urlscan.io logo urlscan.io
SecurityTrails logo

galicia.galiciasupport.academia.edu.co Open in urlscan Pro
149.56.12.229  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://han.gl/ICBam
Effective URL: https://galicia.galiciasupport.academia.edu.co/
Submission: On August 05 via automatic, source openphish — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 149.56.12.229, located in Montreal, Canada and belongs to OVH, FR. The main domain is galicia.galiciasupport.academia.edu.co.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 3rd 2022. Valid for: 3 months.
This is the only time galicia.galiciasupport.academia.edu.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Galicia (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
13 149.56.12.229 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.91.59.199 14618 (AMAZON-AES)
1 34.117.59.81 396982 (GOOGLE-CL...)
16 4
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
han.gl
13    149.56.12.229 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: vps-caf05523.vps.ovh.ca
galicia.galiciasupport.academia.edu.co
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com
api.ipify.org
1    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
Apex Domain
Subdomains		 Transfer
13 academia.edu.co
galicia.galiciasupport.academia.edu.co
2 MB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7373
527 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2743
276 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 267
31 KB
1 han.gl
han.gl
704 B
16 5
Domain Requested by
13 galicia.galiciasupport.academia.edu.co galicia.galiciasupport.academia.edu.co
1 ipinfo.io galicia.galiciasupport.academia.edu.co
1 api.ipify.org galicia.galiciasupport.academia.edu.co
1 ajax.googleapis.com galicia.galiciasupport.academia.edu.co
1 han.gl 1 redirects
16 5

This site contains no links.

Subject Issuer Validity Valid
galicia.galiciasupport.academia.edu.co
cPanel, Inc. Certification Authority		 2022-08-03 -
2022-11-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
ipinfo.io
GTS CA 1D4		 2022-06-19 -
2022-09-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://galicia.galiciasupport.academia.edu.co/
Frame ID: 4DB5E1F12E755D8B3DC5A5E014DA1D9B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. https://han.gl/ICBam HTTP 301
    https://galicia.galiciasupport.academia.edu.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

2171 kB
Transfer

2223 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://han.gl/ICBam HTTP 301
    https://galicia.galiciasupport.academia.edu.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galicia.galiciasupport.academia.edu.co/
Redirect Chain
  • https://han.gl/ICBam
  • https://galicia.galiciasupport.academia.edu.co/
18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
b0babb628bd86a5a22c01b67f176e7faa0e478bade4104dcae6c33657c47a506

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
18570
Content-Type
text/html
Date
Fri, 05 Aug 2022 01:18:51 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 04 Aug 2022 19:33:47 GMT
Server
Apache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
735bb377fc99693a-FRA
content-type
text/html; charset=UTF-8
date
Fri, 05 Aug 2022 01:18:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://galicia.galiciasupport.academia.edu.co/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMbRTr5VVZpQ9rRpvYsBxDHk4r%2F9fmDN2Sl55Jnl8y14r2mYF1wGJ1zJULQm8AOosvh05MSoYuyM9Xl9%2FJE77aqYfk6xp3KR29Rbl9BKwIxaS35R7Pvh%2FgmpIEajKBHgasfD9eY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 00:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Aug 2023 00:12:21 GMT
bootstrap.min.css
galicia.galiciasupport.academia.edu.co/css/ 		121 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/css/bootstrap.min.css
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Wed, 03 Aug 2022 16:09:45 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
123758
default.min.css
galicia.galiciasupport.academia.edu.co/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/css/default.min.css
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
1812800491c1e3b4f00d80b9396bea9d435b2d45e27bd82794bc8bcac7e184f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Wed, 03 Aug 2022 16:09:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1324122
keyboard.css
galicia.galiciasupport.academia.edu.co/css/ 		492 B
733 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/css/keyboard.css
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Wed, 03 Aug 2022 16:10:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
492
simple-keyboard.css
galicia.galiciasupport.academia.edu.co/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/css/simple-keyboard.css
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Wed, 03 Aug 2022 16:10:30 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2790
FrontFunctions.min.js
galicia.galiciasupport.academia.edu.co/js/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/js/FrontFunctions.min.js
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
3f961962dc4471c881dd809308411177f1201cc7cb7691b24c9bd66bcfde5722

