urlscan.io logo urlscan.io
SecurityTrails logo

bb-wa.me Open in urlscan Pro
2606:4700:3037::6815:57cf  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://bb-wa.me/
Submission: On March 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3037::6815:57cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is bb-wa.me.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2024. Valid for: 3 months.
This is the only time bb-wa.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco do Brasil (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a04:4e42::485 54113 (FASTLY)
1 170.66.14.84 11993 (BANCO DO ...)
1 2a04:4e42:77:... 54113 (FASTLY)
2 170.66.192.4 11993 (BANCO DO ...)
6 2606:4700:e6:... 13335 (CLOUDFLAR...)
14 7
1    2606:4700:3037::6815:57cf (United States)

ASN13335 (CLOUDFLARENET, US)
bb-wa.me
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    170.66.14.84 (Brasília, Brazil)

ASN11993 (BANCO DO BRASIL S.A., BR)
www49.bb.com.br
1    2a04:4e42:77::159 (United States)

ASN54113 (FASTLY, US)
pbs.twimg.com
2    170.66.192.4 (São Paulo, Brazil)

ASN11993 (BANCO DO BRASIL S.A., BR)
cdn.bb.com.br
6    2606:4700:e6::ac40:cc14 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
Apex Domain
Subdomains		 Transfer
7 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3290
ka-f.fontawesome.com — Cisco Umbrella Rank: 7004
303 KB
3 bb.com.br
www49.bb.com.br
cdn.bb.com.br
389 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
59 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1060
244 KB
1 bb-wa.me
bb-wa.me
2 KB
14 5
Domain Requested by
6 ka-f.fontawesome.com kit.fontawesome.com
bb-wa.me
2 cdn.bb.com.br bb-wa.me
2 cdn.jsdelivr.net bb-wa.me
1 pbs.twimg.com bb-wa.me
1 www49.bb.com.br bb-wa.me
1 kit.fontawesome.com bb-wa.me
1 bb-wa.me
14 7

This site contains links to these domains. Also see Links.

Domain
wa.me
Subject Issuer Validity Valid
bb-wa.me
GTS CA 1P5		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
www49.bb.com.br
GeoTrust EV RSA CA G2		 2023-07-05 -
2024-07-09		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
cdn.bb.com.br
GeoTrust EV RSA CA G2		 2024-03-14 -
2025-03-13		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-03-05 -
2024-06-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bb-wa.me/
Frame ID: C30F1641A0580C469234AD5A1BF61F1A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BB | Contestação

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

14
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

998 kB
Transfer

1350 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bb-wa.me/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:57cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c902cfe6773fe2d0046d2ad933e34f61da0ec24e84830aa3851a29cb4ad1c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86923e9fe9004bcd-BUF
content-encoding
br
content-type
text/html
date
Sat, 23 Mar 2024 23:36:37 GMT
last-modified
Fri, 22 Mar 2024 16:54:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M71ZtB%2FPfRaPWq%2BiuAFYhES7C3WYNS3URHNe%2Btnj%2Bnm38vYhPRYSxNT7sQ8tMix8kd6rGQfdgnQff2b7t8FQCeWBxg9hue9cMN1s73ZrO25RZeR4YVbo%2FjX7u4Biml2je5KvPD6%2BWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
9464b2a436.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/9464b2a436.js
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1ca022ca46fe7d3378e2ce64b4eec93ed05bab22a685e662095496afa7efd8

