messytech.xyz Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://messytech.xyz/?id_JIBBRS=DR-382037
Submission: On October 13 via manual (October 13th 2022, 11:21:05 pm UTC) from ES — Scanned from NL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is messytech.xyz.
TLS certificate: Issued by E1 on October 11th 2022. Valid for: 3 months.

This is the only time messytech.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BBVA (Financial)

Domain & IP information

	IP Address	AS Autonomous System
17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	45.238.212.216 45.238.212.216	27730 (BBVA Banc...) (BBVA Banco Frances SA)
6	23.203.94.149 23.203.94.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.205.228.87 23.205.228.87	16625 (AKAMAI-AS) (AKAMAI-AS)
24	3

17 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

messytech.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.238.212.216 (Argentina) 6 redirects

ASN27730 (BBVA Banco Frances SA, AR)

bbva.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.203.94.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-94-149.deploy.static.akamaitechnologies.com

www.bbva.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.228.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-228-87.deploy.static.akamaitechnologies.com

assets.caasbbva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	messytech.xyz messytech.xyz	319 KB
12	bbva.com.ar 6 redirects bbva.com.ar — Cisco Umbrella Rank: 372797 www.bbva.com.ar — Cisco Umbrella Rank: 528217	5 KB
1	caasbbva.com assets.caasbbva.com — Cisco Umbrella Rank: 64096	4 KB
24	3

	Domain	Requested by
17	messytech.xyz	messytech.xyz
6	www.bbva.com.ar	messytech.xyz
6	bbva.com.ar	6 redirects
1	assets.caasbbva.com	messytech.xyz
24	4

This site contains no links.

Subject Issuer	Validity	Valid
*.messytech.xyz E1	`2022-10-11` - `2023-01-09`	3 months	crt.sh
bbvanetcash.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-24` - `2023-03-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://messytech.xyz/?id_JIBBRS=DR-382037
Frame ID: BB38B3E8B34433319A7E04B4B581928F
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

75 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

325 kB
Transfer

670 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css

Request Chain 7

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css

Request Chain 8

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css

Request Chain 10

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css

Request Chain 11

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css

Request Chain 13

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
messytech.xyz/ 13 KB
4 KB 264ms
194ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6a670b0fb2e823ce608d0ea8c72eeb159ea4dd47e9535a830d94b289b0c238

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 759bcf155fcf9bbf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 13 Oct 2022 23:20:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3fUvdg%2BKkBKMZC76T8t8F9bXk7rs%2Fl8UOpaxMhrh2gmuoAf1A3lhuy8kw3FZeb2r%2F0DUvd4Hyy67YzKQ1CUeJfpJb9xPW%2BDKfTJzwthrhCIebKSqW%2B3BA8nTJzfPksBPqntovW5Pt48XUfZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 icons.css
messytech.xyz/css/styles/ 20 KB
9 KB 200ms
193ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/styles/icons.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b31d9eaea84615c5f47b11c4636aa272cd2319680d2f4f2785876fdf262214

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"51c4-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7uRuoNEBTo7jGVrZLWipa6y3CY3P4X%2Bh3W7G9hvcNZi2kceIUGZ9VmQoRB%2Ba3n00b%2BPUFmYroiCjeTINSnAPC1ZBGiCUwK55gkWOL0%2FuwvVwId7x467YFyENwLfC0kI7SR8pRLDnRmB7Mc8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 759bcf16a9669bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 normalize.css
messytech.xyz/css/ 11 KB
2 KB 210ms
203ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/normalize.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 366e1f474f255a458f0a0c7566ccdf62624d6410b3c81b2549fe4368cbe5786b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2bad-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Krm9MfQaGE1D%2F%2BfcL5TlhJsfk5mOLR%2BRLOTyuLteTvh2WNR4jotRu0yZfeE4OeKeZLUYm0jPtWhKRNGFhPNMXwpI4n4qYGyY0Hfs7fISqOYKc04%2FIpPo2WdMuKSNrkM%2FqWzi6esScs7NC%2FL3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 759bcf16a9689bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fix.css
messytech.xyz/css/ 8 KB
2 KB 202ms
196ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fix.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4c9d221c73c5761c4927e387ca4f503251eb64c38323f8e9bc146025f8025f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1e9c-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmHQ%2FBV7rRyCz1o0Z2cIm5ET9s%2BA3D1y8YN7nq5MhiCpVVaIA4zsHeDDvXOOIMg2gcbNn1uTDUE4RxC%2BDqpCO9CgZHe%2Bl%2FpgHzLzzej6GJK%2FGkMqHb16luN4UuCPw8QaVFqpF8TRHN0goh5W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 759bcf16a9699bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 header.css
messytech.xyz/css/styles/ 30 KB
5 KB 210ms
204ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/styles/header.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d0af257cadab67fd0f3663aa1635d017108ea48be88031485eb6e8f53af228

