![](/screenshots/6da3ce73-4690-4338-b1fc-22a185cd7d4b.png)
ipv6.3-142-50-16.cprapid.com
Open in
urlscan Pro
3.142.50.16
Malicious Activity!
Public Scan
Submission: On June 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by myseedifiy.click on June 19th 2024. Valid for: a year.
This is the only time ipv6.3-142-50-16.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Galicia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
45 | 3.142.50.16 3.142.50.16 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2600:1f18:18e... 2600:1f18:18ef:ed12:6f8d:edee:422:9f21 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2606:4700:20:... 2606:4700:20::681a:7f1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:829::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0a::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 66.235.152.221 66.235.152.221 | 15224 (OMNITURE) (OMNITURE) | |
1 | 161.190.1.33 161.190.1.33 | 13474 (Banco de ...) (Banco de Galicia y Buenos Aires) | |
59 | 9 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-50-16.us-east-2.compute.amazonaws.com
ipv6.3-142-50-16.cprapid.com |
ASN14618 (AMAZON-AES, US)
sifo.bancogalicia.com.ar |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-221.data.adobedc.net
target.wsec06.bancogalicia.com.ar |
ASN13474 (Banco de Galicia y Buenos Aires, AR)
PTR: wsec06.bancogalicia.com.ar
wsec06.bancogalicia.com.ar |
Apex Domain Subdomains |
Transfer | |
---|---|---|
45 |
cprapid.com
ipv6.3-142-50-16.cprapid.com |
3 MB |
6 |
bancogalicia.com.ar
sifo.bancogalicia.com.ar target.wsec06.bancogalicia.com.ar wsec06.bancogalicia.com.ar |
146 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
199 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136 |
355 B |
1 |
bgsensors.co
gal.bgsensors.co |
832 B |
59 | 6 |
Domain | Requested by | |
---|---|---|
45 | ipv6.3-142-50-16.cprapid.com |
ipv6.3-142-50-16.cprapid.com
|
4 | sifo.bancogalicia.com.ar |
ipv6.3-142-50-16.cprapid.com
sifo.bancogalicia.com.ar |
3 | www.google-analytics.com |
ipv6.3-142-50-16.cprapid.com
www.googletagmanager.com |
2 | www.googletagmanager.com |
ipv6.3-142-50-16.cprapid.com
www.googletagmanager.com |
1 | wsec06.bancogalicia.com.ar | |
1 | target.wsec06.bancogalicia.com.ar |
ipv6.3-142-50-16.cprapid.com
|
1 | stats.g.doubleclick.net |
ipv6.3-142-50-16.cprapid.com
|
1 | gal.bgsensors.co |
ipv6.3-142-50-16.cprapid.com
|
59 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bancogalicia.com |
wsec06.bancogalicia.com.ar |
Subject Issuer | Validity | Valid | |
---|---|---|---|
myseedifiy.click myseedifiy.click |
2024-06-19 - 2025-06-19 |
a year | crt.sh |
sifo.bancogalicia.com.ar DigiCert EV RSA CA G2 |
2024-02-15 - 2025-02-18 |
a year | crt.sh |
bgsensors.co GTS CA 1P5 |
2024-05-29 - 2024-08-27 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
target.wsec06.bancogalicia.com.ar DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-06-11 - 2025-06-10 |
a year | crt.sh |
wsec06.bancogalicia.com.ar DigiCert EV RSA CA G2 |
2024-03-11 - 2025-03-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ipv6.3-142-50-16.cprapid.com/
Frame ID: 7725FDB60E1CB2D05A6335226355334A
Requests: 58 HTTP requests in this frame
Screenshot
![](/screenshots/6da3ce73-4690-4338-b1fc-22a185cd7d4b.png)
Page Title
Office BankingDetected technologies
![](/vendor/wappa/icons/Prototype.png)
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Ingreso
Search URL Search Domain Scan URL
Title: Desbloquear/crear nueva clave de acceso
Search URL Search Domain Scan URL
Title: Recuperar nombre de usuario
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ipv6.3-142-50-16.cprapid.com/ |
52 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keyboard.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
503 B 744 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simple-keyboard.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.10.3.custom.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
33 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
262 KB 262 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SiderBar.css
ipv6.3-142-50-16.cprapid.com/index_files/ |
3 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
52 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
ipv6.3-142-50-16.cprapid.com/index_files/ |
275 KB 275 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
383 KB 383 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.2.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
93 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.10.3.custom.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
440 KB 440 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Core.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
96 KB 97 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sessvars.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
7 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GOPrototypes.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
51 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SideBar.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Barrett.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BigInt.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
15 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RsaWPadding.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hashtable.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
14 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rsa.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
37 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-de55e9a10fa1.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
215 KB 215 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource
ipv6.3-142-50-16.cprapid.com/index_files/ |
959 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad1a29c5.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
804 KB 805 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-galicia-new.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-ob.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-banner-08.jpg
ipv6.3-142-50-16.cprapid.com/index_files/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
borders.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simple-keyboard.min.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
20 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfill.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keyboard.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Core.js.descargar
ipv6.3-142-50-16.cprapid.com/index_files/ |
96 KB 97 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
sifo.bancogalicia.com.ar/scriptdealer/script/v1/386enn/ |
141 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
gal.bgsensors.co/api/wb/b3f76076-f760-49d8-ab30-437b9b182ac7/60a375cb-568d-41f6-a2d9-0e5d6c6ad549/1244/ |
67 B 832 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
383 KB 118 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l-accesos.png
ipv6.3-142-50-16.cprapid.com/images/commons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-commons.png
ipv6.3-142-50-16.cprapid.com/images/commons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-buttons.png
ipv6.3-142-50-16.cprapid.com/images/commons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-regular-400.woff2
ipv6.3-142-50-16.cprapid.com/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/ |
35 B 250 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 355 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-regular-400.woff
ipv6.3-142-50-16.cprapid.com/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
TestEncrypt
ipv6.3-142-50-16.cprapid.com/Users/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PilotoImagenLogin
ipv6.3-142-50-16.cprapid.com/Home/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-regular-400.ttf
ipv6.3-142-50-16.cprapid.com/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-banner-00.jpg
ipv6.3-142-50-16.cprapid.com/Images/Banners/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
83ddb065-727e-4441-b011-699f9b62fd17
https://ipv6.3-142-50-16.cprapid.com/ |
190 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
interact
target.wsec06.bancogalicia.com.ar/ee/v1/ |
1 KB 912 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
pageFeatures