Request headers

Referer
https://bb-wa.me/
Origin
https://bb-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
86923ea10e0e4bd2-BUF
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F78_rNfqX8oRRSQQtYJh
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 		227 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bb-wa.me/
Origin
https://bb-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 23 Mar 2024 23:36:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
2123926
x-jsd-version
5.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34860
x-served-by
cache-fra-eddf8230088-FRA, cache-nyc-kteb1890060-NYC
x-jsd-version-type
version
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
logo.png
www49.bb.com.br/web-integrador/app/docs/comum/images/structure/header/ 		2 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www49.bb.com.br/web-integrador/app/docs/comum/images/structure/header/logo.png
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
170.66.14.84 Brasília, Brazil, ASN11993 (BANCO DO BRASIL S.A., BR),
Reverse DNS
Software
/
Resource Hash
fc1c5d8c9aa750b035f80171038766b502616cd3f1b52abbff668a712c485274
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com/analytics.js http://www.googleadservices.com/pagead/conversion_async.js https://googleads.g.doubleclick.net https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/js https://eni.bb.com.br/piwik.js https://connect.facebook.net/en_US/fbevents.js https://www.youtube.com/iframe_api https://www.googleapis.com/youtube/v3/videos http://cdn.navdmp.com/req http://usr.navdmp.com/usr https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ http://cse-consolida-comentario.labbs.com.br https://www100.desenv.bb.com.br https://www100.bb.com.br https://s.yimg.com/wi/ytc.js https://www.googleapis.com/youtube/v3/videos https://www.googleapis.com https://connect.facebook.net/signals/config/1616591318608338 https://connect.facebook.net https://www.googletagmanager.com/gtm.js https://sync.navdmp.com/sync https://cdn.navdmp.com/cus https://cus.navdmp.com/cus https://www100.bb.com.br https://www.gstatic.com/recaptcha/releases/ https://s.yimg.com/wi/ytc.js https://s.yimg.com https://sp.analytics.yahoo.com https://eni.bb.com.br/eni1/piwik.js https://snap.licdn.com/li.lms-analytics/insight.min.js http://static.ads-twitter.com/uwt.js https://pubads.g.doubleclick.net/activity https://tm.jsuol.com.br/uoltm.js http://pkg.ydigitalmedia.com/conversion@4/yd-conversion.js https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net https://www.googletagmanager.com/debug https://www.googletagmanager.com/debug/bootstrap https://www.googleoptimize.com/ https://optimize.google.com/ https://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.js https://eni.bb.com.br/eni2/piwik.js https://www49.bb.com.br/ https://www.bb.com.br/ wss://www101.bb.com.br/mqtt
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=157680000, max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 23:36:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=157680000, max-age=0
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com/analytics.js http://www.googleadservices.com/pagead/conversion_async.js https://googleads.g.doubleclick.net https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/js https://eni.bb.com.br/piwik.js https://connect.facebook.net/en_US/fbevents.js https://www.youtube.com/iframe_api https://www.googleapis.com/youtube/v3/videos http://cdn.navdmp.com/req http://usr.navdmp.com/usr https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ http://cse-consolida-comentario.labbs.com.br https://www100.desenv.bb.com.br https://www100.bb.com.br https://s.yimg.com/wi/ytc.js https://www.googleapis.com/youtube/v3/videos https://www.googleapis.com https://connect.facebook.net/signals/config/1616591318608338 https://connect.facebook.net https://www.googletagmanager.com/gtm.js https://sync.navdmp.com/sync https://cdn.navdmp.com/cus https://cus.navdmp.com/cus https://www100.bb.com.br https://www.gstatic.com/recaptcha/releases/ https://s.yimg.com/wi/ytc.js https://s.yimg.com https://sp.analytics.yahoo.com https://eni.bb.com.br/eni1/piwik.js https://snap.licdn.com/li.lms-analytics/insight.min.js http://static.ads-twitter.com/uwt.js https://pubads.g.doubleclick.net/activity https://tm.jsuol.com.br/uoltm.js http://pkg.ydigitalmedia.com/conversion@4/yd-conversion.js https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net/activity https://pubads.g.doubleclick.net https://www.googletagmanager.com/debug https://www.googletagmanager.com/debug/bootstrap https://www.googleoptimize.com/ https://optimize.google.com/ https://www.youtube.com/s/player/9f996d3e/www-widgetapi.vflset/www-widgetapi.js https://eni.bb.com.br/eni2/piwik.js https://www49.bb.com.br/ https://www.bb.com.br/ wss://www101.bb.com.br/mqtt
Last-Modified
Wed, 10 Mar 2021 11:13:20 GMT
Access-Control-Max-Age
1209600
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, content-type, accept, authorization
Content-Length
2101
-8XjMBt1
pbs.twimg.com/ad_img/1342204483774906380/ 		243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ad_img/1342204483774906380/-8XjMBt1?format=png&name=900x900
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df1acffb65c1d7e22eb5b55a97cdc111b958b15606212193c180456e97848c7f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Sat, 23 Mar 2024 23:36:37 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
249303
x-served-by
cache-pdk-kfty2130087-PDK, cache-iad-kiad7000069-IAD, cache-tw-ZZZ1
last-modified
Thu, 24 Dec 2020 20:22:20 GMT
x-tw-cdn
FT
content-type
image/png
access-control-allow-origin
*
x-transaction-id
d264158eb2e0b548
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Prancheta-1-1.png
cdn.bb.com.br/wp-content/uploads/2022/11/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bb.com.br/wp-content/uploads/2022/11/Prancheta-1-1.png
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.66.192.4 São Paulo, Brazil, ASN11993 (BANCO DO BRASIL S.A., BR),
Reverse DNS
Software
/
Resource Hash
26124185bb1a42bd0c3580911f7dc0a3a7eb7c342d686ddbd9039736214129ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 22 Nov 2022 19:20:57 GMT
etag
"637d2119-32db1"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
content-length
208305
Prancheta-2-1.png
cdn.bb.com.br/wp-content/uploads/2022/11/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bb.com.br/wp-content/uploads/2022/11/Prancheta-2-1.png
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.66.192.4 São Paulo, Brazil, ASN11993 (BANCO DO BRASIL S.A., BR),
Reverse DNS
Software
/
Resource Hash
f75d5b4d27d0b63d5aa94b32c3ce4b7adf9cf91b050e93d582e547a3f314bc6d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 22 Nov 2022 19:21:02 GMT
etag
"637d211e-2d040"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
content-length
184384
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bb-wa.me/
Origin
https://bb-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 23 Mar 2024 23:36:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
2571889
x-jsd-version
5.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24668
x-served-by
cache-fra-eddf8230135-FRA, cache-nyc-kteb1890060-NYC
x-jsd-version-type
version
etag
W/"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
free.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		101 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
via
1.1 7082f41e4415fb7199f3ca9b16b5849a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
80748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
etag
W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iH2TIPWCNJf4goQHIWfMCSZmcTO%2Bst4iMx0RG9Ukt%2FiqG%2BTl7I9V8J2uw8hA%2BxOdieDRynHbeNmclbETQARKdJ%2F0SCbNVLdBSFd4QgrVQZRFJKWgjCDXzco9h%2BjZcBKY3y2qxD5TB5zfdlM6Ol02R2l4SA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86923ea5dd260dc7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
t5oFw30VXpnamyuF34NKWpJxl_ZYDd494nSa4SlElrMScHmbz-z1gA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
via
1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
80748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJOHfArgCLhVszUBimfTzQtj3ybbOFHAMRiWhp7c9c5YHv8S9VWmA7Li%2FWu%2BRT3Rfa3hldri65qpCR%2BKSvD6Zc26cHU%2BUkvrPiZAEQeHpI4eWQhJb4hLX%2Fh%2FuyXzdvYzqjdRnUNFw9iyVCxbIHw5zXYmkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86923ea5dd2a0dc7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
ac0k8XKJdAsQSKPjclfLq8ueA0JkT2qThn-v58ZgSrDt2rQArNVmag==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		823 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
via
1.1 346bf51bc00fbeaa3f4c461a781bceb0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
80748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNk9eXVzRuVk7zqHf2NYaqSh9SnHUcer0zK5bmewxIFf5yeewE0wli7P6MSP9u105eJfm9sHWin6cAUkO8OzJVwdBl1fU5u9HbuZIcf%2FAtgTSvuyq7TonJt9kEuxtGcwBXthxpK75xFHi4ONNFSq5U7bbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86923ea5dd290dc7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
HCZTUjtMEMiBolwEz_Swwuoq_-KV7PcQ2t_Dq0Zfnd_0rlxnXAVdCA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=9464b2a436
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9464b2a436.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bb-wa.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
via
1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
80748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVUrzamTQjkrheu0nsV9Lt6lOhMECvIYbfHhRxb2tpgPBB7%2FW0U5PBBE%2Fh5YHGuumvfw30l4kToHILrJ49%2FTMu8hD%2FLW%2FkEWZPM%2FhnQTxijk6lN6ib0LlI4%2B9i8SdWOzVHG16NLPXJHXKkpfTky8Emjfkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86923ea5dd2b0dc7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
1UJn3cM6okrag0Z_SzaFqcy2-OO5kli0Sd7YbI7uOqzZrOYQINJ2lw==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-solid-900.woff2
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368

Request headers

Referer
https://bb-wa.me/
Origin
https://bb-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
via
1.1 827e4274db61b1bc4aa840491aa652a0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
80748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
156504
last-modified
Thu, 30 Nov 2023 17:53:29 GMT
server
cloudflare
etag
"98ff5c340b38803d09d3f22fd9a00501"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElOUMYoCIVsQEKe%2BIPqYC5lCZn3b3UD7MC59Y13mMh2hNDI8R1zZo3PWv549SVcKuCR%2BuKDhw9PU%2BqmPYnFAPnmR2VdtcD4esgGFfesxh%2FgcHXPm9ehDdjOMwbu6B3KLl3Ve%2FWOeT%2FS1VJZO1rp5NLadPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
86923ea65dba0dc7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
GI9_R5bVTkEfO0fM_K2DuHKhdVXi0qOmMW5E8ig-KimO2v9S6ltS1g==
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-brands-400.woff2
Requested by
Host: bb-wa.me
URL: https://bb-wa.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58522c58cbb9b2231026ce7d65096807a3f97fffaf22cea6fb180590286fa53d

Request headers

Referer
https://bb-wa.me/
Origin
https://bb-wa.me
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 23:36:38 GMT
via
1.1 c2439c5d69ec72a2ab666c2eba104244.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
117376
last-modified
Thu, 30 Nov 2023 17:53:29 GMT
server
cloudflare
etag
"7d46df6bf5bc9cd2a8992bb4f275ad45"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1uJojqmn9abL%2B9376oHIZTI36Fn%2BSm6NChY9BmwLBtIfIAS8KT49EC8Z0tpwuucEIK5%2Fs2K88T%2BlalUthZKMyPwek0kmixVk6VpnpScPQw3Hluq4UIhEaX%2Fjw2QqtvbdQWaH6vxvVfkxt1cU%2Fiqh5krjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
86923ea65dbb0dc7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
DAhO-YpgtXg1CFkvSYAEcWGodvRIf6HgU4ikZoXb3bb9fSeX2CGMtg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco do Brasil (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeKitConfig number| uidEvent object| bootstrap

0 Cookies