www.galiciaccess.com Open in urlscan Pro
3.93.18.197 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.galiciaccess.com/
Submission: On February 10 via api (February 10th 2023, 8:03:32 pm UTC) from JP — Scanned from JP

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 3.93.18.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.galiciaccess.com.

This is the only time www.galiciaccess.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Galicia (Banking)

Domain & IP information

	IP Address	AS Autonomous System
22	3.93.18.197 3.93.18.197	14618 (AMAZON-AES) (AMAZON-AES)
4	13.230.130.48 13.230.130.48	16509 (AMAZON-02) (AMAZON-02)
1	151.101.67.10 151.101.67.10	54113 (FASTLY) (FASTLY)
2	2600:140b:1a0... 2600:140b:1a00:1b0::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.196.44.15 52.196.44.15	16509 (AMAZON-02) (AMAZON-02)
1 1	13.228.154.11 13.228.154.11	16509 (AMAZON-02) (AMAZON-02)
1	52.68.152.188 52.68.152.188	16509 (AMAZON-02) (AMAZON-02)
2 2	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	13.214.79.66 13.214.79.66	16509 (AMAZON-02) (AMAZON-02)
33	7

22 3.93.18.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-18-197.compute-1.amazonaws.com

www.galiciaccess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.230.130.48 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-130-48.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.67.10 (United States)

ASN54113 (FASTLY, US)

www.galicia.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:1a00:1b0::1e80 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.196.44.15 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-44-15.ap-northeast-1.compute.amazonaws.com

galiciabanco.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.154.11 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-154-11.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.68.152.188 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-152-188.ap-northeast-1.compute.amazonaws.com

galiciabanco.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ef3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.214.79.66 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-79-66.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	galiciaccess.com www.galiciaccess.com	2 MB
6	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 206 galiciabanco.demdex.net — Cisco Umbrella Rank: 551890	9 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 797	873 B
2	navdmp.com 1 redirects navdmp.com — Cisco Umbrella Rank: 4691 cdn.navdmp.com — Cisco Umbrella Rank: 6008	231 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 211	958 B
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 483	1 KB
1	omtrdc.net galiciabanco.tt.omtrdc.net — Cisco Umbrella Rank: 575860	926 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1049	517 B
1	galicia.ar www.galicia.ar — Cisco Umbrella Rank: 575031	227 KB
33	9

	Domain	Requested by
22	www.galiciaccess.com	www.galiciaccess.com
4	dpm.demdex.net	www.galiciaccess.com
2	sync.crwdcntrl.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	galiciabanco.demdex.net	www.galiciaccess.com
2	assets.adobedtm.com	www.galiciaccess.com
1	cdn.navdmp.com	www.galiciaccess.com
1	navdmp.com	1 redirects
1	galiciabanco.tt.omtrdc.net	www.galiciaccess.com
1	cm.everesttech.net	1 redirects
1	www.galicia.ar	www.galiciaccess.com
33	11

This site contains no links.

Subject Issuer	Validity	Valid
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
www.galicia.ar DigiCert TLS RSA SHA256 2020 CA1	`2022-03-11` - `2023-03-14`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://www.galiciaccess.com/
Frame ID: D91938565423141C6FA3FE92185DC057
Requests: 26 HTTP requests in this frame

Frame: http://www.galiciaccess.com/fas/logo.svg
Frame ID: 43439EA5D913A3F01065C1AD0E97739A
Requests: 1 HTTP requests in this frame

Frame: http://www.galiciaccess.com/fas/saved_resource
Frame ID: E680C48D900BB5BC6137C76A0DC322FE
Requests: 1 HTTP requests in this frame

Frame: http://www.galiciaccess.com/fas/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 081A53D8AD532CB5B3574AC83E4305BC
Requests: 1 HTTP requests in this frame

Frame: https://galiciabanco.demdex.net/dest5.html?d_nsid=0
Frame ID: D8CEC6AD23C67BA0601AF4C6051682C8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inicio

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

33
Requests

15 %
HTTPS

20 %
IPv6

9
Domains

11
Subdomains

7
IPs

3
Countries

2101 kB
Transfer

2097 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://cm.everesttech.net/cm/dd?d_uuid=71100133392289141573853565468645531404 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ajDwAAAHmAkgM8

Request Chain 24

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzExMDAxMzMzOTIyODkxNDE1NzM4NTM1NjU0Njg2NDU1MzE0MDQ= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzExMDAxMzMzOTIyODkxNDE1NzM4NTM1NjU0Njg2NDU1MzE0MDQ=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBOiBYhf5a8ulXKQbEMjAv0&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 27

https://navdmp.com/req?adID=71100133392289141573853565468645531404 HTTP 301
https://cdn.navdmp.com/req?adID=71100133392289141573853565468645531404

Request Chain 29

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=71100133392289141573853565468645531404?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=71100133392289141573853565468645531404?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=bff050259160f265fb6ceb7f594021df

Request Chain 31

http://galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1676059408456 HTTP 307
https://galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1676059408456

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.galiciaccess.com/ 31 KB
32 KB 1670ms
297ms Document
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 695c87bec89338fee95f5a60e50585608827b1744c4b5f65637e606b494941f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 32210
Content-Type: text/html
Date: Fri, 10 Feb 2023 20:03:24 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 10 Feb 2023 10:49:57 GMT
Server: Apache

GET
H/1.1 200
OK bootstrap.min.css
www.galiciaccess.com/fas/ 121 KB
121 KB 162ms
162ms Stylesheet
text/css 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/bootstrap.min.css
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:24 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:28 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 123758

GET
H/1.1 200
OK default.min.css
www.galiciaccess.com/fas/ 1 MB
1 MB 583ms
292ms Stylesheet
text/css 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/default.min.css
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 29b48a438480135c0ca95a470235b5427e3fa646f04308ff9d1ae857e1d2ddfd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:25 GMT
Last-Modified: Sat, 04 Feb 2023 01:08:54 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1431196

GET
H/1.1 200
OK keyboard.css
www.galiciaccess.com/fas/ 492 B
733 B 584ms
293ms Stylesheet
text/css 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/keyboard.css
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:25 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:28 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 492

GET
H/1.1 200
OK simple-keyboard.css
www.galiciaccess.com/fas/ 3 KB
3 KB 590ms
297ms Stylesheet
text/css 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/simple-keyboard.css
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:25 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:28 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2790

GET
H/1.1 200
OK launch-121f57795303.min.js Show response
www.galiciaccess.com/fas/ 269 KB
270 KB 297ms
297ms Script
application/javascript 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/launch-121f57795303.min.js
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 010d164b9688f3b15600cf1a4909c41d6b0ece18d6ef1761a9969c6d414924c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:25 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 275747

GET
H/1.1 200
OK saved_resource Show response
www.galiciaccess.com/fas/ 959 B
1 KB 297ms
297ms Script
text/plain 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/saved_resource
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:26 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:30 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 959

GET
H/1.1 200
OK simple-keyboard.min.js.descarga Show response
www.galiciaccess.com/fas/ 20 KB
20 KB 299ms
297ms Script
application/javascript 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/simple-keyboard.min.js.descarga
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7e921853f362fcf37da6f2eb321fd8934d0106ee76d1e0af3741089580410257

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:25 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20223

GET
H/1.1 200
OK polyfill.js.descarga Show response
www.galiciaccess.com/fas/ 2 KB
2 KB 348ms
174ms Script
application/javascript 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/polyfill.js.descarga
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5673590a864ab325ebe5ae1ebd0abbd38ee3cc3713c3bc8a0a72a3cc3ccd73cf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:25 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1782

GET
H/1.1 200
OK keyboard.js.descarga Show response
www.galiciaccess.com/fas/ 6 KB
6 KB 583ms
291ms Script
application/javascript 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/keyboard.js.descarga
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ea4068cbd9eeb14497343b7f0584a42a42f9d64909aa38c781bb76ac0d9dc372

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:25 GMT
Last-Modified: Fri, 03 Feb 2023 23:31:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6244

GET
H/1.1 200
OK logo.svg
www.galiciaccess.com/encriptdate_files/ 5 KB
5 KB 297ms
297ms Image
image/svg+xml 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.galiciaccess.com/encriptdate_files/logo.svg
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/fas/default.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Last-Modified: Sat, 04 Feb 2023 00:25:52 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5199

GET
H/1.1 404
Not Found Inter-Regular.woff2
www.galiciaccess.com/Content/fonts/ 0
0 291ms
291ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/Inter-Regular.woff2
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found galicia-ui.ttf
www.galiciaccess.com/Content/fonts/ 0
0 292ms
292ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/galicia-ui.ttf?8esgb8
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found fontawesome-webfont.woff2
www.galiciaccess.com/Content/fonts/ 0
0 162ms
162ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/fontawesome-webfont.woff2
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 1007 B
1 KB 107ms
5ms XHR
application/json 13.230.130.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DF3360B65E15FFB70A495C4A%40AdobeOrg&d_nsid=0&ts=1676059407091

Requested by

Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/launch-121f57795303.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.230.130.48 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-230-130-48.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

04b4cb746c3b3465bfe51c87184a9fd70ce1948b7e06fac2e37425ba2024b0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.galiciaccess.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-tyo3-1-v043-0c022ed68.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: wBOOHXnZT5A=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://www.galiciaccess.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 572
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 404
Not Found logo.svg Show response
www.galiciaccess.com/fas/ Frame 4343 315 B
515 B 174ms
174ms Document
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/logo.svg
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: http://www.galiciaccess.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 10 Feb 2023 20:03:27 GMT
Keep-Alive: timeout=5, max=99
Server: Apache

GET
H/1.1 200
OK saved_resource Show response
www.galiciaccess.com/fas/ Frame E680 959 B
1 KB 297ms
297ms Document
text/plain 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/saved_resource
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631

Request headers

Referer: http://www.galiciaccess.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 959
Date: Fri, 10 Feb 2023 20:03:27 GMT
Keep-Alive: timeout=5, max=98
Last-Modified: Fri, 03 Feb 2023 23:31:30 GMT
Server: Apache

GET
H/1.1 200
OK box-e031119f9e9e307a08fa610f85dbfb52.html Show response
www.galiciaccess.com/fas/ Frame 081A 2 KB
3 KB 288ms
161ms Document
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/fas/box-e031119f9e9e307a08fa610f85dbfb52.html
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 87bf672763c35ce697f491f553487271fbbddb8730bcdca418a70a0c696cdca0

Request headers

Referer: http://www.galiciaccess.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 2509
Content-Type: text/html
Date: Fri, 10 Feb 2023 20:03:27 GMT
Keep-Alive: timeout=5, max=98
Last-Modified: Fri, 03 Feb 2023 23:31:30 GMT
Server: Apache

GET
H2 200 App-2.jpg
www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/ 227 KB
227 KB 267ms
3ms Image
image/jpeg 151.101.67.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.galicia.ar/content/dam/galicia/banco-galicia/personas/canales/onb/ONBGallery/ilustraciones/App-2.jpg

Requested by

Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.67.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5f35283bd1018c2a477ae7ac1818f05bcac581b2910d3a104984602f959f4df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:03:27 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
last-modified: Mon, 29 Aug 2022 13:47:04 GMT
age: 1238
x-timer: S1676059407.400008,VS0,VS0,VE1
etag: "0x8DA89C4F4D104C7"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=86400,stale-while-revalidate=43200,stale-if-error=43200
content-disposition: inline
accept-ranges: bytes
content-length: 231967
x-served-by: cache-nrt-rjtf7700042-NRT

GET
H2 200 RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js Show response
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/b34aafac6332/ 1011 B
810 B 27ms
9ms Script
application/x-javascript 2600:140b:1a00:1b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/b34aafac6332/RC66fa2a34a0a9451089445bfcda97f3fc-source.min.js
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/launch-121f57795303.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:1b0::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fdca17b2cfd530a25ee79ed9606c310d7d8e7b5905faba1867274988f89c2523

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:03:27 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 13:32:18 GMT
server: AkamaiNetStorage
etag: "2a4b70d5dc383910fbb5fbcb92da65c3:1672752738.51937"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://www.galiciaccess.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 543
expires: Fri, 10 Feb 2023 21:03:27 GMT

GET
H2 200 RCa6a6f4ccacd34f08a039964c04e81646-source.min.js Show response
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/b34aafac6332/ 350 B
486 B 3ms
3ms Script
application/x-javascript 2600:140b:1a00:1b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/b34aafac6332/RCa6a6f4ccacd34f08a039964c04e81646-source.min.js
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/launch-121f57795303.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:1b0::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: af48939a059d66939273287594610ef8ef7248a7e861e0e4a4dd9a5b336e2caa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:03:27 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 13:32:18 GMT
server: AkamaiNetStorage
etag: "2a4b70d5dc383910fbb5fbcb92da65c3:1672752738.51937"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://www.galiciaccess.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 220
expires: Fri, 10 Feb 2023 21:03:27 GMT

GET
H/1.1 200
OK dest5.html Show response
galiciabanco.demdex.net/ Frame D8CE 7 KB
3 KB 78ms
8ms Document
text/html 52.196.44.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://galiciabanco.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/launch-121f57795303.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.196.44.15 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-44-15.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.galiciaccess.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-tyo3-1-v043-0b5e0a709.edge-tyo3.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CXUq9wwvQdI=
content-encoding: gzip
date: Fri, 10 Feb 2023 20:03:27 GMT
last-modified: Wed, 8 Feb 2023 11:26:53 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y_ajDwAAAHmAkgM8
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=71100133392289141573853565468645531404
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ajDwAAAHmAkgM8

42 B
942 B

9ms
8ms

Image
image/gif

13.230.130.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ajDwAAAHmAkgM8

Requested by

Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/

Protocol

HTTP/1.1

Server

13.230.130.48 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-230-130-48.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v043-07f156f9d.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IZ/7a+PTQcY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ajDwAAAHmAkgM8
Date: Fri, 10 Feb 2023 20:03:27 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H/1.1 200 delivery Show response
galiciabanco.tt.omtrdc.net/rest/v1/ 355 B
926 B 28ms
17ms XHR
application/json 52.68.152.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://galiciabanco.tt.omtrdc.net/rest/v1/delivery?client=galiciabanco&sessionId=39484b3a7490444281f21f3cd1b22b5e&version=2.10.0
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/launch-121f57795303.min.js
Protocol: HTTP/1.1
Server: 52.68.152.188 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-152-188.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8dc05d59c50cf311522f087c7d117483c4ad0a8c19e1f6ad418e192f09267b0e

Request headers

Referer: http://www.galiciaccess.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Content-Encoding: gzip
Accept-CH: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
Transfer-Encoding: chunked
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: http://www.galiciaccess.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-ID: 3d32938e8c4f77e20ce12950ff1dcb0b

GET
H/1.1 404
Not Found fontawesome-webfont.woff
www.galiciaccess.com/Content/fonts/ 0
0 222ms
174ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/fontawesome-webfont.woff
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEBOiBYhf5a8ulXKQbEMjAv0&google_cver=1
dpm.demdex.net/ Frame D8CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzExMDAxMzMzOTIyODkxNDE1NzM4NTM1NjU0Njg2NDU1MzE0MDQ=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzExMDAxMzMzOTIyODkxNDE1NzM4NTM1NjU0Njg2NDU1MzE0MDQ=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBOiBYhf5a8ulXKQbEMjAv0&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

5ms
5ms

Image
image/gif

13.230.130.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBOiBYhf5a8ulXKQbEMjAv0&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/

Protocol

HTTP/1.1

Server

13.230.130.48 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-230-130-48.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://galiciabanco.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v043-0e4eb94a3.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: efE4KTLiQe8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 10 Feb 2023 20:03:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBOiBYhf5a8ulXKQbEMjAv0&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found Inter-Regular.woff
www.galiciaccess.com/Content/fonts/ 0
0 292ms
291ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/Inter-Regular.woff
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found galicia-ui.woff
www.galiciaccess.com/Content/fonts/ 0
0 293ms
293ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/galicia-ui.woff?8esgb8
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

req
cdn.navdmp.com/ Frame D8CE
Redirect Chain

https://navdmp.com/req?adID=71100133392289141573853565468645531404
https://cdn.navdmp.com/req?adID=71100133392289141573853565468645531404

6 B
77 B

180ms
173ms

Image
application/x-javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.navdmp.com/req?adID=71100133392289141573853565468645531404
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://galiciabanco.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:03:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 797772c18e1b2612-NRT
content-length: 6
content-type: application/x-javascript

Redirect headers

location: https://cdn.navdmp.com/req?adID=71100133392289141573853565468645531404
date: Fri, 10 Feb 2023 20:03:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 797772c07da62612-NRT
content-type: text/html

GET
H/1.1 404
Not Found fontawesome-webfont.ttf
www.galiciaccess.com/Content/fonts/ 0
0 175ms
174ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/fontawesome-webfont.ttf
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=bff050259160f265fb6ceb7f594021df
dpm.demdex.net/ Frame D8CE
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=71100133392289141573853565468645531404?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=71100133392289141573853565468645531404?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=bff050259160f265fb6ceb7f594021df

42 B
942 B

6ms
6ms

Image
image/gif

13.230.130.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=bff050259160f265fb6ceb7f594021df

Requested by

Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/

Protocol

HTTP/1.1

Server

13.230.130.48 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-230-130-48.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://galiciabanco.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v043-03cbf5cbd.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lw5Um7+lTNI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 10 Feb 2023 20:03:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=bff050259160f265fb6ceb7f594021df
cache-control: no-cache
x-server: 10.42.3.156
content-length: 0
expires: 0

GET
H/1.1 404
Not Found Inter-Regular.ttf
www.galiciaccess.com/Content/fonts/ 0
0 293ms
291ms Font
text/html 3.93.18.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.galiciaccess.com/Content/fonts/Inter-Regular.ttf
Requested by: Host: www.galiciaccess.com
URL: http://www.galiciaccess.com/fas/default.min.css
Protocol: HTTP/1.1
Server: 3.93.18.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-93-18-197.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: http://www.galiciaccess.com/fas/default.min.css
Origin: http://www.galiciaccess.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 20:03:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1

200
OK

event Show response
galiciabanco.demdex.net/
Redirect Chain

http://galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1676059408456
https://galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1676059408456

753 B
1 KB

11ms
10ms

XHR
application/json

52.196.44.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1676059408456

Protocol

HTTP/1.1

Server

52.196.44.15 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-196-44-15.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

3752a2d63084ceeedef04245f73fa6b0ec1aeb5a927f385a4bba6c43ecbff8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.galiciaccess.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v043-03c30599b.edge-tyo3.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: zLU/FWZ9RPs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: null
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 439
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://galiciabanco.demdex.net/event?d_dil_ver=9.5&_ts=1676059408456
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://www.galiciaccess.com
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Galicia (Banking)

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.galiciaccess.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 13:53:31	Name: demdex Value: 71100133392289141573853565468645531404
.www.galiciaccess.com/	1969-12-31 23:59:59	Name: AMCVS_DF3360B65E15FFB70A495C4A%40AdobeOrg Value: 1
.galiciaccess.com/	1970-01-20 19:10:19	Name: mbox Value: session#39484b3a7490444281f21f3cd1b22b5e#1676061268\|PC#39484b3a7490444281f21f3cd1b22b5e.32_0#1739304208
.doubleclick.net/	1970-01-20 19:10:19	Name: IDE Value: AHWqTUklVTmlpgO8ZkBB4AAwrBjMH2w5BryibF-pXfe8ZleUyW7bDMr28mBczTrMNC8
.dpm.demdex.net/	1970-01-20 13:53:31	Name: dpm Value: 71100133392289141573853565468645531404
.demdex.net/	1970-01-20 13:53:31	Name: dextp Value: 771-1-1676059407317\|822-1-1676059407418\|121998-1-1676059407519
.everesttech.net/	1970-01-20 18:19:55	Name: everest_g_v2 Value: g_surferid~Y_ajDwAAAHmAkgM8
.www.galiciaccess.com/	1970-01-20 19:10:19	Name: AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg Value: 179643557%7CMCIDTS%7C19399%7CMCMID%7C77653026849302473404328715362455835725%7CMCAAMLH-1676664207%7C11%7CMCAAMB-1676664207%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676066607s%7CNONE%7CMCSYNCSOP%7C411-19406%7CvVersion%7C5.5.0
.crwdcntrl.net/	1970-01-20 16:03:07	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 16:03:07	Name: _cc_id Value: bff050259160f265fb6ceb7f594021df
.galiciaccess.com/	1970-01-20 10:17:31	Name: aam_uuid Value: 71100133392289141573853565468645531404

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.galiciaccess.com/Content/fonts/fontawesome-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/fas/logo.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/Content/fonts/Inter-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/Content/fonts/galicia-ui.ttf?8esgb8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/Content/fonts/fontawesome-webfont.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/Content/fonts/fontawesome-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/Content/fonts/Inter-Regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/Content/fonts/galicia-ui.woff?8esgb8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.galiciaccess.com/Content/fonts/Inter-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.navdmp.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
galiciabanco.demdex.net
galiciabanco.tt.omtrdc.net
navdmp.com
sync.crwdcntrl.net
www.galicia.ar
www.galiciaccess.com
13.214.79.66
13.228.154.11
13.230.130.48
142.251.42.162
151.101.67.10
2600:140b:1a00:1b0::1e80
2606:4700::6810:ef3
3.93.18.197
52.196.44.15
52.68.152.188
010d164b9688f3b15600cf1a4909c41d6b0ece18d6ef1761a9969c6d414924c5
04b4cb746c3b3465bfe51c87184a9fd70ce1948b7e06fac2e37425ba2024b0f1
29b48a438480135c0ca95a470235b5427e3fa646f04308ff9d1ae857e1d2ddfd
3752a2d63084ceeedef04245f73fa6b0ec1aeb5a927f385a4bba6c43ecbff8f7
38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763
5673590a864ab325ebe5ae1ebd0abbd38ee3cc3713c3bc8a0a72a3cc3ccd73cf
5f35283bd1018c2a477ae7ac1818f05bcac581b2910d3a104984602f959f4df9
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85
695c87bec89338fee95f5a60e50585608827b1744c4b5f65637e606b494941f6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e921853f362fcf37da6f2eb321fd8934d0106ee76d1e0af3741089580410257
87bf672763c35ce697f491f553487271fbbddb8730bcdca418a70a0c696cdca0
8dc05d59c50cf311522f087c7d117483c4ad0a8c19e1f6ad418e192f09267b0e
af48939a059d66939273287594610ef8ef7248a7e861e0e4a4dd9a5b336e2caa
b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a
c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233
c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4068cbd9eeb14497343b7f0584a42a42f9d64909aa38c781bb76ac0d9dc372
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdca17b2cfd530a25ee79ed9606c310d7d8e7b5905faba1867274988f89c2523

www.galiciaccess.com Open in urlscan Pro 3.93.18.197 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

15 %HTTPS

20 %IPv6

9 Domains

11 Subdomains

7 IPs

3 Countries

2101 kBTransfer

2097 kBSize

12 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.galiciaccess.com Open in urlscan Pro
3.93.18.197 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

15 %
HTTPS

20 %
IPv6

9
Domains

11
Subdomains

7
IPs

3
Countries

2101 kB
Transfer

2097 kB
Size

12
Cookies

33 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!