sifo.bancogalicia.com.ar/requestserver/rest/v1/ |
115 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
wsec06.bancogalicia.com.ar/Images/ |
2 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
pageFeatures
sifo.bancogalicia.com.ar/requestserver/rest/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
screenshot
sifo.bancogalicia.com.ar/requestserver/rest/v1/ |
0 662 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-galicia-new.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-ob.png
ipv6.3-142-50-16.cprapid.com/index_files/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-banner-08.jpg
ipv6.3-142-50-16.cprapid.com/index_files/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-banner-00.jpg
ipv6.3-142-50-16.cprapid.com/Images/Banners/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Galicia (Banking)380 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| BigInt undefined| event object| fence object| sharedStorage function| $ function| jQuery function| fixDividedTableWidth function| UpdateTableAligns function| closePendantMsgTooltipsPendant function| disableInputs function| slideSwitch function| alterTableStyles function| LogInfoClientCustom function| LogInfoClientCustomWarning function| printObj string| decimalSeparator string| mileSeparator object| regEx_numbers object| regEx_alpha object| regEx_alpha_space object| regEX_noNumbers object| regEx_alphanumeric object| regEx_alphanumeric_without_hyphen_underscore object| regEx_alphanumeric_without_hyphen_underscore_all object| regEx_alphanumeric_space object| regex_no_space object| regEx_mail_1 object| regEx_mail_2 object| reg_Domain object| regEx_Alias object| regEx_InternalComment object| regEx_alphanumeric_withonly_space object| regEx_alphanumeric_space_enie_dot_comma object| regEx_alphanumeric_withmail object| regEx_transfExtNif object| regEx_transfExt object| regEx_numbersTRX function| RenewTimeOut function| RenewTimeOutRefresh object| timeOutMinutes undefined| _countDownTimerTimeOut function| RenewTimeOutClientSide function| InsideCookie object| RefreshV4TimeOutCount function| RenewRefreshV4 function| RenewTimeoutCookie function| getCookie function| RenewTimeOutServerSide function| SincronizarCookies boolean| isExternalSite function| TimeOutAlert function| GOToPermisosDeUsuarios function| showHelp function| ObtenerDetalleMensajeAyuda function| Terminosycondiciones function| createAACookie function| createCookieAA function| createCookie function| readCookie function| clearCookie function| clearAllCookies function| getCurrentDecimalSeparator function| getIntPart function| getDecPart function| toFloat function| formatNmbToMiles function| formatNumberWithSeparators function| setNavigationHTML function| restoreNavigationHTML function| Link function| PostTo function| PostToParams function| base64encode function| OnJsError function| OnJsErrorDetailed function| IsAjaxError function| IsAjaxCheckedError function| OnAjaxError function| OnAjaxError1 function| OnAjaxCheckedError function| ReplaceDots function| GetAjaxJsonErrorDescription function| ShowUserInbox function| InboxOnClose function| CreateDatePicker function| WindowOpen function| WindowOpenSite function| CenterElement function| MsgBox function| MsgBoxV1 function| Back function| goToControllerAction function| goToMenuLinkModule function| ShowFAQ function| GetAlertasPendientes function| ValidateRegExOnEvent function| ValidateRegEx function| isFloat function| trim function| Empty function| trimSpaces function| trimNonDigits function| RemoveNonNumericCharacters function| CheckMaxLength function| CheckPasteMaxLength function| CheckNumericAndMaxLenght function| ValidateEmail function| SelectAll function| validateNifOnKeyUp function| validateNifOnPaste function| validateTrxExt function| validateTrxExtOnPaste function| validateNumbers function| validateAliasCBU function| validateCaracters function| validateAliasCBUOnKeyUp function| validateInputOnPaste function| validAmount function| CheckAccounts function| ShowNotificationData function| GORegisterInteraction function| BackToTransactionList function| ShowLoading function| HideLoading function| isLocationComplete function| changeLocation function| collapseOrUncollapseForm function| uncollapseTitle function| collapseTitle function| ShowStandardTooltip function| ShowStandardTooltipOnFocus function| ShowInputError function| ShowInputErrorLeft function| ShowInputErrorOnDialog function| isRFC822ValidEmail function| ConfirmAndValidateEmail function| PasswordComplexValidation function| CuitCuilValidation function| CuitCuilCDIValidation function| CuitCuilCDIValidationV2 function| validateEmail function| LoadModify function| ShowAgendaCBUContactoPartial function| GetContactDataAndShowPartial function| SearchContact function| ShowPopUpAgenda function| CUILEsValido function| preparePageAndPrint function| isDefined function| digitalAnalyticsElementTagCustomerEffort function| Trim function| LTrim function| RTrim function| Right function| Left function| IsDate function| GetDaysInMonth function| IsLeapYear function| NumberFormat_WithLatinSeparators function| FormatDate function| LPad function| roundNumber function| CheckVersionIE function| BrowserCompatibilityMessage function| MakeSpanError function| RemoveSpanError function| PreventBackspaceAndDelete function| getErrorSMS function| RefreshToken function| deshabilitarBotones function| setearAtributosParaDeshabilitar function| habilitarBotones function| setearAtributosParaHabilitar function| GA4 function| GA4Error function| modalAyC function| modalRedirect function| CloseModalAyC function| modalErrorAdaptive object| sessvars function| ShowSideBar function| CloseSideBar function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| RSAKeyPair function| twoDigit function| encryptedString function| decryptedString function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| simulateClick function| refreshLogin number| interval_refreshLogin function| DisableAddEI function| analitycsInput function| slideShowImages function| addImagesToSlideShow function| openLink function| modificacionInputPassword function| modificacionInputUser boolean| showKeyboard function| SubmitLoginForm object| key function| initKey function| cmdEncrypt function| evalEnter function| enableDebug function| onclickRespuestas object| _dmo function| _0x4472 function| _0xd9222a function| _0x5b05 object| img string| hash string| domain object| defaultAttributes object| defaultConverter object| converter function| assign function| __removeCookie function| __setCookie function| __getCookie function| ShowMenuDescription function| HideMenuDescription function| TooltipAltaEI function| ShowErrorModal object| dataLayer function| xyzbc object| SimpleKeyboard object| google_tag_data function| ga object| gaplugins string| selectedInput object| keyboard function| shuffle function| onInputFocus function| onInputChange function| onChange function| onKeyPress function| handleTab function| handleShiftButton object| keyboardIcon object| keyboardElem object| SimpleKeyboardInstances object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject object| gaGlobal object| gaData function| _UA-62726172-35_sendHitTask function| onYouTubeIframeAPIReady string| n string| m string| p object| q number| j function| f function| e function| c function| d string| k undefined| r undefined| a undefined| g undefined| o undefined| b undefined| h object| result object| plugin string| t object| _satellite boolean| __satelliteLoaded function| alloy object| __alloyNS object| extensionGoogleDataLayer string| paramName object| eventParams object| currentPlaceInput object| cdwpb object| cdApi object| _dmoload14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sifo.bancogalicia.com.ar/requestserver/rest/v1 | Name: herok Value: 28868608046X90SkQE0FTA0mHMIPBZNVYC8dI9wq |
|
sifo.bancogalicia.com.ar/requestserver/rest/v1 | Name: kirby Value: 28868608046X90SkQE0FTA0mHMIPBZNVYC8dI9wq |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: _gcl_au Value: 1.1.1648737373.1718894962 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: _ga Value: GA1.4.1058780097.1718894962 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: _gid Value: GA1.4.2118230753.1718894962 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: _dc_gtm_UA-62726172-35 Value: 1 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: bmuid Value: 1718894962234-BAC2CB65-7589-4C7C-850E-EFFB98F7B8E4 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: cdContextId Value: 2 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: cdSNum Value: 1718894962663-sjn0000773-b81a7cfb-d418-448a-81c9-639e85bc4fc5 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: kndctr_DF3360B65E15FFB70A495C4A_AdobeOrg_identity Value: CiY2MTExMTg0NjYyOTU5Mzc2NjQ2MzY2NzcyMjU5ODI2MDExMzMwM1ITCI7S_rCDMhABGAEqBElSTDEwAPABjtL-sIMy |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: kndctr_DF3360B65E15FFB70A495C4A_AdobeOrg_cluster Value: irl1 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: mbox Value: session#61111846629593766463667722598260113303-nMBHzx#1718896823 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: mboxEdgeCluster Value: 37 |
|
.ipv6.3-142-50-16.cprapid.com/ | Name: AMCV_DF3360B65E15FFB70A495C4A%40AdobeOrg Value: MCMID|61111846629593766463667722598260113303 |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gal.bgsensors.co
ipv6.3-142-50-16.cprapid.com
sifo.bancogalicia.com.ar
stats.g.doubleclick.net
target.wsec06.bancogalicia.com.ar
wsec06.bancogalicia.com.ar
www.google-analytics.com
www.googletagmanager.com
161.190.1.33
2600:1f18:18ef:ed12:6f8d:edee:422:9f21
2606:4700:20::681a:7f1
2a00:1450:4001:80b::2008
2a00:1450:4001:829::200e
2a00:1450:400c:c0a::9c
3.142.50.16
66.235.152.221
06be1e974367848fd532c60dab208a092466662b9af7c0c5ea7606bea3adc585
089ad5bf4831b6758e9907db43bc5ebba2e9248a9929dad6132c49932e538278
138143108101149f64bcda5fe38cdd2f3f2139cc957b45949e71fac33ea94482
165992ed1571fdd547d4375190ec1fa7dcdcd852a84a0f1002ab6d977331417f
1ca48f98b0e6a12f56e81a16b5250d2a430f774129ac8ca850c337f0f4179039
231d504017220c1691f43fe8d2b5e12a86475a7541748a238353dd451eabbbf6
28890122c985117e587adce0c43b4c55017496c5bb7acaa99bb2afa5bb417e5e
2c65c87166b36b93cf1424e0e97bd3a5792c0575dc32d4ac87959a66b84e7829
333b702043b3408bc9a64e8397fc98ee6a326723565d972174fa2dfcc44511f4
352893f639a88f1305ee56165cbeda7fd0ae1dea50923adea6e9eee3adc7b4b4
39c033a4e3435b308ed9109e535ffc2424dd5d4111d3e6e0f3940a697d903f93
3b85ab310a9c071d324cedce8fc23a39b215b63a0d2da041dee56ed1632be4e5
3da920566ed33b0e542e2943cc9c49b819cd69f262c1403ca47be8f5dd6db148
3de6cdf40445bb7fb62056d9b33c5a2cbbc51d56294bf2545739fba257a9146b
3e1748d41ea5bb0aa856aaddf497140e3cffdf0302bfdeae177b7c755bc6da8d
5673590a864ab325ebe5ae1ebd0abbd38ee3cc3713c3bc8a0a72a3cc3ccd73cf
6057a3718ff63b49bce7a7efb2354cb932f1df9dd9dd7ba779d0d22dcba7a16b
6516631a0821750428cceecfbadd6a061d25944befe8a714ac3086c79361c9c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7df864d607991927a98e092c40dcbc42bb01f1407b6583e7aabc737dd7c78548
7e921853f362fcf37da6f2eb321fd8934d0106ee76d1e0af3741089580410257
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
883adbd95603c0dd96e8cff8d94fb2dc681ef02b4aebd55f39a33143f7f01e14
8ba5487a3441be54f0d77878bdde04863c7918e7551eae45e7d4d039d701d313
8cc5da7ff97d33456e47f1e5dd3aca4004301bfe5a5e736272bd0e0d6bb19ee8
8d417633a95432bf7877e9b8b5793858317cda35884b11cf2ed30fc33154db7e
919da83be1bfba25812336b18bcfa5d13236ae73cdfa965a1efed5d16c257190
9708a69d9fda6fa53eba0858c2296f0045a0eeebf22ef2a609d10d51adf2ebb0
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a77f14c9439d79d02bc1cc7f216650e87d3052c4801015674a53650ab206a89e
a9fbb5c4e495183e0033fab5f1875277e9ceea0b0a0f89220b3c58d4afadf99b
c1ac115788f922e9bb68fc1e4710ed077bcae6e5014bc163c434b598e1e17ec9
c6a78be2e5c69c2a32e16cf3ee75440082d2ce8a45d0602fe888b8a34d6a560c
c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631
d3d9f9eda05bffffc3b7a73d14d28e24e2a8297c5579e3d11def792e8ed26d13
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0be3b4daf1631fdd23f2b73628ae1998710c61beda2325ab8eefccee160aa1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf3de3cea10712cfa5aa7370cce8885dce264f1f4fcf4ce6c5edb59916380c2
f20a33fd40173f122bec15a105374059fb3ec612d51146485ed84ef0001f2f03
f8b33f6ba690d3343635f5307ec4484c8c5270147fee4d90361480ac592f8557
fbb8e8eac8878242091e67787fd5f0fbc8399bbe9966931a41f8c602e95d06b1