ipv6.3-142-50-16.cprapid.com
Open in
urlscan Pro
3.142.50.16
Malicious Activity!
Public Scan
URL:
https://ipv6.3-142-50-16.cprapid.com/
Submission: On June 20 via api from US — Scanned from DE
Submission: On June 20 via api from US — Scanned from DE
Summary
This website contacted 9 IPs
in 4 countries
across 6 domains to perform 59 HTTP transactions.
The main IP is 3.142.50.16, located in
Columbus, United States and
belongs to AMAZON-02, US.
The main domain is ipv6.3-142-50-16.cprapid.com.
TLS certificate: Issued by myseedifiy.click on June 19th 2024. Valid for: a year.
This is the only time ipv6.3-142-50-16.cprapid.com was scanned on urlscan.io!
TLS certificate: Issued by myseedifiy.click on June 19th 2024. Valid for: a year.
This is the only time ipv6.3-142-50-16.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Galicia (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 45 | 3.142.50.16 3.142.50.16 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 2600:1f18:18e... 2600:1f18:18ef:ed12:6f8d:edee:422:9f21 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 2606:4700:20:... 2606:4700:20::681a:7f1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:829::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:400c:c0a::9c | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 66.235.152.221 66.235.152.221 | 15224 (OMNITURE) (OMNITURE) | |
| 1 | 161.190.1.33 161.190.1.33 | 13474 (Banco de ...) (Banco de Galicia y Buenos Aires) | |
| 59 | 9 |
45
3.142.50.16
(Columbus, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-50-16.us-east-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-50-16.us-east-2.compute.amazonaws.com
| ipv6.3-142-50-16.cprapid.com |
4
2600:1f18:18ef:ed12:6f8d:edee:422:9f21
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| sifo.bancogalicia.com.ar |
2
2a00:1450:4001:80b::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
2a00:1450:4001:829::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
66.235.152.221
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-221.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-221.data.adobedc.net
| target.wsec06.bancogalicia.com.ar |
1
161.190.1.33
(Buenos Aires, Argentina)
ASN13474 (Banco de Galicia y Buenos Aires, AR)
PTR: wsec06.bancogalicia.com.ar
ASN13474 (Banco de Galicia y Buenos Aires, AR)
PTR: wsec06.bancogalicia.com.ar
| wsec06.bancogalicia.com.ar |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 45 |
cprapid.com
ipv6.3-142-50-16.cprapid.com |
3 MB |
| 6 |
bancogalicia.com.ar
sifo.bancogalicia.com.ar target.wsec06.bancogalicia.com.ar wsec06.bancogalicia.com.ar |
146 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
199 KB |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136 |
355 B |
| 1 |
bgsensors.co
gal.bgsensors.co |
832 B |
| 59 | 6 |
| Domain | Requested by | |
|---|---|---|
| 45 | ipv6.3-142-50-16.cprapid.com |
ipv6.3-142-50-16.cprapid.com
|
| 4 | sifo.bancogalicia.com.ar |
ipv6.3-142-50-16.cprapid.com
sifo.bancogalicia.com.ar |
| 3 | www.google-analytics.com |
ipv6.3-142-50-16.cprapid.com
www.googletagmanager.com |
| 2 | www.googletagmanager.com |
ipv6.3-142-50-16.cprapid.com
www.googletagmanager.com |
| 1 | wsec06.bancogalicia.com.ar | |
| 1 | target.wsec06.bancogalicia.com.ar |
ipv6.3-142-50-16.cprapid.com
|
| 1 | stats.g.doubleclick.net |
ipv6.3-142-50-16.cprapid.com
|
| 1 | gal.bgsensors.co |
ipv6.3-142-50-16.cprapid.com
|
| 59 | 8 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.bancogalicia.com |
| wsec06.bancogalicia.com.ar |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| myseedifiy.click myseedifiy.click |
2024-06-19 - 2025-06-19 |
a year | crt.sh |
| sifo.bancogalicia.com.ar DigiCert EV RSA CA G2 |
2024-02-15 - 2025-02-18 |
a year | crt.sh |
| bgsensors.co GTS CA 1P5 |
2024-05-29 - 2024-08-27 |
3 months | crt.sh |
| *.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
| *.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
| target.wsec06.bancogalicia.com.ar DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-06-11 - 2025-06-10 |
a year | crt.sh |
| wsec06.bancogalicia.com.ar DigiCert EV RSA CA G2 |
2024-03-11 - 2025-03-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ipv6.3-142-50-16.cprapid.com/
Frame ID: 7725FDB60E1CB2D05A6335226355334A
Requests: 58 HTTP requests in this frame
Screenshot
Page Title
Office BankingDetected technologies
Prototype
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: http://www.bancogalicia.com/banca/online/web/Empresas
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Home/Enroll/
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Home/ServiceSecurityInformation/
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Home/TermsAndConditions/
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Home/SystemRequirementsStatus/
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Home/MensajesAlBanco/
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Users/LogIn/
Title: Ingreso
Title: Ingreso
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Users/OlvideMiClave
Title: Desbloquear/crear nueva clave de acceso
Title: Desbloquear/crear nueva clave de acceso
Search URL Search Domain Scan URL
URL: https://wsec06.bancogalicia.com.ar/Users/OlvideMiUsuario
Title: Recuperar nombre de usuario
Title: Recuperar nombre de usuario
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
59 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
ipv6.3-142-50-16.cprapid.com/ |
52 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
keyboard.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
503 B 744 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
simple-keyboard.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.10.3.custom.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
33 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
262 KB 262 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SiderBar.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
analytics.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
52 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js
ipv6.3-142-50-16.cprapid.com/index_files/ |
275 KB 275 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gtm.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
383 KB 383 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.7.2.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
93 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.10.3.custom.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
440 KB 440 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Core.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
96 KB 97 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sessvars.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
7 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
GOPrototypes.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
51 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SideBar.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Barrett.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BigInt.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
15 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RsaWPadding.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hashtable.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
14 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rsa.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
37 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
launch-de55e9a10fa1.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
215 KB 215 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource
ipv6.3-142-50-16.cprapid.com/index_files/ |
959 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ad1a29c5.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
804 KB 805 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-galicia-new.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-ob.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-banner-08.jpg
ipv6.3-142-50-16.cprapid.com/index_files/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
borders.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
simple-keyboard.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
20 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
polyfill.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
keyboard.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Core.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
96 KB 97 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.js
sifo.bancogalicia.com.ar/scriptdealer/script/v1/386enn/ |
141 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/ |
67 B 832 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
383 KB 118 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
l-accesos.png
ipv6.3-142-50-16.cprapid.com/images/commons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon-commons.png
ipv6.3-142-50-16.cprapid.com/images/commons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon-buttons.png
ipv6.3-142-50-16.cprapid.com/images/commons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fa-regular-400.woff2
ipv6.3-142-50-16.cprapid.com/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/ |
35 B 250 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 355 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fa-regular-400.woff
ipv6.3-142-50-16.cprapid.com/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
TestEncrypt
ipv6.3-142-50-16.cprapid.com/Users/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
PilotoImagenLogin
ipv6.3-142-50-16.cprapid.com/Home/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fa-regular-400.ttf
ipv6.3-142-50-16.cprapid.com/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-banner-00.jpg
ipv6.3-142-50-16.cprapid.com/Images/Banners/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
83ddb065-727e-4441-b011-699f9b62fd17
https://ipv6.3-142-50-16.cprapid.com/ |
190 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
interact
target.wsec06.bancogalicia.com.ar/ee/v1/ |
1 KB 912 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
pageFeatures
sifo.bancogalicia.com.ar/requestserver/rest/v1/ |
115 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
wsec06.bancogalicia.com.ar/Images/ |
2 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
pageFeatures
sifo.bancogalicia.com.ar/requestserver/rest/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
screenshot
sifo.bancogalicia.com.ar/requestserver/rest/v1/ |
0 662 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-galicia-new.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-ob.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-banner-08.jpg
ipv6.3-142-50-16.cprapid.com/index_files/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-banner-00.jpg
ipv6.3-142-50-16.cprapid.com/Images/Banners/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Galicia (Banking)380 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| BigInt undefined| event object| fence object| sharedStorage function| $ function| jQuery function| fixDividedTableWidth function| UpdateTableAligns function| closePendantMsgTooltipsPendant function| disableInputs function| slideSwitch function| alterTableStyles function| LogInfoClientCustom function| LogInfoClientCustomWarning function| printObj string| decimalSeparator string| mileSeparator object| regEx_numbers object| regEx_alpha object| regEx_alpha_space object| regEX_noNumbers object| regEx_alphanumeric object| regEx_alphanumeric_without_hyphen_underscore object| regEx_alphanumeric_without_hyphen_underscore_all object| regEx_alphanumeric_space object| regex_no_space object| regEx_mail_1 object| regEx_mail_2 object| reg_Domain object| regEx_Alias object| regEx_InternalComment object| regEx_alphanumeric_withonly_space object| regEx_alphanumeric_space_enie_dot_comma object| regEx_alphanumeric_withmail object| regEx_transfExtNif object| regEx_transfExt object| regEx_numbersTRX function| RenewTimeOut function| RenewTimeOutRefresh object| timeOutMinutes undefined| _countDownTimerTimeOut function| RenewTimeOutClientSide function| InsideCookie object| RefreshV4TimeOutCount function| RenewRefreshV4 function| RenewTimeoutCookie function| getCookie function| RenewTimeOutServerSide function| SincronizarCookies boolean| isExternalSite function| TimeOutAlert function| GOToPermisosDeUsuarios function| showHelp function| ObtenerDetalleMensajeAyuda function| Terminosycondiciones function| createAACookie function| createCookieAA function| createCookie function| readCookie function| clearCookie function| clearAllCookies function| getCurrentDecimalSeparator function| getIntPart function| getDecPart function| toFloat function| formatNmbToMiles function| formatNumberWithSeparators function| setNavigationHTML function| restoreNavigationHTML function| Link function| PostTo function| PostToParams function| base64encode function| OnJsError function| OnJsErrorDetailed function| IsAjaxError function| IsAjaxCheckedError function| OnAjaxError function| OnAjaxError1 function| OnAjaxCheckedError function| ReplaceDots function| GetAjaxJsonErrorDescription function| ShowUserInbox function| InboxOnClose function| CreateDatePicker function| WindowOpen function| WindowOpenSite function| CenterElement function| MsgBox function| MsgBoxV1 function| Back function| goToControllerAction function| goToMenuLinkModule function| ShowFAQ function| GetAlertasPendientes function| ValidateRegExOnEvent function| ValidateRegEx function| isFloat function| trim function| Empty function| trimSpaces function| trimNonDigits function| RemoveNonNumericCharacters function| CheckMaxLength function| CheckPasteMaxLength function| CheckNumericAndMaxLenght function| ValidateEmail function| SelectAll function| validateNifOnKeyUp function| validateNifOnPaste function| validateTrxExt function| validateTrxExtOnPaste function| validateNumbers function| validateAliasCBU function| validateCaracters function| validateAliasCBUOnKeyUp function| validateInputOnPaste function| validAmount function| CheckAccounts function| ShowNotificationData function| GORegisterInteraction function| BackToTransactionList function| ShowLoading function| HideLoading function| isLocationComplete function| changeLocation function| collapseOrUncollapseForm function| uncollapseTitle function| collapseTitle function| ShowStandardTooltip function| ShowStandardTooltipOnFocus function| ShowInputError function| ShowInputErrorLeft function| ShowInputErrorOnDialog function| isRFC822ValidEmail function| ConfirmAndValidateEmail function| PasswordComplexValidation function| CuitCuilValidation function| CuitCuilCDIValidation function| CuitCuilCDIValidationV2 function| validateEmail function| LoadModify function| ShowAgendaCBUContactoPartial function| GetContactDataAndShowPartial function| SearchContact function| ShowPopUpAgenda function| CUILEsValido function| preparePageAndPrint function| isDefined function| digitalAnalyticsElementTagCustomerEffort function| Trim function| LTrim function| RTrim function| Right function| Left function| IsDate function| GetDaysInMonth function| IsLeapYear function| NumberFormat_WithLatinSeparators function| FormatDate function| LPad function| roundNumber function| CheckVersionIE function| BrowserCompatibilityMessage function| MakeSpanError function| RemoveSpanError function| PreventBackspaceAndDelete function| getErrorSMS function| RefreshToken function| deshabilitarBotones function| setearAtributosParaDeshabilitar function| habilitarBotones function| setearAtributosParaHabilitar function| GA4 function| GA4Error function| modalAyC function| modalRedirect function| CloseModalAyC function| modalErrorAdaptive object| sessvars function| ShowSideBar function| CloseSideBar function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| RSAKeyPair function| twoDigit function| encryptedString function| decryptedString function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| simulateClick function| refreshLogin number| interval_refreshLogin function| DisableAddEI function| analitycsInput function| slideShowImages function| addImagesToSlideShow function| openLink function| modificacionInputPassword function| modificacionInputUser boolean| showKeyboard function| SubmitLoginForm object| key function| initKey function| cmdEncrypt function| evalEnter function| enableDebug function| onclickRespuestas object| _dmo function| _0x4472 function| _0xd9222a function| _0x5b05 object| img string| hash string| domain object| defaultAttributes object| defaultConverter object| converter function| assign function| __removeCookie function| __setCookie function| __getCookie function| ShowMenuDescription function| HideMenuDescription function| TooltipAltaEI function| ShowErrorModal object| dataLayer function| xyzbc object| SimpleKeyboard object| google_tag_data function| ga object| gaplugins string| selectedInput object| keyboard function| shuffle function| onInputFocus function| onInputChange function| onChange function| onKeyPress function| handleTab function| handleShiftButton object| keyboardIcon object| keyboardElem object| SimpleKeyboardInstances object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject object| gaGlobal object| gaData function| _UA-62726172-35_sendHitTask function| onYouTubeIframeAPIReady string| n string| m string| p object| q number| j function| f function| e function| c function| d string| k undefined| r undefined| a undefined| g undefined| o undefined| b undefined| h object| result object| plugin string| t object| _satellite boolean| __satelliteLoaded function| alloy object| __alloyNS object| extensionGoogleDataLayer string| paramName object| eventParams object| currentPlaceInput object| cdwpb object| cdApi object| _dmoload14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| sifo.bancogalicia.com.ar/requestserver/rest/v1 | Name: herok Value: 28868608046X90SkQE0FTA0mHMIPBZNVYC8dI9wq |
|
| sifo.bancogalicia.com.ar/requestserver/rest/v1 | Name: kirby Value: 28868608046X90SkQE0FTA0mHMIPBZNVYC8dI9wq |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: _gcl_au Value: 1.1.1648737373.1718894962 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: _ga Value: GA1.4.1058780097.1718894962 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: _gid Value: GA1.4.2118230753.1718894962 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: _dc_gtm_UA-62726172-35 Value: 1 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: bmuid Value: 1718894962234-BAC2CB65-7589-4C7C-850E-EFFB98F7B8E4 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: cdContextId Value: 2 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: cdSNum Value: 1718894962663-sjn0000773-b81a7cfb-d418-448a-81c9-639e85bc4fc5 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: kndctr_DF3360B65E15FFB70A495C4A_AdobeOrg_identity Value: CiY2MTExMTg0NjYyOTU5Mzc2NjQ2MzY2NzcyMjU5ODI2MDExMzMwM1ITCI7S_rCDMhABGAEqBElSTDEwAPABjtL-sIMy |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: kndctr_DF3360B65E15FFB70A495C4A_AdobeOrg_cluster Value: irl1 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: mbox Value: session#61111846629593766463667722598260113303-nMBHzx#1718896823 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: mboxEdgeCluster Value: 37 |
|
| .ipv6.3-142-50-16.cprapid.com/ | Name: AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg Value: MCMID|61111846629593766463667722598260113303 |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gal.bgsensors.co
ipv6.3-142-50-16.cprapid.com
sifo.bancogalicia.com.ar
stats.g.doubleclick.net
target.wsec06.bancogalicia.com.ar
wsec06.bancogalicia.com.ar
www.google-analytics.com
www.googletagmanager.com
161.190.1.33
2600:1f18:18ef:ed12:6f8d:edee:422:9f21
2606:4700:20::681a:7f1
2a00:1450:4001:80b::2008
2a00:1450:4001:829::200e
2a00:1450:400c:c0a::9c
3.142.50.16
66.235.152.221
06be1e974367848fd532c60dab208a092466662b9af7c0c5ea7606bea3adc585
089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278
138143108101149f64bcda5fe38cdd2f3f2139cc957b45949e71fac33ea94482
165992ed1571fdd547d4375190ec1fa7dcdcd852a84a0f1002ab6d977331417f
1ca48f98b0e6a12f56e81a16b5250d2a430f774129ac8ca850c337f0f4179039
231d504017220c1691f43fe8d2b5e12a86475a7541748a238353dd451eabbbf6
28890122c985117e587adce0c43b4c55017496c5bb7acaa99bb2afa5bb417e5e
2c65c87166b36b93cf1424e0e97bd3a5792c0575dc32d4ac87959a66b84e7829
333b702043b3408bc9a64e8397fc98ee6a326723565d972174fa2dfcc44511f4
352893f639a88f1305ee56165cbeda7fd0ae1dea50923adea6e9eee3adc7b4b4
39c033a4e3435b308ed9109e535ffc2424dd5d4111d3e6e0f3940a697d903f93
3b85ab310a9c071d324cedce8fc23a39b215b63a0d2da041dee56ed1632be4e5
3da920566ed33b0e542e2943cc9c49b819cd69f262c1403ca47be8f5dd6db148
3de6cdf40445bb7fb62056d9b33c5a2cbbc51d56294bf2545739fba257a9146b
3e1748d41ea5bb0aa856aaddf497140e3cffdf0302bfdeae177b7c755bc6da8d
5673590a864ab325ebe5ae1ebd0abbd38ee3cc3713c3bc8a0a72a3cc3ccd73cf
6057a3718ff63b49bce7a7efb2354cb932f1df9dd9dd7ba779d0d22dcba7a16b
6516631a0821750428cceecfbadd6a061d25944befe8a714ac3086c79361c9c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7df864d607991927a98e092c40dcbc42bb01f1407b6583e7aabc737dd7c78548
7e921853f362fcf37da6f2eb321fd8934d0106ee76d1e0af3741089580410257
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
883adbd95603c0dd96e8cff8d94fb2dc681ef02b4aebd55f39a33143f7f01e14
8ba5487a3441be54f0d77878bdde04863c7918e7551eae45e7d4d039d701d313
8cc5da7ff97d33456e47f1e5dd3aca4004301bfe5a5e736272bd0e0d6bb19ee8
8d417633a95432bf7877e9b8b5793858317cda35884b11cf2ed30fc33154db7e
919da83be1bfba25812336b18bcfa5d13236ae73cdfa965a1efed5d16c257190
9708a69d9fda6fa53eba0858c2296f0045a0eeebf22ef2a609d10d51adf2ebb0
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a77f14c9439d79d02bc1cc7f216650e87d3052c4801015674a53650ab206a89e
a9fbb5c4e495183e0033fab5f1875277e9ceea0b0a0f89220b3c58d4afadf99b
c1ac115788f922e9bb68fc1e4710ed077bcae6e5014bc163c434b598e1e17ec9
c6a78be2e5c69c2a32e16cf3ee75440082d2ce8a45d0602fe888b8a34d6a560c
c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631
d3d9f9eda05bffffc3b7a73d14d28e24e2a8297c5579e3d11def792e8ed26d13
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0be3b4daf1631fdd23f2b73628ae1998710c61beda2325ab8eefccee160aa1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf3de3cea10712cfa5aa7370cce8885dce264f1f4fcf4ce6c5edb59916380c2
f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
f8b33f6ba690d3343635f5307ec4484c8c5270147fee4d90361480ac592f8557
fbb8e8eac8878242091e67787fd5f0fbc8399bbe9966931a41f8c602e95d06b1