urlscan.io logo urlscan.io
SecurityTrails logo

produsersrl.com.ar Open in urlscan Pro
2800:6c0:2::35  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Submission: On October 01 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2800:6c0:2::35, located in Buenos Aires, Argentina and belongs to Dattatec.com, AR. The main domain is produsersrl.com.ar.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 8th 2023. Valid for: a year.
This is the only time produsersrl.com.ar was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Galicia (Banking)

Domain & IP information

IP Address AS Autonomous System
5 2800:6c0:2::35 27823 (Dattatec.com)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a04:4e42:200... 54113 (FASTLY)
1 2a04:4e42:200... 54113 (FASTLY)
1 104.18.36.7 13335 (CLOUDFLAR...)
5 172.67.139.119 13335 (CLOUDFLAR...)
15 6
5    2800:6c0:2::35 (Buenos Aires, Argentina)

ASN27823 (Dattatec.com, AR)
produsersrl.com.ar
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.18.36.7 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.aweber-static.com
5    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
Apex Domain
Subdomains		 Transfer
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2181
ka-f.fontawesome.com — Cisco Umbrella Rank: 6366
60 KB
5 produsersrl.com.ar
produsersrl.com.ar
462 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 341
57 KB
1 aweber-static.com
assets.aweber-static.com — Cisco Umbrella Rank: 326848
16 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 851
82 KB
15 5
Domain Requested by
5 ka-f.fontawesome.com kit.fontawesome.com
produsersrl.com.ar
5 produsersrl.com.ar produsersrl.com.ar
2 cdn.jsdelivr.net produsersrl.com.ar
1 assets.aweber-static.com produsersrl.com.ar
1 code.jquery.com produsersrl.com.ar
1 kit.fontawesome.com produsersrl.com.ar
15 6

This site contains no links.

Subject Issuer Validity Valid
produsersrl.com.ar
Sectigo RSA Domain Validation Secure Server CA		 2023-10-08 -
2024-10-07		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.aweber-static.com
RapidSSL TLS RSA CA G1		 2024-06-25 -
2025-07-10		 a year crt.sh
ka-f.fontawesome.com
WE1		 2024-08-29 -
2024-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://produsersrl.com.ar/PromocionesGalicia_/
Frame ID: 2457539C01E92582D29AA7EDE811BD02
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Banking

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

678 kB
Transfer

1256 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
produsersrl.com.ar/PromocionesGalicia_/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::35 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache / PHP/7.1.33
Resource Hash
fd79830c37c974a677d8500a22721458080e2ab2b25dd180785374a1e611fc39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
gzip
content-length
2305
content-type
text/html; charset=UTF-8
date
Tue, 01 Oct 2024 07:40:55 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.1.33
1a5e2ebb67.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/1a5e2ebb67.js
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05d3c2af99dd341d8787fef5fee32bfd62fa327ff0face4c507dcf505032605

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://produsersrl.com.ar
Referer
https://produsersrl.com.ar/

Response headers

access-control-max-age
3000
x-request-id
F_pEQZ6FpZZ1xOqhO76B
cache-control
max-age=60, public, stale-while-revalidate=30
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
cf-ray
8cbaceaf580bdb4c-NRT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
text/javascript
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
server
cloudflare
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 		227 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://produsersrl.com.ar
Referer
https://produsersrl.com.ar/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
age
1582313
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220083-FRA, cache-nrt-rjtf7700025-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
34902
x-jsd-version
5.3.2
jquery-3.7.1.js
code.jquery.com/ 		279 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.js
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://produsersrl.com.ar
Referer
https://produsersrl.com.ar/

Response headers

content-encoding
gzip
etag
W/"28feccc0-45a82"
age
2935245
x-cache
HIT, HIT
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
2166, 27047
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21929-LGA, cache-nrt-rjtf7700073-NRT
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1727768456.580666,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
83619
server
nginx
logo.svg
produsersrl.com.ar/PromocionesGalicia_/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://produsersrl.com.ar/PromocionesGalicia_/images/logo.svg
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::35 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
fad6369e7b4e8af718c87cf1d5e13e9f3c3e831725a388ad52a971ee70c1abe8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/PromocionesGalicia_/

Response headers

accept-ranges
bytes
content-length
5259
etag
"148b-61d757d402980"
date
Tue, 01 Oct 2024 07:40:55 GMT
last-modified
Wed, 17 Jul 2024 18:18:30 GMT
content-type
image/svg+xml
server
Apache
QR-3-LuciaPerini.jpg
produsersrl.com.ar/PromocionesGalicia_/images/ 		453 KB
454 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://produsersrl.com.ar/PromocionesGalicia_/images/QR-3-LuciaPerini.jpg
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::35 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
6e1049be485791f043907ab6045b623d3cb447ba874f759d31ee695e435beecd

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/PromocionesGalicia_/

Response headers

accept-ranges
bytes
content-length
464292
etag
"715a4-61d757d402980"
date
Tue, 01 Oct 2024 07:40:55 GMT
last-modified
Wed, 17 Jul 2024 18:18:30 GMT
content-type
image/jpeg
server
Apache
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://produsersrl.com.ar
Referer
https://produsersrl.com.ar/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
age
2268678
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220085-FRA, cache-nrt-rjtf7700025-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
22772
x-jsd-version
5.3.2
aweber.js
assets.aweber-static.com/aweberjs/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.aweber-static.com/aweberjs/aweber.js
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dacbd475808d281ff98b71edcdb4519af3d9e68e6f9b0bd47e8f939be6101821

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
aMmvrbc4WiAxA6HCnEenuR7wJsvSQai1
etag
W/"2546cbadfb6d8d7375af91e0001f0007"
age
203
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 11 Mar 2021 18:56:20 GMT
vary
Accept-Encoding
x-amz-id-2
dhbsOvO8Xd53R+SyoF2dW92A7I4TEGPs7uZ7Hq59WOvY4vauMRK1sZauDCraW1fX3w6w6hw6h9A=
cache-control
max-age=300
x-amz-request-id
4CMEDKRJRABTVN3H
cf-ray
8cbaceb0dcf3f58b-NRT
access-control-allow-origin
*
x-amz-meta-surrogate-key
aweberjs-aweber-js
server
cloudflare
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		94 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=1a5e2ebb67
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/1a5e2ebb67.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"4ca760f49cd8a14911c81e6c14328874"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFjh1qEFyFahSLOvf1J5XQFRJGJ61fpKi%2Btw2yukk91ZPbrkYEVtp18IOqDxRII9ETDIf8MfH2aSTzsxBd2pyke%2Br0uHTd1uelkH2YVn99pH9DD1MAjqPV51Ug4xz3eYdYA2MxmNOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
LX2liKpKgHgbbMfPkGI1nI62Wx7OjsSHjDcEIUjm2mOx3U9P62JXgA==
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e7676f665322c53af8700622928c9d70.cloudfront.net (CloudFront)
cf-ray
8cbaceb0aa097965-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P4
server
cloudflare
x-amz-server-side-encryption
AES256
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=1a5e2ebb67
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/1a5e2ebb67.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5e5b0d8c7be5919570a305b6bc229a36"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQ%2Bcspk3zJHCmhmGVunnn31KufmobZuB4W6wdTnblq9Kqxp9Z%2BIQzmwhJ6uRy3wZM9jbb56EFL7aDUVXfBR0LwUqJv0tPuFwh7CAcsXiJ5bB9pEkHTh5OfMcETtYv9KhVb4WE7d2Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3ASWLMQ1kvYGm3IB-43-X9i8dECHoY_OUD6o_iiFesm8k2zM1ATacA==
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2a96dcb1bf3c6978af2ec160bb04fc3e.cloudfront.net (CloudFront)
cf-ray
8cbaceb0aa0b7965-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P4
server
cloudflare
x-amz-server-side-encryption
AES256
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		823 B
1023 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=1a5e2ebb67
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/1a5e2ebb67.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/

Response headers

access-control-max-age
3000
content-encoding
br
cf-cache-status
MISS
etag
W/"8972ae5004bc634ffa6641be3960e78a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2B16F%2BYvwgm8bi0CrO9P0pVzmmGpZs1WOoa78fXLCv%2Ff4kiyV%2BRE%2BcnluqCPT07WwDQLyV0DrnFM%2FNPseYOKa5Kre9UwIgn5VUEMUgQAr3A2cI22TCo%2BFQgfVkS3W7jZjcbvgxMNGA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
k9VZ0lS8VKfIiynwZrSW7kl4RPpqf_373AefCmHMU35b30yxf4RZvQ==
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 94862758de20b2106b1a497555736b78.cloudfront.net (CloudFront)
cf-ray
8cbaceb0aa0e7965-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P4
server
cloudflare
x-amz-server-side-encryption
AES256
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=1a5e2ebb67
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/1a5e2ebb67.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a5a0c9048efb7cb5df90023064d09ba4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CshXPp8cUdk20%2BC%2FtIF6Hq9wlmcXD6mxGHy%2BznIVHaY3Th9KHaGew8D%2Bn9QISa1vKYl3%2BBczdv6oRb0dukv3b6E80qeGGIOcNFVKqFnW6zX%2BVAR24RAvvAx%2Fy3eM6qbzEMD7NbvHCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
skZdLK8v97MAy-s2E7dYqQxGnxmJe1OlVh8KQtUnUdHhWc0srJ7fTw==
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
text/css
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 db1f9fb1b66442ce482bd767fdbb5966.cloudfront.net (CloudFront)
cf-ray
8cbaceb0aa0f7965-NRT
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P4
server
cloudflare
x-amz-server-side-encryption
AES256
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-regular-400.woff2
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6032fd81027dc0aff1a894802261e493ed3b041f625a27630e6bcfba0ea4ec6

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://produsersrl.com.ar
Referer
https://produsersrl.com.ar/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"f5e38eecd547d3ef0dd9e2666140c0c1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qwgNAaV8g4q5RdQ14Wxwf7aqbV%2B6T8gQARlrv5ZGMmZz4lPlZiydgGpatlgi5hVY%2FNsxjbjQBIAdYmGrMJz%2FdNq1xdl4fqrg%2Fg7ygvCYTEPhpUO3qfMY9mLhGPnKd49i%2B3Q8KXw3%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Vg5TPPSVMQOaCRUvX742XiKLJ1tW2hntodXTnuYMZOsurVfFr1CWtA==
date
Tue, 01 Oct 2024 07:40:55 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 22:44:07 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 7eeffd525f773b6c8e0d74f60f04380a.cloudfront.net (CloudFront)
cf-ray
8cbaceb0fa4b7965-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
25464
x-amz-cf-pop
NRT12-P4
server
cloudflare
x-amz-server-side-encryption
AES256
notify.php
produsersrl.com.ar/PromocionesGalicia_/ 		776 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://produsersrl.com.ar/PromocionesGalicia_/notify.php
Requested by
Host: produsersrl.com.ar
URL: https://produsersrl.com.ar/PromocionesGalicia_/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::35 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache / PHP/7.1.33
Resource Hash
8cb75e5d6eee5ce1e6f50cc1d9752f6b0c2b230c1f6b029c853c3d03f8a13bf8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/PromocionesGalicia_/

Response headers

content-length
401
content-encoding
gzip
date
Tue, 01 Oct 2024 07:40:56 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
vary
Accept-Encoding
server
Apache
favicon.ico
produsersrl.com.ar/ 		196 B
247 B 		Other
General
Check archive.org
Download Go to
Full URL
https://produsersrl.com.ar/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2800:6c0:2::35 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://produsersrl.com.ar/PromocionesGalicia_/

Response headers

content-length
196
date
Tue, 01 Oct 2024 07:40:57 GMT
content-type
text/html; charset=iso-8859-1
server
Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Galicia (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeKitConfig function| $ function| jQuery number| uidEvent object| bootstrap object| AWeber

0 Cookies

4 Console Messages

Source Level URL
Text
recommendation verbose URL: https://produsersrl.com.ar/PromocionesGalicia_/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://produsersrl.com.ar/PromocionesGalicia_/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
network error URL: https://produsersrl.com.ar/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()