Submitted URL: http://segali.cinrimacion.repl.co/
Effective URL: https://segali.cinrimacion.repl.co/
Submission Tags: replit-anti-abuse
Submission: On August 25 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 34.149.204.188, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is segali.cinrimacion.repl.co.
TLS certificate: Issued by R3 on August 25th 2022. Valid for: 3 months.
This is the only time segali.cinrimacion.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Galicia (Banking)

Domain & IP information

IP Address AS Autonomous System
1 14 34.149.204.188 15169 (GOOGLE)
13 1
Apex Domain
Subdomains
Transfer
14 repl.co
segali.cinrimacion.repl.co
3 MB
13 1
Domain Requested by
14 segali.cinrimacion.repl.co 1 redirects segali.cinrimacion.repl.co
13 1

This site contains no links.

Subject Issuer Validity Valid
cinrimacion.repl.co
R3
2022-08-25 -
2022-11-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://segali.cinrimacion.repl.co/
Frame ID: C671C7AC7E2A6010EEA101BA181C4064
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://segali.cinrimacion.repl.co/ HTTP 308
    https://segali.cinrimacion.repl.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2652 kB
Transfer

2649 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://segali.cinrimacion.repl.co/ HTTP 308
    https://segali.cinrimacion.repl.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
segali.cinrimacion.repl.co/
Redirect Chain
  • http://segali.cinrimacion.repl.co/
  • https://segali.cinrimacion.repl.co/
12 KB
12 KB
Document
General
Full URL
https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/ PHP/7.4.21
Resource Hash
8e27e296aeb1826feeced5e7861de03cedbba440e74e6abc73d7cb5541e68c39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 16:28:24 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
host
segali.cinrimacion.repl.co
replit-cluster
global
x-powered-by
PHP/7.4.21

Redirect headers

Content-Length
71
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 16:28:23 GMT
Location
https://segali.cinrimacion.repl.co/
Replit-Cluster
global
Via
1.1 google
bootstrap.min.css
segali.cinrimacion.repl.co/fis/
121 KB
121 KB
Stylesheet
General
Full URL
https://segali.cinrimacion.repl.co/fis/bootstrap.min.css
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
123758
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=UTF-8
default.min.css
segali.cinrimacion.repl.co/fis/
1 MB
1 MB
Stylesheet
General
Full URL
https://segali.cinrimacion.repl.co/fis/default.min.css
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ce9a1fdeca6947e1d7dad81bdd07a0b7633c4114eedb312574280d5e0bee36c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
1242080
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=UTF-8
keyboard.css
segali.cinrimacion.repl.co/fis/
492 B
521 B
Stylesheet
General
Full URL
https://segali.cinrimacion.repl.co/fis/keyboard.css
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
492
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=UTF-8
simple-keyboard.css
segali.cinrimacion.repl.co/fis/
3 KB
3 KB
Stylesheet
General
Full URL
https://segali.cinrimacion.repl.co/fis/simple-keyboard.css
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
2790
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=UTF-8
customcarousel.min.css
segali.cinrimacion.repl.co/fis/
2 KB
2 KB
Stylesheet
General
Full URL
https://segali.cinrimacion.repl.co/fis/customcarousel.min.css
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
1949
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=UTF-8
titl.png
segali.cinrimacion.repl.co/fis/
902 B
930 B
Image
General
Full URL
https://segali.cinrimacion.repl.co/fis/titl.png
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
be9d8f21c2d215622dee4fdfbf605fa1e6fbd8830553aba34140b5b47aea1863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
902
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/png
tecl.png
segali.cinrimacion.repl.co/fis/
409 B
446 B
Image
General
Full URL
https://segali.cinrimacion.repl.co/fis/tecl.png
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ae9668d3cd1491510cbd1e97a1e1bb47cfc1d2fd59adfb4ad59a9e73de1ba88d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
409
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/png
logo.png
segali.cinrimacion.repl.co/fis/
42 KB
42 KB
Image
General
Full URL
https://segali.cinrimacion.repl.co/fis/logo.png
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/fis/default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e854776c611f6246074b3deaa598e832f293b264fca5f3587089035a2309ed92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/fis/default.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
42705
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/png
burbu.png
segali.cinrimacion.repl.co/fis/
1 MB
1 MB
Image
General
Full URL
https://segali.cinrimacion.repl.co/fis/burbu.png
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/fis/default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash
82bc584fee883c53f99cabf1cd92931813e35383a44fcd706ad38ddd65bb9bf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://segali.cinrimacion.repl.co/fis/default.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
1285461
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
image/png
Inter-Regular.woff2
segali.cinrimacion.repl.co/Content/fonts/
0
0
Font
General
Full URL
https://segali.cinrimacion.repl.co/Content/fonts/Inter-Regular.woff2
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/fis/default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://segali.cinrimacion.repl.co/fis/default.min.css
Origin
https://segali.cinrimacion.repl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:25 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
566
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=UTF-8
Inter-Regular.woff
segali.cinrimacion.repl.co/Content/fonts/
0
0
Font
General
Full URL
https://segali.cinrimacion.repl.co/Content/fonts/Inter-Regular.woff
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/fis/default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://segali.cinrimacion.repl.co/fis/default.min.css
Origin
https://segali.cinrimacion.repl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:26 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
565
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=UTF-8
Inter-Regular.ttf
segali.cinrimacion.repl.co/Content/fonts/
0
0
Font
General
Full URL
https://segali.cinrimacion.repl.co/Content/fonts/Inter-Regular.ttf
Requested by
Host: segali.cinrimacion.repl.co
URL: https://segali.cinrimacion.repl.co/fis/default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.204.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.204.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://segali.cinrimacion.repl.co/fis/default.min.css
Origin
https://segali.cinrimacion.repl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:28:26 GMT
host
segali.cinrimacion.repl.co
replit-cluster
global
content-length
564
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Galicia (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://segali.cinrimacion.repl.co/Content/fonts/Inter-Regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://segali.cinrimacion.repl.co/Content/fonts/Inter-Regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://segali.cinrimacion.repl.co/Content/fonts/Inter-Regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()