GMT

File type
ASCII text, with no line terminators
Size
25 kB (24658 bytes)
Hash
3749815135f11dbc9148c195a00ddd66
b6b2d460d3a8530abc3b12a08db9ab32d4d3f687
54f32fed31065753407277932787fd21e6e4b3a70e48a114c71f8d9e884d38d2

HTTP Headers

GET /pv/?_a=v&_h=dinamicabancolombia2245368.brizy.site&_ss=1tqt6eapwf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5mdg&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Cookie: m=1; oa=1; df=1701090914
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:15 GMT
content-type: application/javascript
x-t: 0.151
x-c: 0
expires: Mon, 27 Nov 2023 13:15:14 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmNg5Q2Ojbai5GGDD7wDalJPrU2ooj0RxEDtJJ9Kfp3n58kFbDSSnGLsrsxgGu2ChyEzm8GHadurlaJTDSikMlrOy3iemroVST5Go6TNgDX8pMmECtCFupC1xShQfZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82caa38aefa05f0a-ARN
content-encoding: br
X-Firefox-Spdy: h2

t.dtscout.com/i/?l=https%3A%2F%2Fdinamicabancolombia2245368.brizy.site%2F&j=

141.101.120.11

200 OK

2.7 kB

URL GET HTTP/2
t.dtscout.com/i/?l=https%3A%2F%2Fdinamicabancolombia2245368.brizy.site%2F&j=
IP
141.101.120.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
FingerprintED:BC:CA:7A:78:18:22:D3:92:DE:9B:2B:FD:8B:46:45:52:B6:A6:40
ValidityMon, 20 Nov 2023 09:56:51 GMT - Sun, 18 Feb 2024 09:56:50 GMT

File type
ASCII text, with very long lines (2077)
Size
2.7 kB (2692 bytes)
Hash
51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c

HTTP Headers

GET /i/?l=https%3A%2F%2Fdinamicabancolombia2245368.brizy.site%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:14 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Mon, 27-Nov-2023 14:38:34 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Mon, 27-Nov-2023 17:15:14 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1701090914; Domain=dtscout.com; Expires=Wed, 06-Mar-2024 13:15:14 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.271
expires: Mon, 27 Nov 2023 13:15:13 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruv8nvHMgRdDuvUAGPySVTfzjNAaSbwzQVDvQ9Y8KX0a2TfG2BurwO8TaFZSGewNjjgcgPv3xyZGJlhlXUZI%2Bz6H9cK1FMRwZipI3dwbqHORRzEe%2FB6gzfqAsaE8qKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82caa388bc715f0a-ARN
content-encoding: br
X-Firefox-Spdy: h2

b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/group-jq.min.js

194.242.11.186

200 OK

104 kB

URL GET HTTP/2
b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/group-jq.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type

Size
104 kB (103469 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /builds/free/269-cloud/editor/js/group-jq.min.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:13 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"382784ac4f4421222995f4d3d6b37e8b"
last-modified: Fri, 03 Nov 2023 13:49:37 GMT
x-amz-id-2: lOutLkNbZ7p1/MXGC4a/gkEF9j6LfJl4UMeqt9oWEQmODjWLdHQyJQSQOwc6XUwVSjpOBdGP1LM=
x-amz-request-id: 91ZMXX4BC3BV6038
x-amz-server-side-encryption: AES256
x-amz-version-id: wW3wLmCgQXFa_fCqPOu8PU5rPIYZQk6.
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/27/2023 10:06:40
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/269-cloud/editor/js/group-jq.min.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 12b7a82c80dcc54f17e67b1dc6961eef
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

sucursalpersonas.transaccionesbancolombia.com/mua/images/logo.svg

162.159.254.116

200 OK

7.0 kB

URL GET HTTP/2
sucursalpersonas.transaccionesbancolombia.com/mua/images/logo.svg
IP
162.159.254.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerGlobalSign nv-sa
Subjectsucursalpersonas.transaccionesbancolombia.com
FingerprintD8:00:F5:0F:45:1E:A2:21:06:04:06:AF:14:F3:56:C7:B1:EF:94:24
ValidityMon, 26 Jun 2023 15:16:02 GMT - Sat, 27 Jul 2024 15:16:01 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7158), with no line terminators
Size
7.0 kB (7020 bytes)
Hash
25dd9ab906a1090c8148571c89804ff1
9bcc8fa0be2694bb947a3205d19424eba45c3993
801fb30278b9eedb6a6c1e9c87b6cb2c5d03765ed74d2e75fc931e52b998707b