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Thu, 04 Aug 2022 19:34:09 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
28367
sharedout
galicia.galiciasupport.academia.edu.co/js/ 		378 KB
378 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/js/sharedout
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Thu, 04 Aug 2022 19:34:09 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
386613
customcarousel.min.css
galicia.galiciasupport.academia.edu.co/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/css/customcarousel.min.css
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Wed, 03 Aug 2022 16:09:48 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1949
sax.js
galicia.galiciasupport.academia.edu.co/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/js/sax.js
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
1ca6d0cf34ab0b559960088e5df055e43d109346648a7b7bec6f9638a248bb65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:52 GMT
Last-Modified
Thu, 04 Aug 2022 19:34:09 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1197
/
api.ipify.org/ 		21 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/js/sharedout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
fac63f3c625eb5647f9c44916a7a341bcf601cd798ba37e242f21e7028c781ec

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://galicia.galiciasupport.academia.edu.co/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:53 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://galicia.galiciasupport.academia.edu.co
Connection
keep-alive
Content-Length
21
/
ipinfo.io/ 		269 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/js/sharedout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
0b66115c57e68a992c1e6cc1c729fe90649f6be907f4f9ea7cdc9bf80bfbf9b5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://galicia.galiciasupport.academia.edu.co/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 01:18:53 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
via
1.1 google
vary
Accept-Encoding
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
logo.svg
galicia.galiciasupport.academia.edu.co/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galicia.galiciasupport.academia.edu.co/img/logo.svg
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/css/default.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/css/default.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:53 GMT
Last-Modified
Wed, 03 Aug 2022 16:08:23 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5199
Inter-Regular.woff2
galicia.galiciasupport.academia.edu.co/css/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/css/Inter-Regular.woff2
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/css/default.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
77ca56870309a85759fb7116aef2119a26e358145e808868543ca1fe16c27720

Request headers

Referer
https://galicia.galiciasupport.academia.edu.co/css/default.min.css
Origin
https://galicia.galiciasupport.academia.edu.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:53 GMT
Last-Modified
Wed, 03 Aug 2022 16:10:14 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
89212
fontawesome-webfont.woff2
galicia.galiciasupport.academia.edu.co/css/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://galicia.galiciasupport.academia.edu.co/css/fontawesome-webfont.woff2
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/css/default.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://galicia.galiciasupport.academia.edu.co/css/default.min.css
Origin
https://galicia.galiciasupport.academia.edu.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:53 GMT
Last-Modified
Wed, 03 Aug 2022 16:09:59 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
77160
102-sin-titulo-Victoria-Salvay.jpg
galicia.galiciasupport.academia.edu.co/img/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galicia.galiciasupport.academia.edu.co/img/102-sin-titulo-Victoria-Salvay.jpg
Requested by
Host: galicia.galiciasupport.academia.edu.co
URL: https://galicia.galiciasupport.academia.edu.co/css/default.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.56.12.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-caf05523.vps.ovh.ca
Software
Apache /
Resource Hash
e9b32b1507d91d5e4268e15e3f1618e6597e79cbe347eedd09dd919dc6e72b99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://galicia.galiciasupport.academia.edu.co/css/default.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 01:18:53 GMT
Last-Modified
Wed, 03 Aug 2022 16:08:09 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
127504

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Galicia (Banking)

412 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery boolean| isMobile number| mobileDimensionLimit string| htmlSelection string| htmlFilter function| getIsMobile function| getIsDevice function| ocultarTooltip function| agregarTooltipsFima function| agregarIconoAyudaTooltip function| updateInputs boolean| capsLockEnabled function| checkWarning function| inputsEfect function| closeAlert function| openPanel function| bindClosePanel function| closePanel function| fixedMenu function| fixedFooter function| fixMarginBottom function| fixedHeader function| fixPerfil function| fixPadding function| inputWidth function| inputAutosize function| btnTooltip function| hiddenMenu function| showMenu function| showErrorModal function| showHBModal function| carouselEffect function| showShadow function| dropdownMobile function| stopBodyScrolling function| btnRippled function| contentScroll function| contentFix function| inputLowerCase function| mostrarAlertaEncabezado function| closeDropdown function| fixBottomBlur function| fixModal function| inputExtraInfo function| toLowerCapitalize function| setTooltips function| updateTooltips undefined| csid function| resetBc function| getCookie function| setCookie object| modal number| widthGuia number| heightGuia string| overlayGuia string| botonSalir string| botonSiguiente string| botonAnterior string| botonFinalizar string| espacio string| botonEntendido string| mantle string| hole boolean| guiaIniciada number| diferenciaPixels object| listaMensajes string| contentGuia function| inicializarGuiaNovedad function| inicializarGuiaVoluntaria function| inicializarGuia object| resizeTimeout function| AttachResizeGuia function| AttachGuia function| precargarGuias function| setUnicoModal function| setUnicaBurbuja function| setPrimeraBurbuja function| setPrimerModal function| setModal function| setSegundoYUltimoMensaje function| setSegundoYUltimoMensajeBurbuja function| setUltimoMensaje function| setSegundoMensaje function| setMensajeIntermedio function| setMensaje function| getTopOffset function| ObtenerMensajesAMostrar function| terminarGuia function| mostrarProximaGuia function| getDataGuiaPorID function| mostrarGuia function| createHole function| getIdGuia function| guiaNoInteresa function| getJsonGuia function| cerrar function| getUbicacionGuia function| fixGuiaView function| guiaIsVisible function| lockGuia function| guiaInWidthViewPort function| elementInViewport function| fixHole function| bcSmartLoad function| setRulesLogin function| setRulesPerfilContacto function| setRulesAliasContacto function| setRulesAliasCBU function| setRulesGenericas function| setRulesCargaMailTelefono function| AES_CBC_Encrypt function| keyIsDefinedInArrayOfJSON function| esTelefonoPermitido function| RenewTimeOut function| RenewTimeOutClientSide function| MostrarModalError function| RenovarTimeOutServer function| enmascararInputsGtm function| TimeOutAlert function| createAACookie function| createCookie function| readCookie function| clearCookie function| clearAllCookies function| getCurrentDecimalSeparator function| getIntPart function| getDecPart function| toFloat function| formatNmbToMiles function| LockUserControl function| showGlobalLoading function| ExternalLink function| Link function| doPost function| doPostWithArgs function| base64encode function| OnJsError function| IsAjaxError function| GetAjaxJsonErrorDescription function| WindowOpen function| Back function| goToMenuLinkModule function| ValidateRegExOnEvent function| ValidateRegEx function| validarDrop function| validarPasteDrop function| isFloat function| trim function| Empty function| trimSpaces function| trimStart function| trimNonDigits function| RemoveNonNumericCharacters function| HBRegisterInteraction function| isLocationComplete function| isRFC822ValidEmail function| PasswordComplexValidation function| evalRefererDomainBackNavigation function| disableFormAfterSubmit function| inputValidate function| seleccionarCuenta function| seleccionarCuentaEnMultiple function| seleccionarCuentaComitente function| htmlEncode function| htmlDecode function| closeBanner function| funcionalidadNoDisponible function| CompartirCuenta function| descargarComprobanteMovimientoCuenta function| cuitFormat