g4lici4a2.galiiciaaa.repl.co
Open in
urlscan Pro
34.149.204.188
Malicious Activity!
Public Scan
Effective URL: http://g4lici4a2.galiiciaaa.repl.co/
Submission Tags: replit-anti-abuse
Submission: On August 27 via api from US — Scanned from DE
Summary
This is the only time g4lici4a2.galiiciaaa.repl.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Galicia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 34.149.204.188 34.149.204.188 | 15169 (GOOGLE) (GOOGLE) | |
13 | 1 |
ASN15169 (GOOGLE, US)
PTR: 188.204.149.34.bc.googleusercontent.com
g4lici4a2.galiiciaaa.repl.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
repl.co
g4lici4a2.galiiciaaa.repl.co |
3 MB |
13 | 1 |
Domain | Requested by | |
---|---|---|
13 | g4lici4a2.galiiciaaa.repl.co |
g4lici4a2.galiiciaaa.repl.co
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://g4lici4a2.galiiciaaa.repl.co/
Frame ID: 532C70BBE110BFB46FB7893D4F8A95C1
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
g4lici4a2.galiiciaaa.repl.co/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
g4lici4a2.galiiciaaa.repl.co/fis/ |
121 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.min.css
g4lici4a2.galiiciaaa.repl.co/fis/ |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keyboard.css
g4lici4a2.galiiciaaa.repl.co/fis/ |
492 B 685 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simple-keyboard.css
g4lici4a2.galiiciaaa.repl.co/fis/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
customcarousel.min.css
g4lici4a2.galiiciaaa.repl.co/fis/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
titl.png
g4lici4a2.galiiciaaa.repl.co/fis/ |
902 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tecl.png
g4lici4a2.galiiciaaa.repl.co/fis/ |
409 B 588 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
g4lici4a2.galiiciaaa.repl.co/fis/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
burbu.png
g4lici4a2.galiiciaaa.repl.co/fis/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Inter-Regular.woff2
g4lici4a2.galiiciaaa.repl.co/Content/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Inter-Regular.woff
g4lici4a2.galiiciaaa.repl.co/Content/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Inter-Regular.ttf
g4lici4a2.galiiciaaa.repl.co/Content/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Galicia (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
g4lici4a2.galiiciaaa.repl.co
34.149.204.188
38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85
82bc584fee883c53f99cabf1cd92931813e35383a44fcd706ad38ddd65bb9bf9
8e27e296aeb1826feeced5e7861de03cedbba440e74e6abc73d7cb5541e68c39
ae9668d3cd1491510cbd1e97a1e1bb47cfc1d2fd59adfb4ad59a9e73de1ba88d
be9d8f21c2d215622dee4fdfbf605fa1e6fbd8830553aba34140b5b47aea1863
c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233
ce9a1fdeca6947e1d7dad81bdd07a0b7633c4114eedb312574280d5e0bee36c4
e854776c611f6246074b3deaa598e832f293b264fca5f3587089035a2309ed92
f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad