bbva.tmtools.xyz Open in urlscan Pro
2606:4700:3033::681f:4fad  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bbva.tmtools.xyz/	2 KB 1 KB	92ms 33ms	Document text/html	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57cb3bf16cad14235663a82105e0630b8388993d55831e0df1a979fee0188a24 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers :method GET :authority bbva.tmtools.xyz :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Thu, 30 Apr 2020 22:20:48 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dbe8fdb673c96a0fc063d5f41cffadd6a1588285248; expires=Sat, 30-May-20 22:20:48 GMT; path=/; domain=.tmtools.xyz; HttpOnly; SameSite=Lax; Secure cache-control max-age=3600 last-modified Thu, 30 Apr 2020 19:58:11 GMT strict-transport-security max-age=31556926 x-served-by cache-fra19172-FRA x-cache HIT x-cache-hits 1 x-timer S1588285249.729483,VS0,VE1 vary x-fh-requested-host, accept-encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 58c4a6f46a010eb7-FRA content-encoding br cf-request-id 026ec6acc500000eb7d3a63200000001
GET H2	200	cordova.js Show response bbva.tmtools.xyz/	59 KB 13 KB	335ms 333ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/cordova.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c5b12b7a4ceb175b514c2f10f4698a2ea3a41fd43e900ae440d30d36d4be840 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:49 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6ad1d00000eb7d3a6b200000001 x-served-by cache-fra19163-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285249.809262,VS0,VE305 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6f4fadf0eb7-FRA x-cache-hits 0
GET H2	200	main.css bbva.tmtools.xyz/build/	1 MB 105 KB	501ms 500ms	Stylesheet text/css	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/build/main.css Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c232cdcb58d41b6de50f9ac1baa4510185b48600a5b615fdf646b80834e841ab Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:49 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6ad1c00000eb7d3a69200000001 x-served-by cache-fra19171-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285249.809880,VS0,VE475 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6f4fadd0eb7-FRA x-cache-hits 0
GET H2	200	leaflet.css bbva.tmtools.xyz/assets/leaflet/	14 KB 3 KB	353ms 352ms	Stylesheet text/css	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/assets/leaflet/leaflet.css Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611e07ac3138efd12961981e4e441f81526ad3cfb6efb517c4c2db8bf60febda Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:49 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6ad1d00000eb7d3a6a200000001 x-served-by cache-fra19169-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285249.808697,VS0,VE323 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6f4fade0eb7-FRA x-cache-hits 0
GET H2	200	polyfills.js Show response bbva.tmtools.xyz/build/	95 KB 32 KB	340ms 339ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/build/polyfills.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:49 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6ad1d00000eb7d3a6c200000001 x-served-by cache-fra19125-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285249.805920,VS0,VE309 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6f4fae20eb7-FRA x-cache-hits 0
GET H2	200	vendor.js Show response bbva.tmtools.xyz/build/	2 MB 547 KB	778ms 777ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/build/vendor.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d6d4679391088a63d309c897b0b9cc0b248037982f9e3b8a3ea23df10b87473 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:49 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6ad1d00000eb7d3a6d200000001 x-served-by cache-fra19163-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285249.808478,VS0,VE749 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6f4fae30eb7-FRA x-cache-hits 0
GET H2	200	main.js Show response bbva.tmtools.xyz/build/	68 KB 13 KB	386ms 375ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/build/main.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27be641611d24c1d6a0cc2f6433c532e84cf27b185b43e0f44f920d3e5a13e12 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:49 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6ad2700000eb7d3a6e200000001 x-served-by cache-fra19140-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285249.825969,VS0,VE338 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6f50afd0eb7-FRA x-cache-hits 0
GET H2	200	cordova_plugins.js Show response bbva.tmtools.xyz/	2 KB 585 B	380ms 378ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/cordova_plugins.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c5da484e2c36cb87fd8e5834aa7a929cd96d022c3062368c337bed483d6f17f Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b0b500000eb7d3aa5200000001 x-served-by cache-fra19163-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.733371,VS0,VE346 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fabf990eb7-FRA x-cache-hits 0