HTTP Headers

GET /mua/images/logo.svg HTTP/1.1
Host: sucursalpersonas.transaccionesbancolombia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://validaciones.uno/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:15 GMT
content-type: image/svg+xml
x-frame-options: sameorigin, sameorigin, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 27 Apr 2021 13:04:03 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-content-security-policy: default-src 'self';
content-security-policy: default-src 'self'; script-src 'self' static.cloudflareinsights.com *.medallia.com *.kampyle.com https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com api.segment.io *.segment.com *.todo1.com *.ambientesbc.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com https://vars.hotjar.com/ *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://www.google-analytics.com *.medallia.com *.kampyle.com https://sessions.bugsnag.com *.doubleclick.net api.segment.io *.segment.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com https://vars.hotjar.com/ *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/  'self'; img-src *.medallia.com *.kampyle.com https://hexagon-analytics.com https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com images-cdn.info *.ambientesbc.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com https://vars.hotjar.com/ *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com https://vars.hotjar.com/ *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src *.todo-1.com *.medallia.com *.kampyle.com https://checkout.wompi.co 'self' https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.visualforce.com *.ambientesbc.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com https://vars.hotjar.com/ *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
access-control-allow-origin: https://c.na7.visual.fo.todo1.com
cf-cache-status: HIT
age: 468
expires: Mon, 27 Nov 2023 17:15:15 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=GSxYXEcA33aLB4P.mlbbmw3jNLcR5lexaxODADYpnnU-1701090915-0-AY9za+nZ0EHWHgzCzGG0l3jHV9Cwo6KW0Sek8yBzCY+0qGxsiCRG8nRFF6lKXUYTQymwsFI7B6Nlwpioy8ry0pw=; path=/; expires=Mon, 27-Nov-23 13:45:15 GMT; domain=.transaccionesbancolombia.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 82caa38bbdabdd7c-LHR
content-encoding: gzip
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__es.js

142.250.74.131

404 Not Found

0 B

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__es.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__es.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 13:15:15 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

validaciones.uno/css/keyboard_util.css

204.93.224.184

200 OK

1.6 kB

URL GET HTTP/2
validaciones.uno/css/keyboard_util.css
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1673), with no line terminators
Size
1.6 kB (1581 bytes)
Hash
5d41e8fff8b7a09871805b3c03005952
a3b5f21285d21fef87efa5fe87a08c03f927cc55
6fcc2efa099ff6e3a29afc9547cfe18747a2f299c27ba3ef276e9a7b470fa4eb

HTTP Headers

GET /css/keyboard_util.css HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: text/css
last-modified: Mon, 29 May 2023 02:43:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 494
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

cloud-1de12d.b-cdn.net/images/cropped-favicon-192x192.png

194.242.11.186

200 OK

5.2 kB

URL GET HTTP/2
cloud-1de12d.b-cdn.net/images/cropped-favicon-192x192.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.2 kB (5170 bytes)
Hash
eab0a1e085d75f8a2c7e533da2fb6dea
b02cd286e0fade446f14c1c122d40faaded4ea47
a7a05115479692b0a78fb2cafcecdbcee9774742117f1ee8bf19f604f96a4744

HTTP Headers

GET /images/cropped-favicon-192x192.png HTTP/1.1
Host: cloud-1de12d.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:15 GMT
content-type: image/webp
content-length: 5170
server: BunnyCDN-NO1-830
cdn-pullzone: 1532501
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
last-modified: Fri, 28 Jul 2023 10:58:50 GMT
x-bo-server: ASB-206
x-downloadsize: 36913
x-bo-origindownloadtime: 3
x-bo-processingtime: 1
x-bo-compressionratio: 85.99%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/28/2023 10:58:50
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/images/cropped-favicon-192x192.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 4fedde0096b3413af3cca804cedbe89d
cdn-cache: HIT
X-Firefox-Spdy: h2

b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/preview.min.js

194.242.11.186

200 OK

443 kB

URL GET HTTP/2
b-cloud.b-cdn.net/builds/free/269-cloud/editor/js/preview.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type

