wwwgrupobancolombia-2024.glitch.me Open in urlscan Pro
34.198.68.168 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wwwgrupobancolombia-2024.glitch.me/
Submission: On August 01 via api (August 1st 2024, 12:35:22 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 34.198.68.168, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wwwgrupobancolombia-2024.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time wwwgrupobancolombia-2024.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bancolombia (Banking)

Domain & IP information

	IP Address	AS Autonomous System
5	34.198.68.168 34.198.68.168	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
1	169.62.185.103 169.62.185.103	36351 (SOFTLAYER) (SOFTLAYER)
1	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
11	7

5 34.198.68.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-68-168.compute-1.amazonaws.com

wwwgrupobancolombia-2024.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.62.185.103 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 67.b9.3ea9.ip4.static.sl-reverse.com

www.bancolombia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	glitch.me wwwgrupobancolombia-2024.glitch.me	105 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	32 KB
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 5710	463 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2512	157 B
1	bancolombia.com www.bancolombia.com — Cisco Umbrella Rank: 202409	56 KB
0	sirv.com Failed ocastant.sirv.com Failed
11	6

	Domain	Requested by
5	wwwgrupobancolombia-2024.glitch.me	wwwgrupobancolombia-2024.glitch.me
1	fonts.googleapis.com	wwwgrupobancolombia-2024.glitch.me
1	ipinfo.io	ajax.googleapis.com
1	api.ipify.org	ajax.googleapis.com
1	www.bancolombia.com	wwwgrupobancolombia-2024.glitch.me
1	ajax.googleapis.com	wwwgrupobancolombia-2024.glitch.me
0	ocastant.sirv.com Failed	wwwgrupobancolombia-2024.glitch.me
11	7

This site contains no links.

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.bancolombia.com GlobalSign Extended Validation CA - SHA256 - G3	`2024-03-21` - `2025-04-22`	a year	crt.sh
ipify.org WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh
ipinfo.io R10	`2024-07-03` - `2024-10-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wwwgrupobancolombia-2024.glitch.me/
Frame ID: 1701BB19ED7B44415E8999567AB71D71
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

194 kB
Transfer

234 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wwwgrupobancolombia-2024.glitch.me/ 3 KB
4 KB 432ms
149ms Document
text/html 34.198.68.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwgrupobancolombia-2024.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.68.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-68-168.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b1a6330b6fca87ae58bdd0b005d870f5a43f0b8774cebb271cf9fcfe6613bd8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 3501
content-type: text/html; charset=utf-8
date: Thu, 01 Aug 2024 12:35:17 GMT
etag: "cb3c712fa70d7ea2414263c954ec899f"
last-modified: Thu, 01 Aug 2024 09:04:26 GMT
server: AmazonS3
x-amz-id-2: zxxFsgT3HlH5dr3+NZ4BsCVFDCcQltDDW5shK36n1DL3yt3IbtE0bXgmbYJnWAu+ayjDFs7VadhPcRZCvKSPbrDN/Ag9sEIiCXKbGNauC8w=
x-amz-request-id: YR0DH0FB2PNCPN2T
x-amz-server-side-encryption: AES256
x-amz-version-id: _GUIiwSR1iYe.plVTOsSd3Jy9r7xeNai

GET
H2 200 bootstrap.min.css
wwwgrupobancolombia-2024.glitch.me/ 0
357 B 138ms
136ms Stylesheet
text/css 34.198.68.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwgrupobancolombia-2024.glitch.me/bootstrap.min.css
Requested by: Host: wwwgrupobancolombia-2024.glitch.me
URL: https://wwwgrupobancolombia-2024.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.68.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-68-168.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 12:35:17 GMT
x-amz-version-id: LcoFY5XVMFP2xA1DZ.4sVF5YaQVqbkkS
last-modified: Thu, 01 Aug 2024 09:04:26 GMT
server: AmazonS3
x-amz-request-id: YR01FNSPTYDEKZQM
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-amz-id-2: 4VwUb+dSe+gqu0lIkk1rvxYD5gJlMKt2RDdCNxUaAhjvv67Y8Gvr4VlcAZrXsXXshy0shH3qWYEE78zw7cjojREzO+uf9m2v

GET
H2 200 util.css
wwwgrupobancolombia-2024.glitch.me/ 82 KB
82 KB 239ms
237ms Stylesheet
text/css 34.198.68.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwgrupobancolombia-2024.glitch.me/util.css
Requested by: Host: wwwgrupobancolombia-2024.glitch.me
URL: https://wwwgrupobancolombia-2024.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.68.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-68-168.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f6a1bf1a2feaa4d348eacdab000520448ecc3cf6dc1a806985b4a5c49dbff036

Request headers

Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 12:35:17 GMT
x-amz-version-id: AvnWO2ZKGAw1sx2nf.Ma4DbpU3L7CGew
last-modified: Thu, 01 Aug 2024 09:04:26 GMT
server: AmazonS3
x-amz-request-id: YR01KXZASSPNTY0J
etag: "32935f56494b8a5536ea368e13e46af0"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 83813
x-amz-id-2: kMpb6omWTaebNASe/cVTqMLvJB2XaXZ9I6O+DsSEGYMP3YI0e2y4JDuimfbFmOc0OVZm9VUMU2o=

GET
H2 200 main.css
wwwgrupobancolombia-2024.glitch.me/ 13 KB
14 KB 137ms
135ms Stylesheet
text/css 34.198.68.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwgrupobancolombia-2024.glitch.me/main.css
Requested by: Host: wwwgrupobancolombia-2024.glitch.me
URL: https://wwwgrupobancolombia-2024.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.68.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-68-168.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b5d9c6ccc6f8719760801dd385bb455e4f16537d5ac17f2059ca0702383677e2

Request headers

Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 12:35:17 GMT
x-amz-version-id: nOXUjhJk7JQLQYrcIIABW..N2MKLqpVO
last-modified: Thu, 01 Aug 2024 09:04:26 GMT
server: AmazonS3
x-amz-request-id: YR0EN3H8XATCXJM5
etag: "3b9195b36f73edd0dbdecb586f03bedf"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 13646
x-amz-id-2: MNVg+m/05Z25FBSEQBRGo2iwTph9mKE4EvRl23YWNOFxd2qwgxCQ+7OPIhz+/S8WnfiPmMI83m0=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 419ms
37ms Script
text/javascript 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: wwwgrupobancolombia-2024.glitch.me
URL: https://wwwgrupobancolombia-2024.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 13:34:02 GMT

GET
H/1.1 200
OK logo-grupo-bancolombia.png
www.bancolombia.com/wcm/connect/www.bancolombia.com-26918/08749bce-7395-4b19-b23c-e7fd93047a0a/ 43 KB
56 KB 1118ms
131ms Image
image/png 169.62.185.103
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancolombia.com/wcm/connect/www.bancolombia.com-26918/08749bce-7395-4b19-b23c-e7fd93047a0a/logo-grupo-bancolombia.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE.Z18_K9HC1202P86O40QTNS9EAE1S47-08749bce-7395-4b19-b23c-e7fd93047a0a-nVP-YUW

Requested by

Host: wwwgrupobancolombia-2024.glitch.me
URL: https://wwwgrupobancolombia-2024.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.62.185.103 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

67.b9.3ea9.ip4.static.sl-reverse.com

Software

Resource Hash

5a03ffcd505e4a9382fe09f194f64c564c0adf05eee975ee24100313b18a3769

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://play.vidyard.com .vidyard.com .onesignal.com .segment.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' region1.google-analytics.com region1.analytics.google.com .google-analytics.com .analytics.google.com https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https:// https://srvfrontcer.claro.com.co:7002 https://widget.sndcdn.com .sndcdn.com https://js-agent.newrelic.com .newrelic.com https://bam.nr-data.net .nr-data.net .claro.com.co .claro.com .googleadservices.com .tags.bkrtx.com .tags.bluekai.com .amazonaws.com https://s3.amazonaws.com https://static.opentok.com https://static.opentok.com .opentok.com https://browseranalytic.com .browseranalytic.com https://widget.sndcdn.com .sndcdn.com https://js.hsforms.net .hsforms.net https://scp.kampyle.com .individeo.com .kampyle.com https://tpbancolombia.teleperformance.co .teleperformance.co https://stati.in .stati.in blob: https://play.vidyard.com .vidyard.com https://static.zdassets.com https://clousc.com .clousc.com https://static.hsappstatic.net .hsappstatic.net https://forms.hsforms.com .hsforms.com .zdassets.com https://plinksoporte.zendesk.com .zendesk.com https://play.vidyard.com .vidyard.com https://d10lpsik1i8c69.cloudfront.net https://app.hubspot.com .hubspot.com https://a.omappapi.com .omappapi.com https://js.hs-scripts.com .hs-scripts.com .cloudfront.net https://people.wsuite.com .wsuite.com https://js.hs-analytics.net .hs-analytics.net https://widget-mediator.zopim.com .zopim.com https://js.hs-banner.com .hs-banner.com https://ajax.googleapis.com .googleapis.com https://static.browseranalytic.com https://code.angularjs.org https://player.vimeo.com .vimeo.com .angularjs.org .browseranalytic.com .connect.facebook.net .facebook.net https://polyfill.io .polyfill.io https://library-sdb.apps.bancolombia.com .bancolombia.com https://f.vimeocdn.com .vimeocdn.com https://syndication.twitter.com .twitter.com https://cdn.syndication.twimg.com .twimg.com .facebook.com .script.hotjar.com https://asistencia.webv2.allus.com.co https://cdn.todo1.com .todo1.com .allus.com.co .vars.hotjar.com .t.co .gstatic.com .analytics.twitter.com .twitter.com .cdnjs.cloudflare.com .cloudflare.com .googletagmanager.com .google-analytics.com .snap.licdn.com .licdn.com .static.ads-twitter.com .ads-twitter.com .p.adsymptotic.com .adsymptotic.com .sync.teads.tv .facebook.com https://code.jquery.com .jquery.com .px.ads.linkedin.com https://stackpath.bootstrapcdn.com .bootstrapcdn.com .linkedin.com .stats.g.doubleclick.net .doubleclick.net .static.hotjar.com https://static.hotjar.com https://tags.bkrtx.com https://tags.bluekai.com https://www.google.com https://script.hotjar.com .grupobancolombia.com https://lptag.liveperson.net https://maps.googleapis.com .google.com https://www.google-analytics.com .google-analytics.com .cdn.dynamicyield.com .st.dynamicyield.com .rcom.dynamicyield.com https://cdn.dynamicyield.com https://st.dynamicyield.com https://rcom.dynamicyield.com https://unpkg.com https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://www.sc.pages03.net https://www.youtube.com .youtube.com https://resources.digital-cloud-west.medallia.com https://cdn.jsdelivr.net .cdn.jsdelivr.net https://www.googleoptimize.com https://api.glia.com/ .onesignal.com .segment.com; img-src 'self' region1.google-analytics.com region1.analytics.google.com .google-analytics.com .analytics.google.com https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ data: https:// https://srvfrontcer.claro.com.co:7002 https://a.tribalfusion.com .tribalfusion.com https://dpm.demdex.net .demdex.net .claro.com.co .claro.com .cloudfront.net .px.ads.linkedin.com .linkedin.com .facebook.com .amazonaws.com https://secure.gravatar.com .gravatar.com https://pf-emoji-service--cdn.us-east-1.prod.public.atl-paas.net .atl-paas.net https://vop.sundaysky.com .sundaysky.com https://odr.mookie1.com .mookie1.com https://monstat.com .monstat.com https://pxl.jivox.com .jivox.com https://vop.sundaysky.com .sundaysky.com https://s3.amazonaws.com https://cdn2.hubspot.net https://i.stack.imgur.com .imgur.com .cloudfront.net https://widget.sndcdn.com .sndcdn.com https://i1.sndcdn.com .sndcdn.com https://a.omappapi.com .omappapi.com .hubspot.net https://upload.wikimedia.org .wikimedia.org https://f.hubspotusercontent20.net https://play.vidyard.com .vidyard.com .hubspotusercontent20.net https://i1.sndcdn.com .sndcdn.com https://track.hubspot.com https://i1.wp.com .wp.com https://theme.zdassets.com .zdassets.com .hubspot.com https://soporte.plink.com.co .plink.com.co https://cx.atdmt.com .atdmt.com https://i.ytimg.com https://b1sync.zemanta.com .zemanta.com https://sync.crwdcntrl.net .crwdcntrl.net https://www.googletagmanager.com .googletagmanager.com https://platform.twitter.com .twitter.com https://abs.twimg.com .ytimg.com