wext.grupobbva.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 89.107.181.44, located in Madrid, Spain and belongs to BBVA-AS Spain, ES. The main domain is wext.grupobbva.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 19th 2020. Valid for: a year.

This is the only time wext.grupobbva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	195.235.234.190 195.235.234.190	6813 (FLEXNET T...) (FLEXNET Telefonica Soluciones)
4	89.107.181.44 89.107.181.44	15810 (BBVA-AS S...) (BBVA-AS Spain)
5	2

2 195.235.234.190 (Palma, Spain) 1 redirects

ASN6813 (FLEXNET Telefonica Soluciones, ES)

cloud.astex.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.107.181.44 (Madrid, Spain)

ASN15810 (BBVA-AS Spain, ES)
PTR: wext.grupobbva.com

wext.grupobbva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	grupobbva.com wext.grupobbva.com	30 KB
2	astex.es 1 redirects cloud.astex.es	7 KB
5	2

	Domain	Requested by
4	wext.grupobbva.com	wext.grupobbva.com
2	cloud.astex.es	1 redirects
5	2

This site contains no links.

Subject Issuer	Validity	Valid
cloud.astex.es DigiCert SHA2 Extended Validation Server CA	`2020-03-16` - `2022-03-17`	2 years	crt.sh
wext.grupobbva.com DigiCert SHA2 Secure Server CA	`2020-03-19` - `2021-04-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon
Frame ID: DA5D4E4DE1A4EA0CD82B09E3D93F9A9C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cloud.astex.es/Portal/Sistema/EmailLessonsBBVASAML.aspx?e=seW0TgH95dioW6eTmtlx9a4z3UU97CRG HTTP 302
https://cloud.astex.es/Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG Page URL
https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

36 kB
Transfer

35 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cloud.astex.es/Portal/Sistema/EmailLessonsBBVASAML.aspx?e=seW0TgH95dioW6eTmtlx9a4z3UU97CRG HTTP 302
https://cloud.astex.es/Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG Page URL
https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cloud.astex.es/Portal/Sistema/EmailLessonsBBVASAML.aspx?e=seW0TgH95dioW6eTmtlx9a4z3UU97CRG HTTP 302
https://cloud.astex.es/Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

SSOSAML.aspx
cloud.astex.es/Portal/
Redirect Chain

https://cloud.astex.es/Portal/Sistema/EmailLessonsBBVASAML.aspx?e=seW0TgH95dioW6eTmtlx9a4z3UU97CRG
https://cloud.astex.es/Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG

6 KB
6 KB

69ms
67ms

Document
text/html

195.235.234.190
FLEXNET Telefonic...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.astex.es/Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

195.235.234.190 Palma, Spain, ASN6813 (FLEXNET Telefonica Soluciones, ES),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: cloud.astex.es
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ASP.NET_SessionId=amji0h45a3tf5r45gidjl545
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 25 Jan 2021 14:52:42 GMT
Content-Length: 6056

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG
Server: Microsoft-IIS/8.5
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=amji0h45a3tf5r45gidjl545; path=/; HttpOnly
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 25 Jan 2021 14:52:42 GMT
Content-Length: 197

POST
H/1.1 200
OK Primary Request Cookie set Googlon Show response
wext.grupobbva.com/CLOUDAUTH/slod/ 3 KB
3 KB 332ms
86ms Document
text/html 89.107.181.44
BBVA-AS Spain

General

Check archive.org

Show headers Download Go to

Full URL: https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 89.107.181.44 Madrid, Spain, ASN15810 (BBVA-AS Spain, ES),
Reverse DNS: wext.grupobbva.com
Software: /
Resource Hash: 78e8f1c8be14c418b8461bf693da945e65541af38447cebce8529d8a34e345bc

Request headers

Host: wext.grupobbva.com
Connection: keep-alive
Content-Length: 5558
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://cloud.astex.es
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://cloud.astex.es/Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://cloud.astex.es
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cloud.astex.es/Portal/SSOSAML.aspx?RelayState=BBVAPKL_seW0TgH95dioW6eTmtlx9a4z3UU97CRG

Response headers

content-language: en-US
content-type: text/html;charset=ISO-8859-1
date: Mon, 25 Jan 2021 14:52:43 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-old-content-length: 2653
transfer-encoding: chunked
cache-control: no-cache="set-cookie, set-cookie2"
expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: KSNI_01=00005YhcHnrDJLGrsnVebJK5XQM:1709mjbi0; Path=/CLOUDAUTH/ PD_STATEFUL_94b0cb72-dbb7-11e2-a45c-0050568e3588=%2FCLOUDAUTH; Path=/