function| formatCUIT function| amountFormat function| formatNumber function| formatCBU function| formatNumeroEnElemento function| formatEnteros function| isDefined function| digitalAnalyticsElementTagCustomerEffort function| getAge function| IECheck_Version function| isIE9 function| formatDate function| Count function| getAddsContainers function| loadAdds function| notificarAccionRTD function| importeVisibleValido function| linkAOtraPestaña function| ReloadOnBoarding function| logFormData function| logNavStack function| menuDolaresNoDisponible function| replaceAll function| quitarCaracteresNoDeseados function| RefreshToken function| formatearTelefono function| RSAKeyPair function| twoDigit function| encryptedString function| decryptedString function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort function| BlackberryLocationCollector function| detectFields function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath function| convertTimestampToGMT function| getTimestampInMillis function| debug function| convertType function| waitForAjaxsCompleted function| printObj function| showModalAlertTimeOut number| timeOutMinutes boolean| timeOutModal number| _countDownTimerTimeOut boolean| lockUserControlFlag function| freezeVp string| advertisementContainerClassName number| dpl10 object| lr10 object| hexatrigesimalToChar object| hexToChar object| highBitMasks object| lowBitMasks function| Hashtable object| ProxyCollector object| TimestampCollector object| UIEventCollector object| BrowserDetect number| svcDefaultTimeoutMs boolean| userDebug string| decimalSeparator string| mileSeparator object| telefonosNoAdmitidos object| regEx_not_number object| regEx_number_char object| regEx_not_number_dot_comma object| regEx_amount object| regEx_numbersdotcoma object| regEx_numbersdot object| regEx_numbers object| regEx_phone_with_space object| regEx_phone object| regEx_number object| regEx_number_consecutives_identical object| regEx_number_consecutives_sequential object| regEx_numbers_dot_comma object| regEx_alpha object| regEx_alpha_space object| regEx_alphanumeric_contains object| regEx_alpha_contain object| regEx_alphanumeric object| regEx_not_alphanumeric object| regEx_alphanumeric_min object| regEx_not_alphanumeric_min object| regEx_alphanumeric_space object| regEx_alphanumeric_space_alias object| regEx_alphanumeric_codearea object| regEx_alphanumeric_specialcharacters_space_alias object| regEx_charactersspecial_agenda_transferencia object| regEx_alphanumeric_space_enie object| regEx_alphanumeric_dot_guion object| regEx_alphanumeric_space_dot_comma object| regEx_alphanumeric_space_enie_dot_comma object| regEx_alphanumeric_enie_dot_comma object| regEx_alphanumeric_enie_dot_comma_alias object| regEx_alphanumeric_user object| regEx_alphanumeric_user_char_amount object| regEx_decimal_two_digits object| regEx_not_leading_whitespace object| regex_no_space object| regEx_mail object| regEx_writeMail object| reg_Domain object| reg_Date object| regEx_alpha_space_enie object| regEx_alpha_space_mark object| regEx_Longitud_6a20 object| regEx_Longitud_8a20 object| regEx_codArea2digitos object| regEx_codArea3digitos object| regEx_codArea4digitos number| cantidadEnteraDefault number| cantidadDecimalDefault number| RTD_TIPO_ACCION_NOTIFICACION_PRIMARIA number| RTD_TIPO_ACCION_NOTIFICACION_SECUNDARIA number| RTD_TIPO_ACCION_NOTIFICACION_CERRAR object| filterKeys string| EVENT_HOTJAR string| EVENT_OPERATION_SUCCESS string| EVENT_ADD_TO_CART string| HOTJAR_ATTRIBUTE string| OP_NAME_TARJETAS_PAGO string| STRING_EMPTY number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne string| SEP string| PAIR string| DEV string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| moment function| forceIE89Synchronicity object| aesjs function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| customcarousel function| Unipointer function| Unidragger function| TapListener function| imagesLoaded string| telegram_bot_id number| chat_id undefined| u_name undefined| pax undefined| pax2 undefined| ip undefined| ip2 function| ready function| sender

2 Cookies

Domain/Path Name / Value
han.gl/ Name: PHPSESSID
Value: jbtkcln6fbfrdfi5rpn34jde63
han.gl/ Name: short_1782327
Value: 1