www-bbvagarantibank.com Open in urlscan Pro
2606:4700:3037::6815:1eed Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www-bbvagarantibank.com/
Submission: On February 09 via automatic, source certstream-suspicious (February 9th 2021, 9:40:56 am UTC)

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3037::6815:1eed, located in United States and belongs to CLOUDFLARENET, US. The main domain is www-bbvagarantibank.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 9th 2021. Valid for: a year.

This is the only time www-bbvagarantibank.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garanti (Banking)

Domain & IP information

	IP Address		AS Autonomous System
18	2606:4700:303... 2606:4700:3037::6815:1eed		13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	1

18 2606:4700:3037::6815:1eed (United States)

ASN13335 (CLOUDFLARENET, US)

www-bbvagarantibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	www-bbvagarantibank.com www-bbvagarantibank.com	65 KB
18	1

	Domain	Requested by
18	www-bbvagarantibank.com	www-bbvagarantibank.com
18	1

This site contains links to these domains. Also see Links.

Domain
sube.garantibbva.com.tr

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-09` - `2022-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www-bbvagarantibank.com/
Frame ID: 8FE571BD28AFEFC7A7B96E930B03BE45
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

65 kB
Transfer

369 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://sube.garantibbva.com.tr/isube/login/login/passwordentrypersonal-tr
Title:

Search URL Search Domain Scan URL

URL: https://sube.garantibbva.com.tr/isube/login/login/passwordentrycorporate-tr
Title: KURUMSAL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www-bbvagarantibank.com/	15 KB 5 KB	464ms 440ms	Document text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6ea6451be2d213e828b28fcb00a90edb6cbb9c4c37e8566b147892906ea0a1d` Request headers :method GET :authority www-bbvagarantibank.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:37 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dca92329c08a692f9ec8c72390476c1621612863637; expires=Thu, 11-Mar-21 09:40:37 GMT; path=/; domain=.www-bbvagarantibank.com; HttpOnly; SameSite=Lax cf-cache-status DYNAMIC cf-request-id 0827c31fe100000625c59c7000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=icV%2BOHA%2F4I1RhiUoFLS99p7a1KyhxIxhbgewMgNsvLSERIQeuiDohJ1gvud2ALkeXen9QOOYIvGMcgY4IEsVT3wXunVKdxyzbhHEAkKjYEPuCj98WDN%2BxyBM7wFvFjyIZvHHPA%3D%3D"}],"group":"cf-nel"} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 61eca146391f0625-FRA content-encoding br
GET H2	200	addtohomescreen.css www-bbvagarantibank.com/index_files/	3 KB 1 KB	339ms 337ms	Stylesheet text/css	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/index_files/addtohomescreen.css Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e464e649382f0b340febadd96d0c42649146f337a20c13b01d6f0fab6a38bd2c` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f3gmVqvpUlIQRm24ZqUmMTd3bLgvklouHppjz4Ax0XauS1sn0kwaRc6raxdFm6E5407NtjyUJc%2Bq7R4vMV7wSK9T0o7ZFhyfJ5tL6yJ%2BGKIYt%2FsQBpflp5NAcQDzG%2FsR4XMVSA%3D%3D"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 61eca1492f630625-FRA cf-request-id 0827c321bb00000625cdb15000000001
GET H2	200	pace.css www-bbvagarantibank.com/index_files/	566 B 572 B	337ms 336ms	Stylesheet text/css	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/index_files/pace.css Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b82aa466e978481cd73c23382706e0a35834830fef6ede2b60cc6faab3c10e7` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jpkRqyBqpOtKGV352eDOjuVcOeKqNdC9b4xYjjIosvKiKJN99Wq8YMg%2FnAe2%2FABiCYCqzY18tWdMAyGwIGRvLmrNOEgN6UvQQMWAuTD4PRR8qAlhr32tShAjCWuji%2BHdDbueQg%3D%3D"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 61eca1492f660625-FRA cf-request-id 0827c321bc00000625bf0f0000000001
GET H2	200	firstscreen.css www-bbvagarantibank.com/index_files/	773 B 549 B	339ms 338ms	Stylesheet text/css	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/index_files/firstscreen.css Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7d0777cac58dc6055e2e0e6aad20af5f5baf42809035103317719153d8da8971` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qZR9GpMNTQHOALQt7h65PZOG8%2F%2Fzz3mnPFRFO4L%2FNljFwtTQai1cRvfItwmuA7A0ZPfJMrxemZP6ouZBkzxfGtXNSK7OrQ%2BpivRu%2BIDWr15YGVoqBt38Snx6A6wLX97TuCvsfg%3D%3D"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 61eca1492f670625-FRA cf-request-id 0827c321bd00000625bf0f1000000001
GET H2	200	bootstrap-login.css www-bbvagarantibank.com/index_files/	147 KB 23 KB	808ms 807ms	Stylesheet text/css	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/index_files/bootstrap-login.css Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `97f80a0ac135eb53bb5c2e8f8b40716f08851100a67cfff8143a58196679c13e` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c1K5MfZC7CFRdDi2bVTuDMbsEUrJwLoC%2BNVgDifwOgqH7pa3R17M4LAwYA%2FoyRk5OOIBAd5d5%2Fz0QUSL0DT%2FzAcu8vXf71D5zLt6qWiNdC8B%2BuSsdxJTZQ1OpIMPKqXI3Vsu5A%3D%3D"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 61eca1492f6c0625-FRA cf-request-id 0827c321bc00000625a2328000000001
GET H2	200	bootstrap-login-utility.css www-bbvagarantibank.com/index_files/	128 KB 19 KB	815ms 814ms	Stylesheet text/css	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/index_files/bootstrap-login-utility.css Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `637fe36949905e4a8d639929b8f32697379987745f5f15df3aff24d639bf094a` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IMGT0rRMemTVpQCw7lK6Koy0ZWwpy9QbciTwcuPwGJ2qP8aQy1Wy%2BOCyW4lqcd5VcpXlnncJ6T5MbM5nr8MfrGGgec5wCZqVHzNfYzbJrMuorcXRyT4JS9ELoqPaENZrY1fMLQ%3D%3D"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 61eca1492f6e0625-FRA cf-request-id 0827c321bc00000625a9ace000000001
GET H2	200	gt-facelift-login-style.css www-bbvagarantibank.com/index_files/	65 KB 6 KB	652ms 651ms	Stylesheet text/css	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/index_files/gt-facelift-login-style.css Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2aa2e1432f2be7a3d070e94cc564e59bd92edc6b12fc09b1a626a20fea83b092` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT content-encoding br cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kCjqrFbF9IaGK%2BZPFc8%2BnKCrTKa6%2BPuVqpS8K29VnjHrE6Ycoz%2BFYSy0vHldHfSMAkhkeLU4NmhZCxl1YWda%2B0%2BMvVTaro0xmbV6HF46yIF3X1C8QR5dldwxtJFKxxeEGzUaTQ%3D%3D"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 61eca1492f700625-FRA cf-request-id 0827c321bc00000625823ef000000001
GET H2	200	logo-garantibbva.png www-bbvagarantibank.com/index_files/	3 KB 4 KB	352ms 351ms	Image image/png	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-bbvagarantibank.com/index_files/logo-garantibbva.png Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f7a83e3642ca11fbaae82bbcd5a94836701d77479d6580af10a578f2ee17a91f` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vA9zJ2ZGYOeoXk1jVcrUsY8Bcp%2BYOs9jqI5N6a8Kfic4%2F3lw0vcUpn3FbqtNPtBxkILJ5X8vOONNUkOvHJHgU24ELBQu75rjmaKUMrARGYACjpclWKwYS2CxSM5kPN58IGxZOA%3D%3D"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} accept-ranges bytes cf-ray 61eca1492f720625-FRA content-length 3450 cf-request-id 0827c321bf0000062576244000000001
GET H2	200	logo-garantibbva-2x.png www-bbvagarantibank.com/index_files/	7 KB 7 KB	336ms 336ms	Image image/png	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-bbvagarantibank.com/index_files/logo-garantibbva-2x.png Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3541db151826636ff9b170b457d6019b1593a62f4782cb2e3846b61ed1bcf60c` Request headers Referer https://www-bbvagarantibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:38 GMT cf-cache-status MISS last-modified Thu, 29 Oct 2020 00:14:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zNHeeYoVjY0hSjW9t2A6wlPB1GMH%2FDPX6fctvFWV8%2F3gte2QmCIwyR45z7o6KmXY23NdqfabnaVwsbFmCL46FpMEEYUcwSB%2Bu7i%2FAQwG5ysiOfcP1fNsIMKCDSe6Q%2FgBn78XSw%3D%3D"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} accept-ranges bytes cf-ray 61eca1492f750625-FRA content-length 6731 cf-request-id 0827c321bd000006257d292000000001
GET H2	404	SourceSansPro-Regular.woff www-bbvagarantibank.com/fonts/	0 0	332ms 331ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/SourceSansPro-Regular.woff Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZAVgzhjjYz5U%2FYuKLp8YNfBGVMI%2FnCnPNQkZXEGv%2BOuzGsyDQZGoLGdQM9tHVsk1luX3KOZ4ltnNCMsrWvv6NrBeXYnOBFoOOev362XRbqjp6ib9%2F5aGqooYf8%2FFusAW78%2FKOw%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca14e5c570625-FRA cf-request-id 0827c324f600000625b202b000000001
GET H2	404	SourceSansPro-Light.woff www-bbvagarantibank.com/fonts/	0 0	336ms 336ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/SourceSansPro-Light.woff Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GJisCj40c6tNj9V4cvVaQBRgSNXM7vcgM%2Fd0M2mlCq9ET80etFiI9Tw0FTwk%2FuNMnLb%2BFciCpVVr7gOCLXG1sOxL7FmaJqinlGoviEGh3AhSkU9gBSg0mGb7%2FcM0e7Xz43c5kg%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca14e5c580625-FRA cf-request-id 0827c324f6000006257486a000000001
GET H2	404	norton-dark.png www-bbvagarantibank.com/img/	315 B 315 B	334ms 333ms	Image text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-bbvagarantibank.com/img/norton-dark.png Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iS%2BBofR9UlZQzxKMqBj8rLtjOIVIfWDPs%2BrQfeE0H0eLxEF0AsAd8Dg9r%2FUHF08%2BbJLWbBPaU8rXX%2FeonFX4SgqN9mXU2fKT4a5ELfCtEWIpdyrzcrjP66necd3ATPKc9lunfA%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca14e5c660625-FRA cf-request-id 0827c324f9000006258c0d2000000001
GET H2	404	icons.woff www-bbvagarantibank.com/fonts/	0 0	333ms 332ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/icons.woff Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9iSu3yPABe0xLncUOQg1OSwB%2F7nln%2FMhuea2LpmEBoUu862SjtyT72iSBFrn%2FeN1jItgHHoZEvtJNR99662OqQRmykDLQQ2129EODs9U6y6bhLpXhP0rPFgwv0CQ2WwWEgSBYQ%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca14e5c620625-FRA cf-request-id 0827c324f8000006257f1b6000000001
GET H2	404	SourceSansPro-Semibold.woff www-bbvagarantibank.com/fonts/	0 0	336ms 335ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/SourceSansPro-Semibold.woff Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u0r3eS7cRKQieC1MA6Zkcg6P%2BjS%2FktEhPaZ8rS5nPNo7BfkaoEXw8urrslN9Ts%2BbvVfssfRcElUTVEw1tKzdjJbIEfdhkp%2BTwzQ1S7CoaZXP%2B8vXpjCDIArzbuGEpZL5UrRL8w%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca14e5c650625-FRA cf-request-id 0827c324f800000625a237e000000001
GET H2	404	SourceSansPro-Regular.ttf www-bbvagarantibank.com/fonts/	0 0	336ms 335ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/SourceSansPro-Regular.ttf Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qtHr0RGcSeUQu7Fpn2bJDi%2Fb%2BqvukcGHMTQfhfNoe3qupSk4rL7BMiaatWmrkUxxTxGfC3ECraYqN1VnWXPcM48FYfLva17sH1knDhWbduJo0U86cNesrBC8JYLdbJSMtxUQew%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca150686b0625-FRA cf-request-id 0827c32643000006257d2f9000000001
GET H2	404	icons.ttf www-bbvagarantibank.com/fonts/	0 0	331ms 330ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/icons.ttf Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7xJE0%2Ff5pmbIdY8YXQ0DRZIb%2FFUDvV4v%2BS%2F%2FdT%2BpQMyOsxac6pVq750j%2BULy6y0%2BkBP%2BPXlEWr7YUqSpgs9WZYCjAV5ElBLX3DRT7dhnJwEkw0UFrCRpqEA%2BgBqKmkY5U00WWg%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca15078890625-FRA cf-request-id 0827c32649000006259b3d7000000001
GET H2	404	SourceSansPro-Light.ttf www-bbvagarantibank.com/fonts/	0 0	341ms 340ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/SourceSansPro-Light.ttf Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tpuj7jA%2BBvRYkRlrXtdbshpBbr8pUaRz22S5tl9ODlUZFLYO4dt%2BfCbhsjFANyhvOauC3O50JFHKNju1SSMMbE5CL22L222d6rDxd62%2B80nxOfrktVWL%2FEGOmaGW%2FHGUmP8g3Q%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca150788c0625-FRA cf-request-id 0827c3264900000625aa39b000000001
GET H2	404	SourceSansPro-Semibold.ttf www-bbvagarantibank.com/fonts/	0 0	330ms 330ms	Font text/html	2606:4700:3037::6815:1eed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-bbvagarantibank.com/fonts/SourceSansPro-Semibold.ttf Requested by Host: www-bbvagarantibank.com URL: https://www-bbvagarantibank.com/index_files/bootstrap-login.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1eed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www-bbvagarantibank.com Referer https://www-bbvagarantibank.com/index_files/bootstrap-login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 09:40:39 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ADm27QDGLhdbiSQsDK7Be9YkKrBRrigH0nXEdlOAuErPbYi%2BfHDl1t0Jrn1ocXXZ4Nlv85CQ%2Fvy3ZlrV6s8gmN%2Ftt%2FMijZ0sXIwgPeB%2Fb2pu%2BfstkJiu5YtCuaZzgzIHSnATfw%3D%3D"}],"group":"cf-nel"} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 61eca150788f0625-FRA cf-request-id 0827c3264a000006259b3d8000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garanti (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www-bbvagarantibank.com/	1970-01-19 16:44:15	Name: __cfduid Value: dca92329c08a692f9ec8c72390476c1621612863637