Size
443 kB (443312 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /builds/free/269-cloud/editor/js/preview.min.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:14 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"99cd8312a1e55fa5c641b58516aa6bb1"
last-modified: Fri, 03 Nov 2023 13:49:37 GMT
x-amz-id-2: t6IoQLlZw5700VZs/orLjVHiQ+ekC9X4D/qeNYI4+Fxk0gP/L1dlwCNnRbLvF5hpkut9xYeCdGE=
x-amz-request-id: 4VWQZ3A61GTPR97J
x-amz-server-side-encryption: AES256
x-amz-version-id: j8dVbuU0vmPbDJ97ShvjcInzTXhTKhKZ
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/27/2023 13:15:14
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/269-cloud/editor/js/preview.min.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 01638e557fa64909801782dcf8929aa7
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2

validaciones.uno/css/bootstrap.css

204.93.224.184

200 OK

121 kB

URL GET HTTP/2
validaciones.uno/css/bootstrap.css
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
assembler source, ASCII text, with very long lines (540)
Size
121 kB (121312 bytes)
Hash
1fc3bdfa418d0c8cb81c936148903e6d
e09cc2b94bb717dfcff66f0a24303eff7b37cccf
5e7aacc05a5cfe4d2fa8407d5a885b9c2511e0213fb5abd0599cdef3f0e0e524

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: text/css
last-modified: Mon, 29 May 2023 02:43:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17131
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

waust.at/s.js

104.26.5.7

200 OK

8.6 kB

URL GET HTTP/2
waust.at/s.js
IP
104.26.5.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:3D:6E:A9:C7:6B:CD:4B:7B:04:51:4F:D1:D7:10:2D:12:92:F9:58
ValiditySun, 04 Jun 2023 00:00:00 GMT - Mon, 03 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8826), with no line terminators
Size
8.6 kB (8560 bytes)
Hash
e035263c3e1d7ccd4168070e0954df82
8b47f35dfcada03dd10e1970081ca0b622bd94b9
3efdd12bf82a9d8985d85246e53a8150bc955948a5f0a4a2882ffc6242fdaa7c

HTTP Headers

GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Nov 2023 13:15:13 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
etag: W/"63c04115-2170"
expires: Tue, 28 Nov 2023 12:26:08 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 2945
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSfDHVK%2Bkf4qB0ghC3PVkNZFE0Si30Q7kI2f%2BdpfD%2FFLAS3AZIxBauWGNGxXlC5fdlunFeESjyZuSH%2FNGIqOewxBnp5e2tydvva%2F2hZsGO4ePIugMLIrpCvg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82caa3826c28712e-OSL
content-encoding: br
X-Firefox-Spdy: h2

validaciones.uno/css/ui.css

204.93.224.184

200 OK

14 kB

URL GET HTTP/2
validaciones.uno/css/ui.css
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
14 kB (13483 bytes)
Hash
fc4114c8fc5f70052eb79403116ba4c1
803d15f0eeb878417048c8fc28db4c53bec0f2ed
0265a31c7bea01a32328e09245aad8cf38ba3316a13e93080697b35e338f35b4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bancolombia

HTTP Headers

GET /css/ui.css HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: text/css
last-modified: Mon, 29 May 2023 02:43:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2783
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

validaciones.uno/css/showLoadingBank.css

204.93.224.184

200 OK

1.9 kB

URL GET HTTP/2
validaciones.uno/css/showLoadingBank.css
IP
204.93.224.184:443
ASN
#23352 SERVERCENTRAL

Requested by
https://dinamicabancolombia2245368.brizy.site/
Certificate
IssuercPanel, Inc.
Subjectvalidaciones.uno
FingerprintBE:EA:AD:18:A2:7C:6B:33:FA:A1:85:B8:3D:B3:88:B1:A3:E0:AC:F6
ValidityThu, 16 Nov 2023 00:00:00 GMT - Wed, 14 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2050), with no line terminators
Size
1.9 kB (1887 bytes)
Hash
1b1d47a241bc420f1e1a4da504b7817c
1ba4c887cb549a0869fef6839a655c4f0087f5d5
e5925af4f860697930d32bde4a9416edd2bdd40497c8a0abb41fa520cbc88c0f

HTTP Headers

GET /css/showLoadingBank.css HTTP/1.1
Host: validaciones.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dinamicabancolombia2245368.brizy.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 13:15:13 GMT
content-type: text/css
last-modified: Mon, 29 May 2023 07:49:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 491
date: Mon, 27 Nov 2023 13:15:13 GMT
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

142.250.74.131

200 OK

56 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=es&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&sa=action&cb=8evslk2xrrxy
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
56 kB (56398 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 23:50:25 GMT
expires: Tue, 19 Nov 2024 23:50:25 GMT
cache-control: public, max-age=31536000
age: 566690
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash