www.login.galegomca.com Open in urlscan Pro
151.106.103.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.login.galegomca.com/
Submission: On September 05 via automatic, source certstream-suspicious (September 5th 2021, 12:34:16 pm UTC)

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 151.106.103.94, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is www.login.galegomca.com.
TLS certificate: Issued by R3 on September 5th 2021. Valid for: 3 months.

This is the only time www.login.galegomca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	151.106.103.94 151.106.103.94		47583 (AS-HOSTINGER) (AS-HOSTINGER)
8	1

8 151.106.103.94 (Germany)

ASN47583 (AS-HOSTINGER, CY)
PTR: orc.boxsecured.com

www.login.galegomca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	galegomca.com www.login.galegomca.com	60 KB
8	1

	Domain	Requested by
8	www.login.galegomca.com	www.login.galegomca.com
8	1

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
login.galegomca.com R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.login.galegomca.com/
Frame ID: 2441B535718D155A3AAAF60CB7EA1E19
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iniciando sesión en nuestro sitio con una cuenta de Google Account

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

60 kB
Transfer

216 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/v2.9/dialog/oauth?client_id=2605403873016688&state=d6f49b4a9280bcbf3e45f26a6632f662&response_type=code&sdk=php-sdk-5.5.0&redirect_uri=https%3A%2F%2Flogin.galegomca.com%2F&scope=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.login.galegomca.com/	2 KB 1 KB	466ms 155ms	Document text/html	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.login.galegomca.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / PHP/7.2.34 Resource Hash `bf6f6d8cb720d74a3ce99795b43f447e8212bf0764b6284e995f7093c42bc2e7` Request headers :method GET :authority www.login.galegomca.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-powered-by PHP/7.2.34 set-cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 content-length 923 content-encoding br vary Accept-Encoding,User-Agent,User-Agent date Sun, 05 Sep 2021 12:33:51 GMT server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	style.css www.login.galegomca.com/view/assets/css/	4 KB 1023 B	469ms 167ms	Stylesheet text/css	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.login.galegomca.com/view/assets/css/style.css Requested by Host: www.login.galegomca.com URL: https://www.login.galegomca.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / Resource Hash `61ca336010059f9ff69e64b69e05632b5bf411619f39b5c70c026cb1360b2423` Request headers :path /view/assets/css/style.css pragma no-cache cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.login.galegomca.com referer https://www.login.galegomca.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.login.galegomca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 12:33:51 GMT content-encoding br last-modified Wed, 14 Aug 2019 23:26:40 GMT server LiteSpeed vary Accept-Encoding,User-Agent,User-Agent content-type text/css cache-control public, max-age=2592000 accept-ranges bytes content-length 914 expires Tue, 05 Oct 2021 12:33:51 GMT
GET H2	200	font-awesome.min.css www.login.galegomca.com/view/assets/css/	23 KB 5 KB	470ms 168ms	Stylesheet text/css	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.login.galegomca.com/view/assets/css/font-awesome.min.css Requested by Host: www.login.galegomca.com URL: https://www.login.galegomca.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / Resource Hash `541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd` Request headers :path /view/assets/css/font-awesome.min.css pragma no-cache cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.login.galegomca.com referer https://www.login.galegomca.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.login.galegomca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 12:33:51 GMT content-encoding br last-modified Fri, 09 Feb 2018 01:35:50 GMT server LiteSpeed vary Accept-Encoding,User-Agent,User-Agent content-type text/css cache-control public, max-age=2592000 accept-ranges bytes content-length 5118 expires Tue, 05 Oct 2021 12:33:51 GMT
GET H2	200	materialize.css www.login.galegomca.com/view/assets/css/	9 KB 2 KB	607ms 305ms	Stylesheet text/css	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.login.galegomca.com/view/assets/css/materialize.css Requested by Host: www.login.galegomca.com URL: https://www.login.galegomca.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / Resource Hash `9b15196110c792caf53d1140fbf4f36b67c6fd420efeffdb28022e2acbe6adbe` Request headers :path /view/assets/css/materialize.css pragma no-cache cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.login.galegomca.com referer https://www.login.galegomca.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.login.galegomca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 12:33:51 GMT content-encoding br last-modified Fri, 09 Feb 2018 01:35:50 GMT server LiteSpeed vary Accept-Encoding,User-Agent,User-Agent content-type text/css cache-control public, max-age=2592000 accept-ranges bytes content-length 1802 expires Tue, 05 Oct 2021 12:33:51 GMT
GET H2	200	bootstrap.css www.login.galegomca.com/view/assets/css/	148 KB 20 KB	607ms 305ms	Stylesheet text/css	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.login.galegomca.com/view/assets/css/bootstrap.css Requested by Host: www.login.galegomca.com URL: https://www.login.galegomca.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / Resource Hash `e74168b745a7a1d34e9f5ddb8a950ae2a6e9d5ac9914765d9a19c5a86f13f25b` Request headers :path /view/assets/css/bootstrap.css pragma no-cache cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.login.galegomca.com referer https://www.login.galegomca.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.login.galegomca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 12:33:51 GMT content-encoding br last-modified Sat, 29 Jun 2019 19:26:38 GMT server LiteSpeed vary Accept-Encoding,User-Agent,User-Agent content-type text/css cache-control public, max-age=2592000 accept-ranges bytes content-length 20804 expires Tue, 05 Oct 2021 12:33:51 GMT
GET H2	200	custom.js Show response www.login.galegomca.com/view/assets/js/	61 B 149 B	620ms 319ms	Script application/javascript	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.login.galegomca.com/view/assets/js/custom.js Requested by Host: www.login.galegomca.com URL: https://www.login.galegomca.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / Resource Hash `20d949093c802a5d8ddd9ffcab1314993d7080dd822d14fd21254e7a5d8e6753` Request headers :path /view/assets/js/custom.js pragma no-cache cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority www.login.galegomca.com referer https://www.login.galegomca.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.login.galegomca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 12:33:51 GMT last-modified Fri, 09 Aug 2019 01:24:40 GMT server LiteSpeed vary User-Agent,User-Agent content-type application/javascript cache-control public, max-age=2592000 accept-ranges bytes content-length 61 expires Tue, 05 Oct 2021 12:33:51 GMT
GET H3-29	200	usuario.jpg www.login.galegomca.com/view/assets/img/	19 KB 19 KB	154ms 154ms	Image image/jpeg	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://www.login.galegomca.com/view/assets/img/usuario.jpg Requested by Host: www.login.galegomca.com URL: https://www.login.galegomca.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / Resource Hash `a30cd12259a0ad84b656189d99d8b2fb3f605b6d8c284fdb0e62169d281f3ee6` Request headers :path /view/assets/img/usuario.jpg pragma no-cache cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www.login.galegomca.com referer https://www.login.galegomca.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.login.galegomca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 12:33:51 GMT last-modified Sat, 29 Jun 2019 19:29:09 GMT server LiteSpeed vary User-Agent,User-Agent content-type image/jpeg cache-control max-age=2592000, public accept-ranges bytes content-length 19492 expires Mon, 05 Sep 2022 12:33:51 GMT
GET H3-29	200	fb.jpg www.login.galegomca.com/view/assets/img/	11 KB 11 KB	154ms 154ms	Image image/jpeg	151.106.103.94 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://www.login.galegomca.com/view/assets/img/fb.jpg Requested by Host: www.login.galegomca.com URL: https://www.login.galegomca.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 151.106.103.94 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS orc.boxsecured.com Software LiteSpeed / Resource Hash `371e586fe73d408db9353ec135cf085919423c669996c9bfe2e43931e092a6e8` Request headers :path /view/assets/img/fb.jpg pragma no-cache cookie demo_sesion_google=8cb6d599103fc18d7781165253e1cd40 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www.login.galegomca.com referer https://www.login.galegomca.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.login.galegomca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 12:33:51 GMT last-modified Wed, 14 Aug 2019 18:48:34 GMT server LiteSpeed vary User-Agent,User-Agent content-type image/jpeg cache-control max-age=2592000, public accept-ranges bytes content-length 11297 expires Mon, 05 Sep 2022 12:33:51 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| __

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.login.galegomca.com/	1969-12-31 23:59:59	Name: demo_sesion_google Value: 8cb6d599103fc18d7781165253e1cd40

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.login.galegomca.com
151.106.103.94
20d949093c802a5d8ddd9ffcab1314993d7080dd822d14fd21254e7a5d8e6753
371e586fe73d408db9353ec135cf085919423c669996c9bfe2e43931e092a6e8
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
61ca336010059f9ff69e64b69e05632b5bf411619f39b5c70c026cb1360b2423
9b15196110c792caf53d1140fbf4f36b67c6fd420efeffdb28022e2acbe6adbe
a30cd12259a0ad84b656189d99d8b2fb3f605b6d8c284fdb0e62169d281f3ee6
bf6f6d8cb720d74a3ce99795b43f447e8212bf0764b6284e995f7093c42bc2e7
e74168b745a7a1d34e9f5ddb8a950ae2a6e9d5ac9914765d9a19c5a86f13f25b