https://i.vimeocdn.com .vimeocdn.com https://xrbcqpor01.bancolombia.com:10039 .bancolombia.com https://maps.googleapis.com .googleapis.com https://yt3.ggpht.com .ggpht.com https://connect.facebook.net .facebook.net https://asistencia.webv2.allus.com.co .allus.com.co .google-analytics.com .t.co https://t.co .google.com https://www.google.com.co https://p.adsymptotic.com .cdn.dynamicyield.com .dynamicyield.com .grupobancolombia.com https://tags.bluekai.com .pages03.net .maps.gstatic.com https://maps.gstatic.com .gstatic.com https://resources.digital-cloud-west.medallia.com https://sync.teads.tv .teads.tv https://googleads.g.doubleclick.net .googleads.g.doubleclick.net .onesignal.com .segment.com; media-src 'self' https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https:// https://srvfrontcer.claro.com.co:7002 .claro.com.co .claro.com .googleadservices.com .grupobancolombia.com .amazonaws.com .cloudfront.net https://s3.amazonaws.com https://static.zdassets.com .zdassets.com https://static.zdassets.com .zdassets.com https://www.youtube.com https://asistencia.webv2.allus.com.co .allus.com.co .youtube.com blob: data: .onesignal.com .segment.com; frame-src 'self' https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://ws.grupokonecta.co:5000/ https://* https://srvfrontcer.claro.com.co:7002 https://widget.spreaker.com .spreaker.com .claro.com.co .claro.com .googleadservices.com https://bcapi.apichefcompany.com .cloudfront.net .apichefcompany.com .google-analytics.com .facebook.com https://w.soundcloud.com .soundcloud.com https://series1.cma.com.br .cma.com.br https://bancolombia.olb.todo1.com .todo1.com https://tpbancolombia.teleperformance.co .teleperformance.co https://extractosinternet.bancolombia.com .bancolombia.com https://forms.hsforms.com .hsforms.com https://play.vidyard.com .vidyard.com https://platform.twitter.com .twitter.com https://vars.hotjar.com https://player.vimeo.com .vimeo.com https://resources.digital-cloud-west.medallia.com .medallia.com https://asistencia.webv2.allus.com.co .allus.com.co https://series1.cma.com.br .cma.com.br https://stags.bluekai.com https://api.skaduks.com https://bid.g.doubleclick.net .grupobancolombia.com https://www.google.com .google.com https://www.google-analytics.com https://cdn.dynamicyield.com .dynamicyield.com https://lpcdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://www.youtube.com .youtube.com https://9811311.fls.doubleclick.net https://webapp1.allus.com.co https://gmsdigitales.claro.com.co:8443 https://vc.hotjar.io .onesignal.com .segment.com; style-src 'self' 'unsafe-inline' https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://* https://srvfrontcer.claro.com.co:7002 .claro.com.co .claro.com https://asistencia.webv2.allus.com.co https://cdnjs.cloudflare.com .cloudflare.com https://library-sdb.apps.bancolombia.com .bancolombia.com .amazonaws.com https://s3.amazonaws.com https://assets.kampyle.com .kampyle.com https://cdn2.hubspot.net .hubspot.net https://galatea-dev.apps.ambientesbc.com .ambientesbc.com https://cdn.jsdelivr.net .jsdelivr.net https://cdn2.hubspot.net https://assets.vidyard.com .vidyard.com .hubspot.net https://static.zdassets.com .zdassets.com .webv2.allus.com.co https://www.gstatic.com .gstatic.com https://f.vimeocdn.com .vimeocdn.com https://platform.twitter.com .twitter.com https://www.grupobancolombia.com https://use.fontawesome.com .fontawesome.com .grupobancolombia.com https://stackpath.bootstrapcdn.com .bootstrapcdn.com https://nominatim.openstreetmap.org https://servcompwctb.claro.com.co https://fonts.googleapis.com .google.com https://www.google-analytics.com .google-analytics.com https://www.google.com https://unpkg.com .onesignal.com .segment.com; connect-src 'self' region1.google-analytics.com region1.analytics.google.com .google-analytics.com .analytics.google.com https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https:// https://bam.nr-data.net .nr-data.net https://srvfrontcer.claro.com.co:7002 .claro.com.co .claro.com https://gms-digitales.claro.com.co:8443 .claro.com.co:8443 .claro.com.co:8030 https://webrtc.claro.com.co:8030 .stats.g.doubleclick.net .cloudfront.net https://fresnel.vimeocdn.com .vimeocdn.com data: https://player-telemetry.vimeo.com .vimeo.com https://api-widget.soundcloud.com .soundcloud.com https://external.apps.bancolombia.com .bancolombia.com https://api.us.apiconnect.ibmcloud.com .ibmcloud.com https://jsonip.com .jsonip.com https://resources.digital-cloud-west.medallia.com .medallia.com https://inveco-services.qdata.io .qdata.io https://identify.hotjar.com https://wave.sndcdn.com .sndcdn.com https://api.ipify.org .ipify.org .hotjar.com https://alivionofinancieros.isobarapi.com .individeo.com https://track.individeo.com .isobarapi.com https://130vod-adaptive.akamaized.net .akamaized.net https://c.browseranalytic.com .amazonaws.com https://s3.amazonaws.com .claro.com.co .claro.com https://forms.hsforms.com .hsforms.com https://tpbancolombia.teleperformance.co .teleperformance.co https://raw.vidyard.com .vidyard.com wss://tpbancolombia.teleperformance.co .teleperformance.co https://ekr.zdassets.com https://api-k8-cer.plink.com.co https://api.plink.com.co .plink.com.co https://api.omappapi.com .omappapi.com .zdassets.com wss://widget-mediator.zopim.com .zopim.com https://plinksoporte.zendesk.com .zendesk.com https://settings.luckyorange.net .luckyorange.net https://digital.sanchobbdoapp.com https://www.calculadoralaboral.co .calculadoralaboral.co .sanchobbdoapp.com .browseranalytic.com https://strfeedrt01.cma.com.br .cma.com.br https://syndication.twitter.com .twitter.com https://stats.g.doubleclick.net https://bcapi.apichefcompany.com .apichefcompany.com https://bid.g.doubleclick.net .googlevideo.com https://api.skaduks.com https://nominatim.openstreetmap.org https://servcompwctb.claro.com.co:7002 .cdn.dynamicyield.com .dynamicyield.com https://www.google.com .google.com https://www.google-analytics.com .google-analytics.com .cdn.dynamicyield.com .st.dynamicyield.com .rcom.dynamicyield.com https://cdn.dynamicyield.com https://st.dynamicyield.com https://rcom.dynamicyield.com https://www.facebook.com https://cdn.jsdelivr.net .jsdelivr.net .facebook.com https://external-qa.apps.ambientesbc.com https://lpcdn.lpsnmedia.net https://firestore.googleapis.com https://www.youtube.com .youtube.com https://9811311.fls.doubleclick.net https://webapp1.allus.com.co https://yt3.ggpht.com .yt3.ggpht.com https://i.ytimg.com .i.ytimg.com .googleads.g.doubleclick.net https://googleads.g.doubleclick.net .grupobancolombia.com https://gmsdigitales.claro.com.co:8443 https://vc.hotjar.io .onesignal.com .segment.com; font-src 'self' data: https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https:// https://srvfrontcer.claro.com.co:7002 https://www.grupobancolombia.com .grupobancolombia.com .cloudfront.net https://cdnjs.cloudflare.com .cloudflare.com https://jsbin-user-assets.s3.amazonaws.com .amazonaws.com https://static.zdassets.com .zdassets.com https://assets.kampyle.com .kampyle.com https://fonts.gstatic.com .gstatic.com https://library-sdb.apps.bancolombia.com .bancolombia.co https://galatea-dev.apps.ambientesbc.com .ambientesbc.com https://stackpath.bootstrapcdn.com .bootstrapcdn.com https://use.fontawesome.com .fontawesome.com .onesignal.com *.segment.com; frame-ancestors 'self' https://ws.grupokonecta.co:5000/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 12:29:08 GMT
Via: NS-CACHE-10.0: 227
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src 'self' https://play.vidyard.com *.vidyard.com *.onesignal.com *.segment.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' region1.google-analytics.com region1.analytics.google.com *.google-analytics.com *.analytics.google.com https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://* https://srvfrontcer.claro.com.co:7002 https://widget.sndcdn.com *.sndcdn.com https://js-agent.newrelic.com *.newrelic.com https://bam.nr-data.net *.nr-data.net *.claro.com.co *.claro.com *.googleadservices.com *.tags.bkrtx.com *.tags.bluekai.com *.amazonaws.com https://s3.amazonaws.com https://static.opentok.com https://static.opentok.com *.opentok.com https://browseranalytic.com *.browseranalytic.com https://widget.sndcdn.com *.sndcdn.com https://js.hsforms.net *.hsforms.net https://scp.kampyle.com *.individeo.com *.kampyle.com https://tpbancolombia.teleperformance.co *.teleperformance.co https://stati.in *.stati.in blob: https://play.vidyard.com *.vidyard.com https://static.zdassets.com https://clousc.com *.clousc.com https://static.hsappstatic.net *.hsappstatic.net https://forms.hsforms.com *.hsforms.com *.zdassets.com https://plinksoporte.zendesk.com *.zendesk.com https://play.vidyard.com *.vidyard.com https://d10lpsik1i8c69.cloudfront.net https://app.hubspot.com *.hubspot.com https://a.omappapi.com *.omappapi.com https://js.hs-scripts.com *.hs-scripts.com *.cloudfront.net https://people.wsuite.com *.wsuite.com https://js.hs-analytics.net *.hs-analytics.net https://widget-mediator.zopim.com *.zopim.com https://js.hs-banner.com *.hs-banner.com https://ajax.googleapis.com *.googleapis.com https://static.browseranalytic.com https://code.angularjs.org https://player.vimeo.com *.vimeo.com *.angularjs.org *.browseranalytic.com *.connect.facebook.net *.facebook.net https://polyfill.io *.polyfill.io https://library-sdb.apps.bancolombia.com *.bancolombia.com https://f.vimeocdn.com *.vimeocdn.com https://syndication.twitter.com *.twitter.com https://cdn.syndication.twimg.com *.twimg.com *.facebook.com *.script.hotjar.com https://asistencia.webv2.allus.com.co https://cdn.todo1.com *.todo1.com *.allus.com.co *.vars.hotjar.com *.t.co *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.hotjar.com https://tags.bkrtx.com https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.grupobancolombia.com https://lptag.liveperson.net https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com *.cdn.dynamicyield.com *.st.dynamicyield.com *.rcom.dynamicyield.com https://cdn.dynamicyield.com https://st.dynamicyield.com https://rcom.dynamicyield.com https://unpkg.com https://accdn.lpsnmedia.net https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://www.sc.pages03.net https://www.youtube.com *.youtube.com https://resources.digital-cloud-west.medallia.com https://cdn.jsdelivr.net *.cdn.jsdelivr.net https://www.googleoptimize.com https://api.glia.com/ *.onesignal.com *.segment.com; img-src 'self' region1.google-analytics.com region1.analytics.google.com *.google-analytics.com *.analytics.google.com https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ data: https://* https://srvfrontcer.claro.com.co:7002 https://a.tribalfusion.com *.tribalfusion.com https://dpm.demdex.net *.demdex.net *.claro.com.co *.claro.com *.cloudfront.net *.px.ads.linkedin.com *.linkedin.com *.facebook.com *.amazonaws.com https://secure.gravatar.com *.gravatar.com https://pf-emoji-service--cdn.us-east-1.prod.public.atl-paas.net *.atl-paas.net https://vop.sundaysky.com *.sundaysky.com https://odr.mookie1.com *.mookie1.com https://monstat.com *.monstat.com https://pxl.jivox.com *.jivox.com https://vop.sundaysky.com *.sundaysky.com https://s3.amazonaws.com https://cdn2.hubspot.net https://i.stack.imgur.com *.imgur.com *.cloudfront.net https://widget.sndcdn.com *.sndcdn.com https://i1.sndcdn.com *.sndcdn.com https://a.omappapi.com *.omappapi.com *.hubspot.net https://upload.wikimedia.org *.wikimedia.org https://f.hubspotusercontent20.net https://play.vidyard.com *.vidyard.com *.hubspotusercontent20.net https://i1.sndcdn.com *.sndcdn.com https://track.hubspot.com https://i1.wp.com *.wp.com https://theme.zdassets.com *.zdassets.com *.hubspot.com https://soporte.plink.com.co *.plink.com.co https://cx.atdmt.com *.atdmt.com https://i.ytimg.com https://b1sync.zemanta.com *.zemanta.com https://sync.crwdcntrl.net *.crwdcntrl.net https://www.googletagmanager.com *.googletagmanager.com https://platform.twitter.com *.twitter.com https://abs.twimg.com *.ytimg.com https://i.vimeocdn.com *.vimeocdn.com https://xrbcqpor01.bancolombia.com:10039 *.bancolombia.com https://maps.googleapis.com *.googleapis.com https://yt3.ggpht.com *.ggpht.com https://connect.facebook.net *.facebook.net https://asistencia.webv2.allus.com.co *.allus.com.co *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co https://p.adsymptotic.com *.cdn.dynamicyield.com *.dynamicyield.com *.grupobancolombia.com https://tags.bluekai.com *.pages03.net *.maps.gstatic.com https://maps.gstatic.com *.gstatic.com https://resources.digital-cloud-west.medallia.com https://sync.teads.tv *.teads.tv https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net *.onesignal.com *.segment.com; media-src 'self' https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://* https://srvfrontcer.claro.com.co:7002 *.claro.com.co *.claro.com *.googleadservices.com *.grupobancolombia.com *.amazonaws.com *.cloudfront.net https://s3.amazonaws.com https://static.zdassets.com *.zdassets.com https://static.zdassets.com *.zdassets.com https://www.youtube.com https://asistencia.webv2.allus.com.co *.allus.com.co *.youtube.com blob: data: *.onesignal.com *.segment.com; frame-src 'self' https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://ws.grupokonecta.co:5000/ https://* https://srvfrontcer.claro.com.co:7002 https://widget.spreaker.com *.spreaker.com *.claro.com.co *.claro.com *.googleadservices.com https://bcapi.apichefcompany.com *.cloudfront.net *.apichefcompany.com *.google-analytics.com *.facebook.com https://w.soundcloud.com *.soundcloud.com https://series1.cma.com.br *.cma.com.br https://bancolombia.olb.todo1.com *.todo1.com https://tpbancolombia.teleperformance.co *.teleperformance.co https://extractosinternet.bancolombia.com *.bancolombia.com https://forms.hsforms.com *.hsforms.com https://play.vidyard.com *.vidyard.com https://platform.twitter.com *.twitter.com https://vars.hotjar.com https://player.vimeo.com *.vimeo.com https://resources.digital-cloud-west.medallia.com *.medallia.com https://asistencia.webv2.allus.com.co *.allus.com.co https://series1.cma.com.br *.cma.com.br https://stags.bluekai.com https://api.skaduks.com https://bid.g.doubleclick.net *.grupobancolombia.com https://www.google.com *.google.com https://www.google-analytics.com https://cdn.dynamicyield.com *.dynamicyield.com https://lpcdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://www.youtube.com *.youtube.com https://9811311.fls.doubleclick.net https://webapp1.allus.com.co https://gmsdigitales.claro.com.co:8443 https://vc.hotjar.io *.onesignal.com *.segment.com; style-src 'self' 'unsafe-inline' https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://* https://srvfrontcer.claro.com.co:7002 *.claro.com.co *.claro.com https://asistencia.webv2.allus.com.co https://cdnjs.cloudflare.com *.cloudflare.com https://library-sdb.apps.bancolombia.com *.bancolombia.com *.amazonaws.com https://s3.amazonaws.com https://assets.kampyle.com *.kampyle.com https://cdn2.hubspot.net *.hubspot.net https://galatea-dev.apps.ambientesbc.com *.ambientesbc.com https://cdn.jsdelivr.net *.jsdelivr.net https://cdn2.hubspot.net https://assets.vidyard.com *.vidyard.com *.hubspot.net https://static.zdassets.com *.zdassets.com *.webv2.allus.com.co https://www.gstatic.com *.gstatic.com https://f.vimeocdn.com *.vimeocdn.com https://platform.twitter.com *.twitter.com https://www.grupobancolombia.com https://use.fontawesome.com *.fontawesome.com *.grupobancolombia.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://nominatim.openstreetmap.org https://servcompwctb.claro.com.co https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com https://unpkg.com *.onesignal.com *.segment.com; connect-src 'self' region1.google-analytics.com region1.analytics.google.com *.google-analytics.com *.analytics.google.com https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://* https://bam.nr-data.net *.nr-data.net https://srvfrontcer.claro.com.co:7002 *.claro.com.co *.claro.com https://gms-digitales.claro.com.co:8443 *.claro.com.co:8443 *.claro.com.co:8030 https://webrtc.claro.com.co:8030 *.stats.g.doubleclick.net *.cloudfront.net https://fresnel.vimeocdn.com *.vimeocdn.com data: https://player-telemetry.vimeo.com *.vimeo.com https://api-widget.soundcloud.com *.soundcloud.com https://external.apps.bancolombia.com *.bancolombia.com https://api.us.apiconnect.ibmcloud.com *.ibmcloud.com https://jsonip.com *.jsonip.com https://resources.digital-cloud-west.medallia.com *.medallia.com https://inveco-services.qdata.io *.qdata.io https://identify.hotjar.com https://wave.sndcdn.com *.sndcdn.com https://api.ipify.org *.ipify.org *.hotjar.com https://alivionofinancieros.isobarapi.com *.individeo.com https://track.individeo.com *.isobarapi.com https://130vod-adaptive.akamaized.net *.akamaized.net https://c.browseranalytic.com *.amazonaws.com https://s3.amazonaws.com *.claro.com.co *.claro.com https://forms.hsforms.com *.hsforms.com https://tpbancolombia.teleperformance.co *.teleperformance.co https://raw.vidyard.com *.vidyard.com wss://tpbancolombia.teleperformance.co *.teleperformance.co https://ekr.zdassets.com https://api-k8-cer.plink.com.co https://api.plink.com.co *.plink.com.co https://api.omappapi.com *.omappapi.com *.zdassets.com wss://widget-mediator.zopim.com *.zopim.com https://plinksoporte.zendesk.com *.zendesk.com https://settings.luckyorange.net *.luckyorange.net https://digital.sanchobbdoapp.com https://www.calculadoralaboral.co *.calculadoralaboral.co *.sanchobbdoapp.com *.browseranalytic.com https://strfeedrt01.cma.com.br *.cma.com.br https://syndication.twitter.com *.twitter.com https://stats.g.doubleclick.net https://bcapi.apichefcompany.com *.apichefcompany.com https://bid.g.doubleclick.net *.googlevideo.com https://api.skaduks.com https://nominatim.openstreetmap.org https://servcompwctb.claro.com.co:7002 *.cdn.dynamicyield.com *.dynamicyield.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.cdn.dynamicyield.com *.st.dynamicyield.com *.rcom.dynamicyield.com https://cdn.dynamicyield.com https://st.dynamicyield.com https://rcom.dynamicyield.com https://www.facebook.com https://cdn.jsdelivr.net *.jsdelivr.net *.facebook.com https://external-qa.apps.ambientesbc.com https://lpcdn.lpsnmedia.net https://firestore.googleapis.com https://www.youtube.com *.youtube.com https://9811311.fls.doubleclick.net https://webapp1.allus.com.co https://yt3.ggpht.com *.yt3.ggpht.com https://i.ytimg.com *.i.ytimg.com *.googleads.g.doubleclick.net https://googleads.g.doubleclick.net *.grupobancolombia.com https://gmsdigitales.claro.com.co:8443 https://vc.hotjar.io *.onesignal.com *.segment.com; font-src 'self' data: https://clientes-ext-qa.apps.ambientesbc.com/ https://clientes-ext.apps.bancolombia.com/ https://* https://srvfrontcer.claro.com.co:7002 https://www.grupobancolombia.com *.grupobancolombia.com *.cloudfront.net https://cdnjs.cloudflare.com *.cloudflare.com https://jsbin-user-assets.s3.amazonaws.com *.amazonaws.com https://static.zdassets.com *.zdassets.com https://assets.kampyle.com *.kampyle.com https://fonts.gstatic.com *.gstatic.com https://library-sdb.apps.bancolombia.com *.bancolombia.co https://galatea-dev.apps.ambientesbc.com *.ambientesbc.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com *.onesignal.com *.segment.com; frame-ancestors 'self' https://ws.grupokonecta.co:5000/;
Age: 371
X-OneAgent-JS-Injection: true
Connection: Keep-Alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-77550310"
Content-Length: 43802
x-xss-protection: 1; mode=block
Referrer-Policy: strict-origin
ETag: "-1449074008:dtagent1029524070511094941qu"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Set-Cookie
Cache-Control: max-age=600,public,post-check=300,pre-check=600
Feature-Policy: vibrate 'self';
Content-Language: en-US
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type
Keep-Alive: timeout=60, max=74
Expires: Thu, 01 Aug 2024 12:39:16 GMT