GET H2	200	device.js Show response bbva.tmtools.xyz/plugins/cordova-plugin-device/www/	3 KB 1 KB	367ms 350ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/plugins/cordova-plugin-device/www/device.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6de54d4b47310ba00a978e489d3d2c35ec008e7225025863ae0355ace2d84d7c Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b25f00000eb7d3adc200000001 x-served-by cache-fra19120-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.157910,VS0,VE327 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fd6d520eb7-FRA x-cache-hits 0
GET H2	200	DeviceProxy.js Show response bbva.tmtools.xyz/plugins/cordova-plugin-device/src/browser/	3 KB 1011 B	376ms 359ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/plugins/cordova-plugin-device/src/browser/DeviceProxy.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d666dc9812b32f9c55da31c41d00900181091bb3e2a9e774410b54aced305618 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b26000000eb7d3add200000001 x-served-by cache-fra19160-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.154327,VS0,VE340 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fd6d550eb7-FRA x-cache-hits 0
GET H2	200	util.js Show response bbva.tmtools.xyz/plugins/cordova-plugin-ionic-webview/src/www/	964 B 450 B	365ms 348ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/plugins/cordova-plugin-ionic-webview/src/www/util.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69653b332b4d2c253caf6ffde7c1b9905604d6b5bce4a67bccb8b3066c24e61a Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b26000000eb7d3ade200000001 x-served-by cache-fra19165-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.157468,VS0,VE328 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fd6d560eb7-FRA x-cache-hits 0
GET H2	200	splashscreen.js Show response bbva.tmtools.xyz/plugins/cordova-plugin-splashscreen/www/	1 KB 664 B	343ms 327ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/plugins/cordova-plugin-splashscreen/www/splashscreen.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 973fd81fe322b212b220ec90129a98c95d24bc1979e28dca8de0abd22000c06e Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b26000000eb7d3adf200000001 x-served-by cache-fra19120-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.155627,VS0,VE306 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fd6d580eb7-FRA x-cache-hits 0
GET H2	200	SplashScreenProxy.js Show response bbva.tmtools.xyz/plugins/cordova-plugin-splashscreen/src/browser/	6 KB 2 KB	350ms 334ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/plugins/cordova-plugin-splashscreen/src/browser/SplashScreenProxy.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21a0876bd70dc5f8cac86bf36831f6a4c65c477cdab7f4365e405fbab8a5bd9a Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b26000000eb7d3ae0200000001 x-served-by cache-fra19136-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.166319,VS0,VE304 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fd6d590eb7-FRA x-cache-hits 0
GET H2	200	statusbar.js Show response bbva.tmtools.xyz/plugins/cordova-plugin-statusbar/www/	3 KB 1 KB	409ms 393ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/plugins/cordova-plugin-statusbar/www/statusbar.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f34d2aa96ca5e337403a5f1d1b537a9a9ba43af88557463f854ed32a92da5185 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b26000000eb7d3ae1200000001 x-served-by cache-fra19120-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.158892,VS0,VE372 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fd6d5a0eb7-FRA x-cache-hits 0
GET H2	200	StatusBarProxy.js Show response bbva.tmtools.xyz/plugins/cordova-plugin-statusbar/src/browser/	2 KB 1 KB	390ms 376ms	Script text/javascript	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/plugins/cordova-plugin-statusbar/src/browser/StatusBarProxy.js Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/cordova.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39d4d1c4befb84917861b88fc75e4166d43370a9beffa4bd39643741315b1f96 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:50 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status MISS x-cache MISS status 200 cf-request-id 026ec6b26000000eb7d3ae2200000001 x-served-by cache-fra19170-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285250.159066,VS0,VE352 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 58c4a6fd6d5c0eb7-FRA x-cache-hits 0
GET H2	200	config.xml Show response bbva.tmtools.xyz/	1 KB 686 B	349ms 348ms	XHR application/xml	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bbva.tmtools.xyz/config.xml Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/build/polyfills.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cc0f74a33d52336ec869bc5f80f6be1cd7eccd4b1136da6379d3063e690b774 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:52 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status DYNAMIC x-cache MISS status 200 cf-request-id 026ec6bbae00000eb7d3b5d200000001 x-served-by cache-fra19129-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285253.537330,VS0,VE331 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type application/xml cache-control max-age=3600 cf-ray 58c4a70c4a850eb7-FRA x-cache-hits 0
GET H/1.1	200 OK	.lp Show response orion-6d6cd.firebaseio.com/ Frame 6F24	423 B 665 B	358ms 119ms	Script application/javascript	2600:1901:0:94b6:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://orion-6d6cd.firebaseio.com/.lp?start=t&ser=36872104&cb=1&v=5 Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/build/vendor.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash ca1c2f7acee2577a1312743c769d26aea1b7b0dff205714e5b0a1f392cac3e58 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 22:20:52 GMT Server nginx Connection keep-alive Content-Length 423 Strict-Transport-Security max-age=31556926; includeSubDomains; preload Content-Type application/javascript; charset=utf-8
GET H2	200	screen bbva.tmtools.xyz/	2 KB 2 KB	449ms 434ms	Image text/html	2606:4700:3033::681f:4fad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bbva.tmtools.xyz/screen Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4fad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 22:20:54 GMT content-encoding br vary x-fh-requested-host, accept-encoding cf-cache-status DYNAMIC x-cache MISS status 200 cf-request-id 026ec6c0c300000eb7d3b9e200000001 x-served-by cache-fra19172-FRA last-modified Thu, 30 Apr 2020 19:58:11 GMT server cloudflare x-timer S1588285254.834690,VS0,VE422 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31556926 content-type text/html; charset=utf-8 cache-control max-age=3600 cf-ray 58c4a7146b340eb7-FRA x-cache-hits 0
GET H/1.1	200 OK	.lp s-usc1c-nss-252.firebaseio.com/ Frame 8A79	0 0	119ms 118ms	Document text/html	2600:1901:0:94b6:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s-usc1c-nss-252.firebaseio.com/.lp?dframe=t&id=10034015&pw=SwMKnJCAC7&ns=orion-6d6cd Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/build/vendor.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Host s-usc1c-nss-252.firebaseio.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://bbva.tmtools.xyz/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bbva.tmtools.xyz/ Response headers Server nginx Date Thu, 30 Apr 2020 22:20:54 GMT Content-Type text/html; charset=utf-8 Content-Length 421 Connection keep-alive Strict-Transport-Security max-age=31556926; includeSubDomains; preload
GET H/1.1	200 OK	.lp Show response s-usc1c-nss-252.firebaseio.com/ Frame 6F24	15 B 256 B	356ms 119ms	Script application/javascript	2600:1901:0:94b6:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s-usc1c-nss-252.firebaseio.com/.lp?id=10034015&pw=SwMKnJCAC7&ser=33065397&ns=orion-6d6cd Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/build/vendor.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash 416ebdae1319a43b48e3caf0a24100ab786aa6432e276fb735da780aa435b300 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 22:20:54 GMT Server nginx Connection keep-alive Content-Length 15 Strict-Transport-Security max-age=31556926; includeSubDomains; preload Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	.lp Show response s-usc1c-nss-252.firebaseio.com/ Frame 6F24	58 B 299 B	354ms 119ms	Script application/javascript	2600:1901:0:94b6:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s-usc1c-nss-252.firebaseio.com/.lp?id=10034015&pw=SwMKnJCAC7&ser=33065398&ns=orion-6d6cd&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjUtMC00IjoxfX19fQ.. Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/build/vendor.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash 30bd0120e57f70174a17629a1703bb0d29bd1660f244aa45d0542637d5b960d7 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 22:20:54 GMT Server nginx Connection keep-alive Content-Length 58 Strict-Transport-Security max-age=31556926; includeSubDomains; preload Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	.lp Show response s-usc1c-nss-252.firebaseio.com/ Frame 6F24	47 B 288 B	678ms 674ms	Script application/javascript	2600:1901:0:94b6:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s-usc1c-nss-252.firebaseio.com/.lp?id=10034015&pw=SwMKnJCAC7&ser=33065399&ns=orion-6d6cd Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/build/vendor.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash ed3730b3270061a92ba848032606b5ad11fba8990e1e02d6f8ef8da54a6237cf Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 22:20:55 GMT Server nginx Connection keep-alive Content-Length 47 Strict-Transport-Security max-age=31556926; includeSubDomains; preload Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	.lp Show response s-usc1c-nss-252.firebaseio.com/ Frame 6F24	38 B 279 B	123ms 123ms	Script application/javascript	2600:1901:0:94b6:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s-usc1c-nss-252.firebaseio.com/.lp?id=10034015&pw=SwMKnJCAC7&ser=33065400&ns=orion-6d6cd&seg0=1&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19 Requested by Host: bbva.tmtools.xyz URL: https://bbva.tmtools.xyz/build/vendor.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash ab9a7570dfdadce87d8a7dc2f43587cba2c28e951c6bd9fd9176c5a175a85b20 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://bbva.tmtools.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 22:20:55 GMT Server nginx Connection keep-alive Content-Length 38 Strict-Transport-Security max-age=31556926; includeSubDomains; preload Content-Type application/javascript; charset=utf-8

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Ionic object| cordova object| MyBundle object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader function| webpackJsonp boolean| ngDevMode function| Hammer object| __zone_symbol__ON_PROPERTYmessage function| setImmediate function| clearImmediate object| L object| ng function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| CDV_origSymbols object| Cordova object| device object| StatusBar function| pLPCommand1 function| pRTLPCB1 function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tmtools.xyz/	1970-01-19 09:54:37	Name: __cfduid Value: dbe8fdb673c96a0fc063d5f41cffadd6a1588285248

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://bbva.tmtools.xyz/build/vendor.js(Line 1) Message: It looks like you're using the development build of the Firebase JS SDK. When deploying Firebase apps to production, it is advisable to only import the individual SDK components you intend to use. For the module builds, these are available in the following manner (replace <PACKAGE> with the name of a component - i.e. auth, database, etc): CommonJS Modules: const firebase = require('firebase/app'); require('firebase/<PACKAGE>'); ES Modules: import firebase from 'firebase/app'; import 'firebase/<PACKAGE>';
console-api	error	URL: https://bbva.tmtools.xyz/build/vendor.js(Line 1) Message: ERROR Error: Uncaught (in promise): FirebaseError: Messaging: This browser doesn't support the API's required to use the firebase SDK. (messaging/unsupported-browser). FirebaseError: Messaging: This browser doesn't support the API's required to use the firebase SDK. (messaging/unsupported-browser). at Object.t.INTERNAL.registerService.isSupported [as messaging] (https://bbva.tmtools.xyz/build/vendor.js:1:1990422) at t._getService (https://bbva.tmtools.xyz/build/vendor.js:1:571673) at t.c.<computed> [as messaging] (https://bbva.tmtools.xyz/build/vendor.js:1:569494) at Object.l [as messaging] (https://bbva.tmtools.xyz/build/vendor.js:1:569325) at new e (https://bbva.tmtools.xyz/build/main.js:1:66025) at https://bbva.tmtools.xyz/build/vendor.js:1:22514 at be (https://bbva.tmtools.xyz/build/vendor.js:1:22555) at ve (https://bbva.tmtools.xyz/build/vendor.js:1:22141) at t.get (https://bbva.tmtools.xyz/build/vendor.js:1:125903) at Ve (https://bbva.tmtools.xyz/build/vendor.js:1:27570)
console-api	log	URL: https://bbva.tmtools.xyz/cordova.js(Line 1024) Message: adding proxy for Device
console-api	log	URL: https://bbva.tmtools.xyz/cordova.js(Line 1024) Message: adding proxy for SplashScreen
console-api	log	URL: https://bbva.tmtools.xyz/cordova.js(Line 1024) Message: adding proxy for StatusBar
console-api	log	URL: https://bbva.tmtools.xyz/plugins/cordova-plugin-statusbar/src/browser/StatusBarProxy.js(Line 23) Message: StatusBar is not supported

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbva.tmtools.xyz
orion-6d6cd.firebaseio.com
s-usc1c-nss-252.firebaseio.com
2600:1901:0:94b6::
2606:4700:3033::681f:4fad
1c5da484e2c36cb87fd8e5834aa7a929cd96d022c3062368c337bed483d6f17f
1d6d4679391088a63d309c897b0b9cc0b248037982f9e3b8a3ea23df10b87473
21a0876bd70dc5f8cac86bf36831f6a4c65c477cdab7f4365e405fbab8a5bd9a
27be641611d24c1d6a0cc2f6433c532e84cf27b185b43e0f44f920d3e5a13e12
30bd0120e57f70174a17629a1703bb0d29bd1660f244aa45d0542637d5b960d7
39d4d1c4befb84917861b88fc75e4166d43370a9beffa4bd39643741315b1f96
416ebdae1319a43b48e3caf0a24100ab786aa6432e276fb735da780aa435b300
57cb3bf16cad14235663a82105e0630b8388993d55831e0df1a979fee0188a24
611e07ac3138efd12961981e4e441f81526ad3cfb6efb517c4c2db8bf60febda
69653b332b4d2c253caf6ffde7c1b9905604d6b5bce4a67bccb8b3066c24e61a
6de54d4b47310ba00a978e489d3d2c35ec008e7225025863ae0355ace2d84d7c
889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7
8c5b12b7a4ceb175b514c2f10f4698a2ea3a41fd43e900ae440d30d36d4be840
8cc0f74a33d52336ec869bc5f80f6be1cd7eccd4b1136da6379d3063e690b774
973fd81fe322b212b220ec90129a98c95d24bc1979e28dca8de0abd22000c06e
ab9a7570dfdadce87d8a7dc2f43587cba2c28e951c6bd9fd9176c5a175a85b20
c232cdcb58d41b6de50f9ac1baa4510185b48600a5b615fdf646b80834e841ab
ca1c2f7acee2577a1312743c769d26aea1b7b0dff205714e5b0a1f392cac3e58
d666dc9812b32f9c55da31c41d00900181091bb3e2a9e774410b54aced305618
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3730b3270061a92ba848032606b5ad11fba8990e1e02d6f8ef8da54a6237cf
f34d2aa96ca5e337403a5f1d1b537a9a9ba43af88557463f854ed32a92da5185