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"79e8-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKT9U%2BwM4kRN4QMvhFKnRq%2F0hWO763lG9xNngbmrVZh2VCf6hlHVd8m9su4lUVrtUbTvc6Q6ydYpdB4qJEfFec2TLaV683LMg5Z%2FyXSSWkiQMOLzcS5jKHoQOhH6SUlmD0wQTyZAPDdlSCIc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 759bcf16a96a9bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mafalda.css
messytech.xyz/css/ 209 B
423 B 201ms
195ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/mafalda.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0401d156e7a79d484615a4c5045d8795acdea0cb3855d347cf5bbd31405fde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d1-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGIAskS%2Ba6dHxhU5dzpG2k3S5VGVBpTReV3UPb12HjWuIvH7GzWXyLhtu3IFkJN9I71BbZy%2Fz2BhOfTdsuCgcs9w7hQIsvMqqGglH%2F84DjSr6mRdakQdCoAeUwgRhOcQS5JC2FBDMkIo%2Fo%2F0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 759bcf16a96b9bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.css
messytech.xyz/css/ 50 KB
8 KB 204ms
199ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/styles.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd55d8db3c35e397d33fc691d243ae54f6e5c51a5fbe2886409e050e30d64b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c9da-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KFmnjWX5LqdFrN3ylCwQeQpC8qOHFsd8lWCwb%2Fxxwwuso6lsI8JciuTufu7wbKu1kGFlB7pq%2BgC%2BGT3xhtdOfAq%2FgwPzRDdPmbWXGXuQuL%2FoTz5QqtLRV%2B%2BH7uLY9dcIiZ9vI%2FDx0x%2BDhSA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 759bcf16a96c9bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

404

small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css

0
0

899ms
729ms

Stylesheet
text/html

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Server: 23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-94-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css

1 KB
831 B

263ms
101ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

438aae0c1bf4d080efe48a79f24bccad646cca83e3644021bcd29b45b5ce84fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 23:21:00 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "80458c407a8cb6bd9a2c3b3eb9b9d357"
x-edgeconnect-cache-status: 1
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=28243154
server-timing: cdn-cache; desc=HIT, edge; dur=23
accept-ranges: bytes
content-length: 472
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

404

bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css

0
0

430ms
271ms

Stylesheet
text/html

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Server: 23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-94-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 logo.svg
messytech.xyz/img/ 2 KB
1 KB 1430ms
1427ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messytech.xyz/img/logo.svg
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b285aac3331fbd851ff9e33933cf15bfb8a3a37126348ecbb657006b4f6996d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:21:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6eb-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JakoLwlgcgyZxP%2BB6PBpcajtCtTz42seD2%2BC6TsftgtFTlnt%2FpT8QBujeTkfnr2OMqs9h9rZLF5eU2IO%2FntcQyZomirTahcIxsDEqi9FQxADY6tEQfSK88n2gE48VHps3GgVGyN%2BOgjCSIdR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 759bcf16d9b29bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css