GET
H/1.1 200
OK astex.css
wext.grupobbva.com/CLOUDAUTH/mult/ 5 KB
5 KB 76ms
76ms Stylesheet
text/css 89.107.181.44
BBVA-AS Spain

General

Check archive.org

Show headers Download Go to

Full URL: https://wext.grupobbva.com/CLOUDAUTH/mult/astex.css
Requested by: Host: wext.grupobbva.com
URL: https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 89.107.181.44 Madrid, Spain, ASN15810 (BBVA-AS Spain, ES),
Reverse DNS: wext.grupobbva.com
Software: /
Resource Hash: 4a591f71ddbc4ab475b536977a272c391a67f21fd4e8a4399656dc94a990fe81

Request headers

Referer: https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 14:52:43 GMT
last-modified: Tue, 17 May 2016 23:03:31 GMT
accept-ranges: bytes
content-type: text/css
content-length: 5152
p3p: CP="NON CUR OTPi OUR NOR UNI"

GET
H/1.1 200
OK campus_BBVA.jpg
wext.grupobbva.com/CLOUDAUTH/images/ 20 KB
20 KB 154ms
76ms Image
image/jpeg 89.107.181.44
BBVA-AS Spain

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wext.grupobbva.com/CLOUDAUTH/images/campus_BBVA.jpg
Requested by: Host: wext.grupobbva.com
URL: https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 89.107.181.44 Madrid, Spain, ASN15810 (BBVA-AS Spain, ES),
Reverse DNS: wext.grupobbva.com
Software: /
Resource Hash: 5d08c056a54ed2412311e086ee73e5ef2b2a18ec6da351ce263eae2cec258c90

Request headers

Referer: https://wext.grupobbva.com/CLOUDAUTH/slod/Googlon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 14:52:43 GMT
last-modified: Tue, 17 May 2016 23:03:31 GMT
accept-ranges: bytes
content-type: image/jpeg
content-length: 20633
p3p: CP="NON CUR OTPi OUR NOR UNI"

GET
H/1.1 200
OK idioma_bullet.gif
wext.grupobbva.com/CLOUDAUTH/images/ 1 KB
1 KB 147ms
79ms Image
image/gif 89.107.181.44
BBVA-AS Spain

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wext.grupobbva.com/CLOUDAUTH/images/idioma_bullet.gif
Requested by: Host: wext.grupobbva.com
URL: https://wext.grupobbva.com/CLOUDAUTH/mult/astex.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 89.107.181.44 Madrid, Spain, ASN15810 (BBVA-AS Spain, ES),
Reverse DNS: wext.grupobbva.com
Software: /
Resource Hash: eb94b61ad9a012aa2428bda28495f59b7fc9c7dc003dc3a2dc770de21910e195

Request headers

Referer: https://wext.grupobbva.com/CLOUDAUTH/mult/astex.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 14:52:43 GMT
last-modified: Thu, 21 Jun 2012 13:31:06 GMT
accept-ranges: bytes
content-type: image/gif
content-length: 1147
p3p: CP="NON CUR OTPi OUR NOR UNI"

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wext.grupobbva.com/	1969-12-31 23:59:59	Name: PD_STATEFUL_94b0cb72-dbb7-11e2-a45c-0050568e3588 Value: %2FCLOUDAUTH
			wext.grupobbva.com/CLOUDAUTH/	1969-12-31 23:59:59	Name: KSNI_01 Value: 00005YhcHnrDJLGrsnVebJK5XQM:1709mjbi0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.astex.es
wext.grupobbva.com
195.235.234.190
89.107.181.44
4a591f71ddbc4ab475b536977a272c391a67f21fd4e8a4399656dc94a990fe81
5d08c056a54ed2412311e086ee73e5ef2b2a18ec6da351ce263eae2cec258c90
78e8f1c8be14c418b8461bf693da945e65541af38447cebce8529d8a34e345bc
eb94b61ad9a012aa2428bda28495f59b7fc9c7dc003dc3a2dc770de21910e195

wext.grupobbva.com Open in urlscan Pro 89.107.181.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

36 kBTransfer

35 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

wext.grupobbva.com Open in urlscan Pro
89.107.181.44 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

36 kB
Transfer

35 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions