test077-bb369.web.app
Open in
urlscan Pro
151.101.1.195
Malicious Activity!
Public Scan
Effective URL: https://test077-bb369.web.app/
Submission: On April 11 via manual from MX
Summary
TLS certificate: Issued by GTS CA 1D4 on March 17th 2021. Valid for: 3 months.
This is the only time test077-bb369.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BBVA (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 198.54.116.76 198.54.116.76 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
9 | 151.101.1.195 151.101.1.195 | 54113 (FASTLY) (FASTLY) | |
17 | 104.109.75.39 104.109.75.39 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.109.80.25 104.109.80.25 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
6 | 2600:1901:0:9... 2600:1901:0:94b6:: | 15169 (GOOGLE) (GOOGLE) | |
38 | 6 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium29-4.web-hosting.com
ya.co.ve |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-75-39.deploy.static.akamaitechnologies.com
www.bbva.com.ar |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-80-25.deploy.static.akamaitechnologies.com
assets.caasbbva.com |
ASN15169 (GOOGLE, US)
test077-bb369-default-rtdb.firebaseio.com | |
s-usc1c-nss-244.firebaseio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
bbva.com.ar
www.bbva.com.ar |
21 KB |
9 |
web.app
test077-bb369.web.app |
19 KB |
6 |
firebaseio.com
test077-bb369-default-rtdb.firebaseio.com s-usc1c-nss-244.firebaseio.com |
2 KB |
2 |
ya.co.ve
2 redirects
ya.co.ve |
467 B |
1 |
caasbbva.com
assets.caasbbva.com |
3 KB |
1 |
gstatic.com
www.gstatic.com |
211 KB |
38 | 6 |
Domain | Requested by | |
---|---|---|
17 | www.bbva.com.ar |
test077-bb369.web.app
www.bbva.com.ar |
9 | test077-bb369.web.app |
test077-bb369.web.app
|
5 | s-usc1c-nss-244.firebaseio.com |
www.gstatic.com
|
2 | ya.co.ve | 2 redirects |
1 | test077-bb369-default-rtdb.firebaseio.com |
www.gstatic.com
|
1 | assets.caasbbva.com |
test077-bb369.web.app
|
1 | www.gstatic.com |
test077-bb369.web.app
|
38 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2021-03-17 - 2021-06-15 |
3 months | crt.sh |
bbva.com.ar DigiCert Secure Site ECC CA-1 |
2020-10-20 - 2021-10-18 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
bbvanetcash.com DigiCert SHA2 Secure Server CA |
2021-03-25 - 2022-03-30 |
a year | crt.sh |
firebaseio.com GTS CA 1O1 |
2021-01-12 - 2021-07-11 |
6 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://test077-bb369.web.app/
Frame ID: A5D6A53FE4B1A1BFBD1C721BA779AED4
Requests: 32 HTTP requests in this frame
Frame:
https://test077-bb369-default-rtdb.firebaseio.com/.lp?start=t&ser=23940792&cb=1&v=5
Frame ID: BCCECC16D730A0562025BADE9BB4603C
Requests: 5 HTTP requests in this frame
Frame:
https://s-usc1c-nss-244.firebaseio.com/.lp?dframe=t&id=5091746&pw=5t5bvh0vvh&ns=test077-bb369-default-rtdb
Frame ID: 6680F424E22CAC15EBE56597392B33E9
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ya.co.ve/oFO
HTTP 301
https://ya.co.ve/oFO HTTP 301
https://test077-bb369.web.app/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ya.co.ve/oFO
HTTP 301
https://ya.co.ve/oFO HTTP 301
https://test077-bb369.web.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
test077-bb369.web.app/ Redirect Chain
|
20 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.css
test077-bb369.web.app/assets/ |
43 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
test077-bb369.web.app/assets/ |
49 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.critical/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
large.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.critical/ |
764 B 628 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bbva.common.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.fonts/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.lightbox/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.videoLink/ |
759 B 720 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.header/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
large.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.header/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
large.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/ |
964 B 757 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bbva.stickyalert.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/ |
362 B 555 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_bbva_blanco.svg
www.bbva.com.ar/content/dam/public-web/global/images/logos/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
large.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/ |
526 B 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/ |
1 KB 881 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
small.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.searchbar/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
large.lc-20210203-070201-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.searchbar/ |
694 B 623 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_bbva_blanco.svg
test077-bb369.web.app/content/dam/public-web/global/images/logos/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase.js
www.gstatic.com/firebasejs/5.10.0/ |
777 KB 211 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
test077-bb369.web.app/ |
2 KB 775 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identification.png
assets.caasbbva.com/argentina/net/security-tips/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-Medium.woff2
www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-Book.woff2
www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-Medium.woff
www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BentonSansBBVA-Book.woff
www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BentonSansBBVA-Medium.woff
test077-bb369.web.app/fonts/coronita/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BentonSansBBVA-Book.woff
test077-bb369.web.app/fonts/coronita/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BentonSansBBVA-Medium.ttf
test077-bb369.web.app/fonts/coronita/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BentonSansBBVA-Book.ttf
test077-bb369.web.app/fonts/coronita/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
test077-bb369-default-rtdb.firebaseio.com/ Frame BCCE |
422 B 664 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-244.firebaseio.com/ Frame 6680 |
420 B 649 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-244.firebaseio.com/ Frame BCCE |
15 B 256 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-244.firebaseio.com/ Frame BCCE |
58 B 299 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-244.firebaseio.com/ Frame BCCE |
47 B 288 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.lp
s-usc1c-nss-244.firebaseio.com/ Frame BCCE |
38 B 279 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.bbva.com.ar
- URL
- https://www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/BentonSansBBVA-Medium.woff2
- Domain
- www.bbva.com.ar
- URL
- https://www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/BentonSansBBVA-Book.woff2
- Domain
- www.bbva.com.ar
- URL
- https://www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/BentonSansBBVA-Medium.woff
- Domain
- www.bbva.com.ar
- URL
- https://www.bbva.com.ar/content/dam/public-web/global/system/styles/fonts/BentonSansBBVA-Book.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BBVA (Financial)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| firebase object| config function| formSubmit function| sendMessage function| pLPCommand1 function| pRTLPCB10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.caasbbva.com
s-usc1c-nss-244.firebaseio.com
test077-bb369-default-rtdb.firebaseio.com
test077-bb369.web.app
www.bbva.com.ar
www.gstatic.com
ya.co.ve
www.bbva.com.ar
104.109.75.39
104.109.80.25
151.101.1.195
198.54.116.76
2600:1901:0:94b6::
2a00:1450:4001:808::2003
0229f89fa9c5407d482f0275db01617720fbaa1b3e9089b85965f57c9c5bf532
0afce3995c265639e716a5b796a719b9d2b47fa0ebb9d9bd3ad1843e1924db18
1ce1ec66e2ee811a097656c12d3d2df7d6af6b4482e8c4ba3715b0bd9d98fffd
1ee6d0c9b1bc975c706e2778c48d2790457a059b378bcd8f4beaaa425f487916
20bd15d78740411fe9bb24499fd56324bf747a20b4b91a8fa7f1158cddcc3903
217614a68e5b63645acdcd5e92e11d1e1426748f072c6fca730711e86d7705d9
2b42c349ac3c295fcb34b1f35297ed9f276f7668d4e7746b2b0edea9986d29a4
3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd
4110bfbebf5162bd8ce32b34a411c8c4ec827b0d65947993c25379646e5db120
4c6f36c0ec628073c3b33cb2406e241fd9df13bfb6a8f01b7d10288037b8a71a
55f5096cf59800b1ba519e4ec72a14f44d77c3a87ea5cb86ee31c6fd719b3598
641a416d043e8998d3b8806138dd55517dd819873438899c7df2df505cdedaab
70bc6db93856173b347d9f8fc9fa7461d544cf578a9a0fc4317d9b116ea0757d
86cb724ef3ed5496729964ddc1acd566a299ad0d493971a4429cf5dce6e46ead
9853dae4547402e7e084856bdb29ca6a82703abf27768f648bbb8a4111aa7d44
a193ca582b4b6302a0d253ef38a63028be64339173798c4deeafa1de02c791fa
ab9a7570dfdadce87d8a7dc2f43587cba2c28e951c6bd9fd9176c5a175a85b20
b62a4423c9f54709e1eb05d3ce11318b2873c3c47f61aa35d517cc045f7f6a9d
b77b97fe780d35d18248abd1d2f42f444afbabe43f6abcd8fa8ebb3d47825eee
bc2179336e475e5bf67a176a6eed886a55198a273ce46e9a3ef84446aa587899
cbdbfbbd9a919c4f657c1e1aa1e107ac3787f0860a5f5aeea545ac1f61d2c039
ce4d87bce1fc44ec177bbbce1b04d20c17b0dfd25378d4b804f848b9a4862fd2
d2e6c9c15ff83dcd79b794ae4002f135c217b205ac6470e67b346cb2e30a32ef
e258104f3d771bf651049b7c0fd1baf907cf068660a1ca9f8466f013ea614710
ec50753af7488a21ede4246599f07ac3e438d9a6ad96b9bb4a1e2a0d79557ea4
ec7c21a9a4d67fd9fbca7c0781031a9b6dbca1229bd4d25c51966596f57a7aec
ed3730b3270061a92ba848032606b5ad11fba8990e1e02d6f8ef8da54a6237cf
ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9
f756b59556ae33bd20f440c67bd0b1732d408852eff5f365172f7922455b35c3
ff2fd2905bea4e17fc66c2f4b6fb8c6b1f496f0e70f726432cc04c4ec39b34ec