login.bbva.staging.infinnitytest.com
Open in
urlscan Pro
104.19.152.19
Public Scan
Effective URL: https://login.bbva.staging.infinnitytest.com/u/login?state=hKFo2SBTQkhvUW5iaEpwUkdDcVpzcjZvNWRiX0xuMGhTaHpqTKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG...
Submission Tags: @phishunt_io
Submission: On April 20 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by E1 on April 20th 2024. Valid for: 3 months.
This is the only time login.bbva.staging.infinnitytest.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700::68... 2606:4700::6813:9913 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 143.204.215.3 143.204.215.3 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 99.86.4.35 99.86.4.35 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.19.152.19 104.19.152.19 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:1901:0:7... 2600:1901:0:7047:: | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:235... 2600:9000:2359:6e00:10:474e:104a:2961 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 18.244.18.3 18.244.18.3 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 7 |
ASN13335 (CLOUDFLARENET, US)
login.bbva.staging.infinnitytest.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-3.fra53.r.cloudfront.net
bbva.staging.infinnitytest.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-35.fra6.r.cloudfront.net
assets.staging.infinnitytest.com |
ASN15169 (GOOGLE, US)
rum.browser-intake-datadoghq.eu |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-3.fra56.r.cloudfront.net
assets.getpliant.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
infinnitytest.com
2 redirects
login.bbva.staging.infinnitytest.com bbva.staging.infinnitytest.com assets.staging.infinnitytest.com |
10 MB |
2 |
getpliant.com
assets.getpliant.com |
52 KB |
2 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6696 |
65 KB |
1 |
browser-intake-datadoghq.eu
rum.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 11761 |
|
14 | 4 |
Domain | Requested by | |
---|---|---|
4 | bbva.staging.infinnitytest.com |
bbva.staging.infinnitytest.com
|
3 | assets.staging.infinnitytest.com |
bbva.staging.infinnitytest.com
|
3 | login.bbva.staging.infinnitytest.com |
2 redirects
bbva.staging.infinnitytest.com
|
2 | assets.getpliant.com |
login.bbva.staging.infinnitytest.com
|
2 | cdn.auth0.com |
login.bbva.staging.infinnitytest.com
|
1 | rum.browser-intake-datadoghq.eu |
bbva.staging.infinnitytest.com
|
14 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.staging.infinnitytest.com Amazon RSA 2048 M03 |
2024-03-22 - 2025-04-20 |
a year | crt.sh |
login.bbva.staging.infinnitytest.com E1 |
2024-04-20 - 2024-07-19 |
3 months | crt.sh |
*.browser-intake-datadoghq.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-17 - 2024-06-18 |
a year | crt.sh |
*.auth0.com Amazon RSA 2048 M03 |
2024-01-25 - 2025-02-22 |
a year | crt.sh |
assets.getpliant.com Amazon RSA 2048 M03 |
2023-09-15 - 2024-10-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.bbva.staging.infinnitytest.com/u/login?state=hKFo2SBTQkhvUW5iaEpwUkdDcVpzcjZvNWRiX0xuMGhTaHpqTKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGFmdmJsSHk4ZUpjU3pqSjJhXzVDODBfY2loRnQ5VTBBo2NpZNkgcUQ0V0JuZ09oUG83VmVqajAwdDJ5d2s2eE4yUkJ4bEw
Frame ID: 16B582ECB582E2CA83B2E6C958E34CF2
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Log in | BBVA and Pliant STAGINGPage URL History Show full URLs
-
https://login.bbva.staging.infinnitytest.com/
HTTP 302
https://bbva.staging.infinnitytest.com/ Page URL
-
https://login.bbva.staging.infinnitytest.com/authorize?audience=api.staging.infinnitytest.com&client_id=qD4WBngOhPo7Vejj0...
HTTP 302
https://login.bbva.staging.infinnitytest.com/u/login?state=hKFo2SBTQkhvUW5iaEpwUkdDcVpzcjZvNWRiX0xuMGhTaHpqTKFur3VuaXZlcn... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login.bbva.staging.infinnitytest.com/
HTTP 302
https://bbva.staging.infinnitytest.com/ Page URL
-
https://login.bbva.staging.infinnitytest.com/authorize?audience=api.staging.infinnitytest.com&client_id=qD4WBngOhPo7Vejj00t2ywk6xN2RBxlL&redirect_uri=https%3A%2F%2Fbbva.staging.infinnitytest.com%2Fcallback&scope=openid%20profile%20email&response_type=code&response_mode=query&state=a0pjQjZtNkY4Y3RlSC5jM1o1cFJSeUZtNjlNNzREOGxJQmpLWDJLSmdxcw%3D%3D&nonce=V2xjS1JxaG5peGdvYUNuN05tTi43aWR%2BMW1yZ1BubzdtZGNITXRIdVNHQQ%3D%3D&code_challenge=DWDMm9auN2kllT-Ks54kl1XzktMNWrkLpU4_SFxMplY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D
HTTP 302
https://login.bbva.staging.infinnitytest.com/u/login?state=hKFo2SBTQkhvUW5iaEpwUkdDcVpzcjZvNWRiX0xuMGhTaHpqTKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGFmdmJsSHk4ZUpjU3pqSjJhXzVDODBfY2loRnQ5VTBBo2NpZNkgcUQ0V0JuZ09oUG83VmVqajAwdDJ5d2s2eE4yUkJ4bEw Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://login.bbva.staging.infinnitytest.com/ HTTP 302
- https://bbva.staging.infinnitytest.com/
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
bbva.staging.infinnitytest.com/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-icons.min.css
assets.staging.infinnitytest.com/libs/flag-icon-css/css/ |
34 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maison-neue-pangea.css
assets.staging.infinnitytest.com/fonts/ |
958 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
env.js
bbva.staging.infinnitytest.com/js/ |
2 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.c106e41d.js
bbva.staging.infinnitytest.com/static/js/ |
10 MB 10 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.16a6955d.css
bbva.staging.infinnitytest.com/static/css/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
assets.staging.infinnitytest.com/images/v2/ |
15 KB 15 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
login
login.bbva.staging.infinnitytest.com/u/ Redirect Chain
|
32 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
rum.browser-intake-datadoghq.eu/api/v2/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.91.1/css/ |
273 KB 63 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
badge.png
cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bbva-logo-dark.png
assets.getpliant.com/images/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
650 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MaisonNeue-Medium.woff2
assets.getpliant.com/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
assets.getpliant.com/images/v2/ |
15 KB 15 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- assets.getpliant.com
- URL
- https://assets.getpliant.com/fonts/MaisonNeue-Medium.woff2
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ulpFlags6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bbva.staging.infinnitytest.com/ | Name: _dd_s Value: rum=1&id=d84b5347-f0d2-4c50-bd97-e1a66d15802c&created=1713633150310&expire=1713634050311 |
|
login.bbva.staging.infinnitytest.com/ | Name: did Value: s%3Av0%3A2c594250-ff39-11ee-8351-e1f6821eebcc.p0U87RrrC3y3m%2Fw4XMQeztYwI4D8Lsbszy2HNpeT6T0 |
|
login.bbva.staging.infinnitytest.com/ | Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLeopFE3P4gKXZspAtMGAjPJ4s71U0c_KCp3JZPbzw0loNYcN_cDbEs1rxVsHItjhSkh1FWtErPqYQCmpkvsohimY29va2llg6dleHBpcmVz1_-6NHUAZifr_65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Ix%2FLsf%2BihvHKTRxrakkNXG97O8Fjl1Hq446y1djQwto |
|
login.bbva.staging.infinnitytest.com/ | Name: did_compat Value: s%3Av0%3A2c594250-ff39-11ee-8351-e1f6821eebcc.p0U87RrrC3y3m%2Fw4XMQeztYwI4D8Lsbszy2HNpeT6T0 |
|
login.bbva.staging.infinnitytest.com/ | Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLeopFE3P4gKXZspAtMGAjPJ4s71U0c_KCp3JZPbzw0loNYcN_cDbEs1rxVsHItjhSkh1FWtErPqYQCmpkvsohimY29va2llg6dleHBpcmVz1_-6NHUAZifr_65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Ix%2FLsf%2BihvHKTRxrakkNXG97O8Fjl1Hq446y1djQwto |
|
.login.bbva.staging.infinnitytest.com/ | Name: __cf_bm Value: qkoKrAAMzYSaQawpgur.AOwt3v05_VPp9uHdkcJtjVc-1713633151-1.0.1.1-FBQZmhzDhyqpJLx3ggA..gktvh5Vpr_SQr4urwpFD2knV2PrMYtmLw5vB100ihKi |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.getpliant.com
assets.staging.infinnitytest.com
bbva.staging.infinnitytest.com
cdn.auth0.com
login.bbva.staging.infinnitytest.com
rum.browser-intake-datadoghq.eu
assets.getpliant.com
104.19.152.19
143.204.215.3
18.244.18.3
2600:1901:0:7047::
2600:9000:2359:6e00:10:474e:104a:2961
2606:4700::6813:9913
99.86.4.35
047a68719f5d0b97eb39b00b99d484f6e0b188ee0ca656cc905e561ecb515977
21d166e31670d5972e10618ca781c880a365c2d8628b54d5442d63b8a830a9ae
26ad0b811cae64d63e9873f9fb15cdf0a4c8dafbce8ba075d10350cc98922d2c
337d5b936e92d91d05e777947647a17012c534718d27ed5ade788f9ef9357a01
33fb88f606a3f32f2f218df25dcc69283d9a555a0f8e253f2092f3af53404c11
364eadd1d28ad921c027c987eaae3517dbcfef1878ff153cb12cbd01954a7921
56ab4c71b0012b7d53ef3c81b47ef8cc82e018f2fa3b6297cb477998da7475b7
63bbbdacb0613c4fe42d939e7a13364b4ee15f65edac9b3524191dccf4fa1d64
7f59a4bb8d0c2dc10d1eec1770f7ad2803ad0d9c6a5ff08367ce5947e50f966b
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
f2aba9e55a9029c13670b20bc01536ce95d4913f9e5b9b48d592f326387f4dd6
f82e449ebef504bd44125531022a5e2ebcfaa20f944764d2903cf2d6c265e24a