GET
H2 200 saxes.js Show response
wwwgrupobancolombia-2024.glitch.me/ 5 KB
5 KB 237ms
237ms Script
application/javascript 34.198.68.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwgrupobancolombia-2024.glitch.me/saxes.js
Requested by: Host: wwwgrupobancolombia-2024.glitch.me
URL: https://wwwgrupobancolombia-2024.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.68.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-68-168.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a3342c0b527353adb540c0c3569c703cce24091d23ab7deb2209098e151f23a9

Request headers

Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 12:35:17 GMT
x-amz-version-id: iLTkagQkBHQq5JpOUtIEGdS8CgeCDQEU
last-modified: Thu, 01 Aug 2024 09:04:26 GMT
server: AmazonS3
x-amz-request-id: YR09TRC6B245BTYZ
etag: "f8329898dcceb66cb5441fce292c294b"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 4730
x-amz-id-2: PEMFN+LpcWr/pmOjYR4nsH2+4v5iTuq854CLYBgEAzxWP2t9vnVmQkyHBXdh4x0DONPvR0e1yrg=

GET
H2 200 / Show response
api.ipify.org/ 24 B
157 B 140ms
113ms XHR
application/json 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab959075916a2332d1a7bac577c2f9d7d395495a2e275fbf08b511f57f8f73d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 12:35:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 8ac5de05ff1e92a5-FRA
content-length: 24

GET
H2 200 / Show response
ipinfo.io/ 262 B
463 B 156ms
122ms XHR
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

3d243f5a2a0b4f2909a5417eb44dfdbd798810386d77ab5da696ddf4ef848b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://wwwgrupobancolombia-2024.glitch.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 12:35:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179
x-xss-protection: 1; mode=block

GET images.png
ocastant.sirv.com/dunkin/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 737 B
783 B 424ms
45ms Font
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: wwwgrupobancolombia-2024.glitch.me
URL: https://wwwgrupobancolombia-2024.glitch.me/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

977b2ba617c26fc931319de6265247ebb115a6a53ca7f720405ab73b1783b48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wwwgrupobancolombia-2024.glitch.me/
Origin: https://wwwgrupobancolombia-2024.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 12:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 11:38:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 12:35:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ocastant.sirv.com
URL: https://ocastant.sirv.com/dunkin/images.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bancolombia (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: OTS parsing error: invalid sfntVersion: 791289964
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: OTS parsing error: invalid sfntVersion: 791289964
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: OTS parsing error: invalid sfntVersion: 791289964
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://wwwgrupobancolombia-2024.glitch.me/ Message: OTS parsing error: invalid sfntVersion: 791289964

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
fonts.googleapis.com
ipinfo.io
ocastant.sirv.com
www.bancolombia.com
wwwgrupobancolombia-2024.glitch.me
ocastant.sirv.com
104.26.13.205
142.250.184.202
142.250.186.170
169.62.185.103
34.117.59.81
34.198.68.168
1b1a6330b6fca87ae58bdd0b005d870f5a43f0b8774cebb271cf9fcfe6613bd8
3d243f5a2a0b4f2909a5417eb44dfdbd798810386d77ab5da696ddf4ef848b39
5a03ffcd505e4a9382fe09f194f64c564c0adf05eee975ee24100313b18a3769
977b2ba617c26fc931319de6265247ebb115a6a53ca7f720405ab73b1783b48b
a3342c0b527353adb540c0c3569c703cce24091d23ab7deb2209098e151f23a9
aab959075916a2332d1a7bac577c2f9d7d395495a2e275fbf08b511f57f8f73d
b5d9c6ccc6f8719760801dd385bb455e4f16537d5ac17f2059ca0702383677e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6a1bf1a2feaa4d348eacdab000520448ecc3cf6dc1a806985b4a5c49dbff036
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

wwwgrupobancolombia-2024.glitch.me Open in urlscan Pro 34.198.68.168 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

194 kBTransfer

234 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

wwwgrupobancolombia-2024.glitch.me Open in urlscan Pro
34.198.68.168 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

194 kB
Transfer

234 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!