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www-bbvagarantibank.com
2606:4700:3037::6815:1eed
1b82aa466e978481cd73c23382706e0a35834830fef6ede2b60cc6faab3c10e7
2aa2e1432f2be7a3d070e94cc564e59bd92edc6b12fc09b1a626a20fea83b092
3541db151826636ff9b170b457d6019b1593a62f4782cb2e3846b61ed1bcf60c
637fe36949905e4a8d639929b8f32697379987745f5f15df3aff24d639bf094a
7d0777cac58dc6055e2e0e6aad20af5f5baf42809035103317719153d8da8971
97f80a0ac135eb53bb5c2e8f8b40716f08851100a67cfff8143a58196679c13e
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6ea6451be2d213e828b28fcb00a90edb6cbb9c4c37e8566b147892906ea0a1d
e464e649382f0b340febadd96d0c42649146f337a20c13b01d6f0fab6a38bd2c
f7a83e3642ca11fbaae82bbcd5a94836701d77479d6580af10a578f2ee17a91f

www-bbvagarantibank.com Open in urlscan Pro 2606:4700:3037::6815:1eed Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

65 kBTransfer

369 kBSize

1 Cookies

2 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

Indicators

www-bbvagarantibank.com Open in urlscan Pro
2606:4700:3037::6815:1eed Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

65 kB
Transfer

369 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!