clientesgaficia.com Open in urlscan Pro
62.146.226.113  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response clientesgaficia.com/	18 KB 3 KB	540ms 98ms	Document text/html	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://clientesgaficia.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash a01449209caab2219a2a179e4a89479961b730cb4ee23b3181f2b11b52f0a6d1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html date Wed, 20 Dec 2023 02:25:09 GMT etag W/"6581b826-48c9" last-modified Tue, 19 Dec 2023 15:35:02 GMT server nginx x-powered-by PleskLin
GET H2	200	jquery.js Show response clientesgaficia.com/js/	378 KB 113 KB	240ms 239ms	Script text/javascript	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://clientesgaficia.com/js/jquery.js Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395 Request headers accept-language de-DE,de;q=0.9 Referer https://clientesgaficia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:09 GMT content-encoding br last-modified Tue, 21 Feb 2023 13:32:56 GMT server nginx etag W/"63f4c808-5e635" x-powered-by PleskLin content-type text/javascript
GET H2	200	functions.js Show response clientesgaficia.com/js/	28 KB 8 KB	332ms 331ms	Script text/javascript	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://clientesgaficia.com/js/functions.js Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash 4f3e1e8e26408f2c2415719d2860e7684aa7df6f30edd1c6f8bd45daf29ae35e Request headers accept-language de-DE,de;q=0.9 Referer https://clientesgaficia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:09 GMT content-encoding br last-modified Tue, 21 Feb 2023 14:44:15 GMT server nginx etag W/"63f4d8bf-6ea7" x-powered-by PleskLin content-type text/javascript
GET H2	200	bootstrap.min.css clientesgaficia.com/css/	25 KB 5 KB	332ms 332ms	Stylesheet text/css	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://clientesgaficia.com/css/bootstrap.min.css Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash c59cf21f325a57147e8fc22ffd3ba89a6b8c2c548608c65f0b77909e892359cc Request headers accept-language de-DE,de;q=0.9 Referer https://clientesgaficia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:09 GMT content-encoding br last-modified Tue, 15 Aug 2023 20:13:25 GMT server nginx etag W/"64dbdc65-65c0" x-powered-by PleskLin content-type text/css
GET H2	200	style.css clientesgaficia.com/css/	74 KB 11 KB	332ms 331ms	Stylesheet text/css	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://clientesgaficia.com/css/style.css Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash c957e3d95c89cdf2c5c46fa7703a1f600ce9baf0d1b6bc2a7edad313180895d5 Request headers accept-language de-DE,de;q=0.9 Referer https://clientesgaficia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:09 GMT content-encoding br last-modified Tue, 15 Aug 2023 18:29:12 GMT server nginx etag W/"64dbc3f8-126d9" x-powered-by PleskLin content-type text/css
GET H2	200	logo2.svg clientesgaficia.com/img/	3 KB 3 KB	214ms 214ms	Image image/svg+xml	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://clientesgaficia.com/img/logo2.svg Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash 46b079b8cb54ca6ede8b64c4a6cb07a0d1494747e969e7d226e8cd1067bfb88c Request headers accept-language de-DE,de;q=0.9 Referer https://clientesgaficia.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:10 GMT last-modified Sat, 25 Feb 2023 12:23:25 GMT server nginx etag "63f9fdbd-ae1" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 2785
GET H2	200	burbuja2.svg clientesgaficia.com/img/	2 MB 2 MB	121ms 121ms	Image image/svg+xml	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://clientesgaficia.com/img/burbuja2.svg Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash 1737867e619beb89d618c3451f682945f9126a57923e0b04ea1d79d2839eea7b Request headers accept-language de-DE,de;q=0.9 Referer https://clientesgaficia.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:10 GMT last-modified Sat, 25 Feb 2023 12:26:02 GMT server nginx etag "63f9fe5a-1a281a" x-powered-by PleskLin content-type image/svg+xml accept-ranges bytes content-length 1714202
GET H2	200	Inter-Regular.woff2 clientesgaficia.com/fonts/	87 KB 87 KB	213ms 213ms	Font font/woff2	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://clientesgaficia.com/fonts/Inter-Regular.woff2 Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash 77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720 Request headers Referer https://clientesgaficia.com/css/style.css Origin https://clientesgaficia.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:10 GMT last-modified Mon, 03 Oct 2022 17:28:57 GMT server nginx etag "633b1bd9-15c7c" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 89212
GET H2	200	fontawesome-webfont.woff2 clientesgaficia.com/fonts/	75 KB 76 KB	213ms 213ms	Font font/woff2	62.146.226.113 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://clientesgaficia.com/fonts/fontawesome-webfont.woff2 Requested by Host: clientesgaficia.com URL: https://clientesgaficia.com/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.146.226.113 Burgthann, Germany, ASN40021 (NL-811-40021, US), Reverse DNS vmi10401.fybeservers.com Software nginx / PleskLin Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://clientesgaficia.com/css/style.css Origin https://clientesgaficia.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 02:25:10 GMT last-modified Mon, 03 Oct 2022 17:28:57 GMT server nginx etag "633b1bd9-12d68" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 77160

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Galicia (Banking)

407 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt object| documentPictureInPicture function| setRulesLogin function| setRulesPerfilContacto function| setRulesAliasContacto function| setRulesAliasCBU function| setRulesGenericas function| setRulesCargaMailTelefono function| AES_CBC_Encrypt function| keyIsDefinedInArrayOfJSON function| esTelefonoPermitido function| RenewTimeOut function| RenewTimeOutClientSide function| MostrarModalError function| RenovarTimeOutServer function| enmascararInputsGtm function| TimeOutAlert function| createAACookie function| createCookie function| readCookie function| clearCookie function| clearAllCookies function| getCurrentDecimalSeparator function| getIntPart function| getDecPart function| toFloat function| formatNmbToMiles function| LockUserControl function| showGlobalLoading function| ExternalLink function| Link function| doPost function| doPostWithArgs function| base64encode function| OnJsError function| IsAjaxError function| GetAjaxJsonErrorDescription function| WindowOpen function| Back function| goToMenuLinkModule function| ValidateRegExOnEvent function| ValidateRegEx function| validarDrop function| validarPasteDrop function| isFloat function| trim function| Empty function| trimSpaces function| trimStart function| trimNonDigits function| RemoveNonNumericCharacters function| HBRegisterInteraction function| isLocationComplete function| isRFC822ValidEmail function| PasswordComplexValidation function| evalRefererDomainBackNavigation function| disableFormAfterSubmit function| inputValidate function| seleccionarCuenta function| seleccionarCuentaEnMultiple function| seleccionarCuentaComitente function| htmlEncode function| htmlDecode function| closeBanner function| funcionalidadNoDisponible function| CompartirCuenta function| descargarComprobanteMovimientoCuenta function| cuitFormat function| formatCUIT function| amountFormat function| formatNumber function| formatCBU function| formatNumeroEnElemento function| formatEnteros function| isDefined function| digitalAnalyticsElementTagCustomerEffort function| getAge function| IECheck_Version function| isIE9 function| formatDate function| Count function| getAddsContainers function| loadAdds function| notificarAccionRTD function| mostrarAlertaEncabezado function| importeVisibleValido function| linkAOtraPestaña function| ReloadOnBoarding function| logFormData function| logNavStack function| menuDolaresNoDisponible function| replaceAll function| quitarCaracteresNoDeseados function| RefreshToken function| formatearTelefono function| RSAKeyPair function| twoDigit function| encryptedString function| decryptedString function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort function| BlackberryLocationCollector function| detectFields function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath function| convertTimestampToGMT function| getTimestampInMillis function| debug function| convertType function| waitForAjaxsCompleted function| printObj function| showModalAlertTimeOut object| timeOutMinutes boolean| timeOutModal undefined| _countDownTimerTimeOut boolean| lockUserControlFlag function| freezeVp string| advertisementContainerClassName number| dpl10 object| lr10 object| hexatrigesimalToChar object| hexToChar object| highBitMasks object| lowBitMasks function| Hashtable object| ProxyCollector object| TimestampCollector object| UIEventCollector object| BrowserDetect number| svcDefaultTimeoutMs boolean| userDebug boolean| isMobile number| mobileDimensionLimit string| htmlSelection string| htmlFilter string| decimalSeparator string| mileSeparator object| telefonosNoAdmitidos object| regEx_not_number object| regEx_number_char object| regEx_not_number_dot_comma object| regEx_amount object| regEx_numbersdotcoma object| regEx_numbersdot object| regEx_numbers object| regEx_phone_with_space object| regEx_phone object| regEx_number object| regEx_number_consecutives_identical object| regEx_number_consecutives_sequential object| regEx_numbers_dot_comma object| regEx_alpha object| regEx_alpha_space object| regEx_alphanumeric_contains object| regEx_alpha_contain object| regEx_alphanumeric object| regEx_not_alphanumeric object| regEx_alphanumeric_min object| regEx_not_alphanumeric_min object| regEx_alphanumeric_space object| regEx_alphanumeric_space_alias object| regEx_alphanumeric_codearea object| regEx_alphanumeric_specialcharacters_space_alias object| regEx_charactersspecial_agenda_transferencia object| regEx_alphanumeric_space_enie object| regEx_alphanumeric_dot_guion object| regEx_alphanumeric_space_dot_comma object| regEx_alphanumeric_space_enie_dot_comma object| regEx_alphanumeric_enie_dot_comma object| regEx_alphanumeric_enie_dot_comma_alias object| regEx_alphanumeric_user object| regEx_alphanumeric_user_char_amount object| regEx_decimal_two_digits object| regEx_not_leading_whitespace object| regex_no_space object| regEx_mail object| regEx_writeMail object| reg_Domain object| reg_Date object| regEx_alpha_space_enie object| regEx_alpha_space_mark object| regEx_Longitud_6a20 object| regEx_Longitud_8a20 object| regEx_codArea2digitos object| regEx_codArea3digitos object| regEx_codArea4digitos number| cantidadEnteraDefault number| cantidadDecimalDefault number| RTD_TIPO_ACCION_NOTIFICACION_PRIMARIA number| RTD_TIPO_ACCION_NOTIFICACION_SECUNDARIA number| RTD_TIPO_ACCION_NOTIFICACION_CERRAR object| filterKeys string| EVENT_HOTJAR string| EVENT_OPERATION_SUCCESS string| EVENT_ADD_TO_CART string| HOTJAR_ATTRIBUTE string| OP_NAME_TARJETAS_PAGO string| STRING_EMPTY number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne string| SEP string| PAIR string| DEV string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| $ function| jQuery function| moment function| forceIE89Synchronicity object| aesjs function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| customcarousel function| Unipointer function| Unidragger function| TapListener function| imagesLoaded function| getIsMobile function| getIsDevice function| ocultarTooltip function| agregarTooltipsFima function| agregarIconoAyudaTooltip function| updateInputs boolean| capsLockEnabled function| checkWarning function| inputsEfect function| closeAlert function| openPanel function| bindClosePanel function| closePanel function| fixedMenu function| fixedFooter function| fixMarginBottom function| fixedHeader function| fixPerfil function| fixPadding function| inputWidth function| inputAutosize function| btnTooltip function| hiddenMenu function| showMenu function| showErrorModal function| showHBModal function| carouselEffect function| showShadow function| dropdownMobile function| stopBodyScrolling function| btnRippled function| contentScroll function| contentFix function| inputLowerCase function| closeDropdown function| fixBottomBlur function| fixModal function| inputExtraInfo function| toLowerCapitalize function| setTooltips function| updateTooltips undefined| csid function| resetBc function| getCookie function| setCookie object| modal number| widthGuia number| heightGuia string| overlayGuia string| botonSalir string| botonSiguiente string| botonAnterior string| botonFinalizar string| espacio string| botonEntendido string| mantle string| hole boolean| guiaIniciada number| diferenciaPixels object| listaMensajes string| contentGuia function| inicializarGuiaNovedad function| inicializarGuiaVoluntaria function| inicializarGuia object| resizeTimeout function| AttachResizeGuia function| AttachGuia function| precargarGuias function| setUnicoModal function| setUnicaBurbuja function| setPrimeraBurbuja function| setPrimerModal function| setModal function| setSegundoYUltimoMensaje function| setSegundoYUltimoMensajeBurbuja function| setUltimoMensaje function| setSegundoMensaje function| setMensajeIntermedio function| setMensaje function| getTopOffset function| ObtenerMensajesAMostrar function| terminarGuia function| mostrarProximaGuia function| getDataGuiaPorID function| mostrarGuia function| createHole function| getIdGuia function| guiaNoInteresa function| getJsonGuia function| cerrar function| getUbicacionGuia function| fixGuiaView function| guiaIsVisible function| lockGuia function| guiaInWidthViewPort function| elementInViewport function| fixHole function| bcSmartLoad boolean| remember boolean| processedLogin function| validateForm function| validateInput function| maxLengthCheck function| SubmitLoginForm function| setDummyDataAndSubmit function| blockInputs function| unblockInputs object| plugin string| t

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clientesgaficia.com
62.146.226.113
1737867e619beb89d618c3451f682945f9126a57923e0b04ea1d79d2839eea7b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
46b079b8cb54ca6ede8b64c4a6cb07a0d1494747e969e7d226e8cd1067bfb88c
4f3e1e8e26408f2c2415719d2860e7684aa7df6f30edd1c6f8bd45daf29ae35e
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720
a01449209caab2219a2a179e4a89479961b730cb4ee23b3181f2b11b52f0a6d1
c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395
c59cf21f325a57147e8fc22ffd3ba89a6b8c2c548608c65f0b77909e892359cc
c957e3d95c89cdf2c5c46fa7703a1f600ce9baf0d1b6bc2a7edad313180895d5