20-243-192-29.cprapid.com
Open in
urlscan Pro
20.243.192.29
Malicious Activity!
Public Scan
Effective URL: https://20-243-192-29.cprapid.com/bbva/ayuda/espana/
Submission: On August 23 via manual from ES — Scanned from ES
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 25th 2022. Valid for: 3 months.
This is the only time 20-243-192-29.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BBVA (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 109.71.253.25 109.71.253.25 | 44486 (SYNLINQ s...) (SYNLINQ synlinq.de) | |
12 | 20.243.192.29 20.243.192.29 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2a02:6ea0:cb0... 2a02:6ea0:cb00::2 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 52.29.243.74 52.29.243.74 | 16509 (AMAZON-02) (AMAZON-02) | |
25 | 4 |
ASN60068 (CDN77 ^_^, GB)
www.smartsuppchat.com | |
widget-v2.smartsuppcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-243-74.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
cprapid.com
20-243-192-29.cprapid.com |
4 MB |
6 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com — Cisco Umbrella Rank: 55927 |
175 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com — Cisco Umbrella Rank: 54998 bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 49932 |
6 KB |
1 |
oyn.at
1 redirects
oyn.at |
309 B |
0 |
bbva.es
Failed
movil.bbva.es Failed |
|
25 | 5 |
Domain | Requested by | |
---|---|---|
12 | 20-243-192-29.cprapid.com |
20-243-192-29.cprapid.com
|
6 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
widget-v2.smartsuppcdn.com |
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | www.smartsuppchat.com |
20-243-192-29.cprapid.com
|
1 | oyn.at | 1 redirects |
0 | movil.bbva.es Failed |
20-243-192-29.cprapid.com
|
25 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
20-243-192-29.cprapid.com cPanel, Inc. Certification Authority |
2022-07-25 - 2022-10-23 |
3 months | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-01 - 2022-12-29 |
a year | crt.sh |
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-11-04 - 2022-11-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://20-243-192-29.cprapid.com/bbva/ayuda/espana/
Frame ID: 95A4B20A586E217647124ADB5EDE24A5
Requests: 21 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.f96a8cb3.js
Frame ID: 6DDD68C471478058AEFFF512E2548558
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
BBVAPage URL History Show full URLs
-
https://oyn.at/seguro-bbva
HTTP 302
https://20-243-192-29.cprapid.com/bbva/ayuda/espana/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://oyn.at/seguro-bbva
HTTP 302
https://20-243-192-29.cprapid.com/bbva/ayuda/espana/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
20-243-192-29.cprapid.com/bbva/ayuda/espana/ Redirect Chain
|
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-d24499a07e3ae984eca949fda39072dc.css
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/ |
526 B 849 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
buzz-621864c6da854cf15f4b9690d95170e7.css
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-Book-dad6b6198b8254b8bce259aefda62568.woff
movil.bbva.es/apps/woody/assets/vendor/res/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-Medium-f50002bc63bc7f6f4e68c65bd0ec40d4.woff
movil.bbva.es/apps/woody/assets/vendor/res/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-BookItalic-c109f702b5103d7302b44179636a6b6b.woff
movil.bbva.es/apps/woody/assets/vendor/res/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-MediumItalic-803e1fe842adc8c2e1aa001b53874f0b.woff
movil.bbva.es/apps/woody/assets/vendor/res/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon-maiden-78ff189089da6b38cd21da4f40801d71.woff
movil.bbva.es/apps/woody/assets/vendor/res/iconfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-latest.min.js
20-243-192-29.cprapid.com/bbva/ayuda/espana/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-9773ce9acc665f27e667abde8d13af07.css
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/ |
789 KB 790 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-white-1c1c2a68cc4c755b9ebacef725dd3421.svg
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-menu-a5a292edf3027c756482651a9fbb4bd3.svg
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/res/img/ |
8 KB 8 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video.gif
20-243-192-29.cprapid.com/bbva/ayuda/espana/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BentonSansBBVA-Book-dad6b6198b8254b8bce259aefda62568.woff
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/res/fonts/ |
69 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-maiden-78ff189089da6b38cd21da4f40801d71.woff
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/res/iconfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BentonSansBBVA-Medium-f50002bc63bc7f6f4e68c65bd0ec40d4.woff
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/res/fonts/ |
71 KB 71 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-maiden.ttf
20-243-192-29.cprapid.com/bbva/ayuda/espana/BBVA_files/res/iconfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71455ce40a1d6288f3082e3ade124233309e302b.json
bootstrap.smartsuppchat.com/widget/ |
1 KB 726 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
2 KB 702 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.f96a8cb3.js
widget-v2.smartsuppcdn.com/static/js/ Frame 6DDD |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.fffa7e5c.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 6DDD |
510 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.500b0156.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 6DDD |
117 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
it.json
widget-v2.smartsuppcdn.com/translates/ Frame 6DDD |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
widget-v2.smartsuppcdn.com/translates/ Frame 6DDD |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- movil.bbva.es
- URL
- https://movil.bbva.es/apps/woody/assets/vendor/res/fonts/BentonSansBBVA-Book-dad6b6198b8254b8bce259aefda62568.woff
- Domain
- movil.bbva.es
- URL
- https://movil.bbva.es/apps/woody/assets/vendor/res/fonts/BentonSansBBVA-Medium-f50002bc63bc7f6f4e68c65bd0ec40d4.woff
- Domain
- movil.bbva.es
- URL
- https://movil.bbva.es/apps/woody/assets/vendor/res/fonts/BentonSansBBVA-BookItalic-c109f702b5103d7302b44179636a6b6b.woff
- Domain
- movil.bbva.es
- URL
- https://movil.bbva.es/apps/woody/assets/vendor/res/fonts/BentonSansBBVA-MediumItalic-803e1fe842adc8c2e1aa001b53874f0b.woff
- Domain
- movil.bbva.es
- URL
- https://movil.bbva.es/apps/woody/assets/vendor/res/iconfonts/icon-maiden-78ff189089da6b38cd21da4f40801d71.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BBVA (Financial)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| _smartsupp function| smartsupp boolean| SMARTSUPP_LOADED object| $smartsupp3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
20-243-192-29.cprapid.com/bbva/ayuda/espana | Name: COOKIE_KEY Value: 166126869947 |
|
20-243-192-29.cprapid.com/ | Name: ssupp.vid Value: viRoCif3JEAjO |
|
20-243-192-29.cprapid.com/ | Name: ssupp.visits Value: 1 |
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20-243-192-29.cprapid.com
bootstrap.smartsuppchat.com
movil.bbva.es
oyn.at
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
movil.bbva.es
109.71.253.25
20.243.192.29
2a02:6ea0:cb00::2
52.29.243.74
012790c3e6ea7aa6b6e45cd1d578dafd3fc382323dde28098060a59c40524427
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a075be67e55a6c9ec942574c776f3672174968da1e1727684b4fe41384f4fc1
161ccd24ad5bc80f4e690cac6135dbf8f7632a4cf37127c29ade26a845847968
1af51fd716c9d796086fd67799da2e3df4dda193fbc5b52b165070091ac96e12
2593767f26b59e685fd943be61ea5298ae7a1380018ac18c3d15c470f32365ef
32b5be70164acc09cb52ed04d8e5b86b3461bb03037ce96176e5cd1030e6bee9
652369a1d8494c6f8e38a3af225e3834f0162a04c318c26fd9558af097d7415c
666518ed9e91c024b839dbdcfac7f45900012d89c998a931f09482279c27e269
683f5dea1976fd4a6745667691c91dcffb2db35cf292aa17a3ed079e12f8ba7a
7af3360fe39c201b1ccbe7a726a5d3c2f0253add6616b71176f0d9e7c849a732
a320df24001eaff2b9da352bcf0d72a65d30488fdf52f9d7364fa0358d27075d
aaddbc751b83029cf015c5db33c759ef1aacea5686e9e6782eee735956e34a7f
b10ba9ec25328f503579b0a85de09cbf899ea667c52dfbc7cfff30e3e36f25b7
e4363a4b0b02c1c107b9d4d0f11a1179920fafa4414e9519ad00aaf7eaa63c72
ee9f6ee9fe518505cd93dbfe14657f396eec263954145af01c6198b38dc66d2a
ef45e40b0ae5cbb2bacbf452e0c016b64e5c7b64d75e1f6477a98bf8fa5ff61b
faef4c0bda0c3c95f57f42c990d7623eedb0d7f8174a6640ff4114f1091217ec
fe73f5972955b5c4e807d226ec4294ea066345bb6b05e8ae347bddef82a5fb86