2 KB
1022 B

257ms
102ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

8482b316775946099a3d8b33f3edb1fb45cdfff6ac1548c42e69cb1590bca9f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 23:21:00 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "7beb7270d3f50fefd5511cf2ec2546d0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=29339006
server-timing: cdn-cache; desc=HIT, edge; dur=13
accept-ranges: bytes
content-length: 671
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css

651 B
637 B

257ms
103ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

d2f999fca7c7c5802acac5d3a72c37739607983a10635dc50437c2752c7266af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 23:21:00 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "6475e611b6f47fc3f643403a3604630c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=29496988
server-timing: cdn-cache; desc=HIT, edge; dur=4
accept-ranges: bytes
content-length: 285
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 profile.svg
messytech.xyz/img/ 346 B
620 B 431ms
428ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messytech.xyz/img/profile.svg
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df844644d3b842832dcda8a2edd9ae5d7ec53bbfc4b50ec2cf2cbf726011e84a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15a-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfYMRTzP2t1Ou1s8yTDb1X5JyDAHovL2I%2B4wQgVXPul8fLCGF5b44J6nxQp5o4fBHmrjSJ%2BgraTlX3phbhOGZyYG1YXkxQsOgiwZ1LZqyHL1%2FE6CjqTUkqmQ4Dy4useZX9HZlZP5S%2FiaBRHB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 759bcf16d9b39bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

small.lc-20220223-181547-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css

1 KB
816 B

234ms
103ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

fc44e8702d8d6a9fc80e43a8b5c738a650cc3bd6087e3331b88dfbf444ddd597

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 23:21:00 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "fa93ce295bc3a13d2729cb760d97506e-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=29352970
server-timing: cdn-cache; desc=HIT, edge; dur=7
accept-ranges: bytes
content-length: 461
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 query.min.js Show response
messytech.xyz/js/ 178 KB
42 KB 312ms
307ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/query.min.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c97d5902567383725076e6f0982024d543ced3055a5730203aa8680b1acc50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c831-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBrS8aQPt9Dm6S691Xgo30JJnYGtIIrRduApQvRtrHQslhV9IxZO4urzE1CxZojRKyMQSiyEIBVatmKDoJ8BHIaC56lw4ZEvG2H4tJH69ObwmqthoYrPSTgj%2B57OXcVh2p6mwJBNAOD0Bvfd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 759bcf16d9a69bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 query-form.js Show response
messytech.xyz/js/ 44 KB
13 KB 1438ms
1434ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/query-form.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b05ed417c37a01fba3f2904702ee68f4883409fd79a78e515566a4dc0655967

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:21:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b06f-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dcn%2BhZKkyrbr5%2BPkqmeKtri8frG%2BQxMmRJ5P%2F7JDd0cicFTuEvRuEedg%2Bv2f4h2BOXoiYgaFJp%2B9g7FLgLUJSe4fKGv1aCgRCRHT0h0A3c82Qpiha47TTgGID87IAC%2FSfiiEUQgfGRAyY%2BpV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 759bcf16d9a79bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.mask.js Show response
messytech.xyz/js/ 23 KB
6 KB 199ms
195ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/jquery.mask.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42f2b8dd25e03082cf4650d3d79842043cde354604a3a9572aa60798f8a1bda3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5ce4-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3qHLlBD5%2Be2OOCJ9AYgV2uSLOvWaqdfOxdKSEO%2FsRNLEToY%2Bw1scgbiYu5ILEMkf2sBBK72CQNSace%2B3jYPsmn8mx7qORqFef%2F1xN0AdcMZ3SoSsfoVwYqpn2q6XZPOEAXAuBQu2N7y09sZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 759bcf16d9aa9bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 custom.js Show response
messytech.xyz/js/ 91 KB
37 KB 313ms
309ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/custom.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6e4bc908f1555cbba5b0fd55f78dc8583359d0a35c2d6ebfc7797c01d6b8cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:20:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"16dd1-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nY%2BKCdsjjk95Ltdsv%2FAUcKEY%2FEPZVE66Q6XXue3YryTQ6WR6u7iwWrKme3WmbJqvH8Xhi%2B03zV6QUnEEgHxJ3O1tuGkcf1pLMEXr8iV9S6xl0FQYMhSjPJOYA8xrX53o8p5AWOv8fFIdAfzq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 759bcf16d9ab9bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 identification.png
assets.caasbbva.com/argentina/net/security-tips/ 3 KB
4 KB 386ms
56ms Image
image/png 23.205.228.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.caasbbva.com/argentina/net/security-tips/identification.png

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.205.228.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-228-87.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec7c21a9a4d67fd9fbca7c0781031a9b6dbca1229bd4d25c51966596f57a7aec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://online.bbva.com.ar https://s3-dev.movil.bbva.es https://movil.bbva.es https://pre.web.bbva.es https://qa.web.grupobbva.com https://web.bbva.es https://.es.igrupobbva https://.igrupobbva https://bbvanetcash.com https://www.bbvanetcash.com https://www.bbva.es https://www.bbvanetadvance.com https://bbvanetadvance.com https://k0fe8mkn.openweb.bbva https://empresas.bbva.es https://www.bbva.pt https://bbva.pt https://www.bbvaglobalnetcash.com https://*.bbva.it https://netcash.bbva.es/
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Thu, 13 Oct 2022 23:21:01 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://online.bbva.com.ar https://s3-dev.movil.bbva.es https://movil.bbva.es https://pre.web.bbva.es https://qa.web.grupobbva.com https://web.bbva.es https://*.es.igrupobbva https://*.igrupobbva https://bbvanetcash.com https://www.bbvanetcash.com https://www.bbva.es https://www.bbvanetadvance.com https://bbvanetadvance.com https://k0fe8mkn.openweb.bbva https://empresas.bbva.es https://www.bbva.pt https://bbva.pt https://www.bbvaglobalnetcash.com https://*.bbva.it https://netcash.bbva.es/
etag: "41f5f0bb890fdbb9619196a49fbc1e10"
x-edgeconnect-cache-status: 1
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=52572
accept-ranges: bytes
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Access-Control-Request-Method
content-length: 2863
x-xss-protection: 1; mode=block
expires: Fri, 14 Oct 2022 13:57:13 GMT

GET
H3 200 BentonSansBBVA-Book.woff
messytech.xyz/css/fonts/ 59 KB
58 KB 1359ms
1359ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/BentonSansBBVA-Book.woff
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb3c57a1ca0ab92e36d9082b85aea35543cb2cf5ada00850603482f03bf3dd2

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:21:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"eaf8-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7vpSUseGMR4uuePieu7bX9fLZOtF%2FlR7lrjtG3Ri6tmFE6DmVq%2Bfq7wQLej1VTC2TKQ0vSBOYAjEy5pEJuFCpPYKYdoYxBOj259gCEW0YjMMnJ29cqeFjDzoyeC50JeQIytBOhhC0wa5Lau"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 759bcf2509d96903-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bbvaweb-book-woff.woff
messytech.xyz/css/fonts/ 67 KB
68 KB 1334ms
1333ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/bbvaweb-book-woff.woff
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5cbf9eefbf37f814f27cc710f7a65d28bc38549be266a917a393f6f5b6b1f5e

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:21:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10cdb-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOP6zWt41kvKaqHSlBwt5EfSqYVdmnT7zv3cutNBNDz8iGUwTD0FkQb1aiShbgdv9iQ7VS%2Buu%2Fo05C7anSgXx7koS9YsbgBpsz0pZbm4Ddy2vUd3rhMwJUxlZPZHX6fvFOSfPDNzFufpJTcl"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 759bcf2509da6903-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bbva-icons-login.ttf
messytech.xyz/css/fonts/ 4 KB
3 KB 192ms
192ms Font
application/font-sfnt 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/bbva-icons-login.ttf
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ae17c55ec9c085399c353c9eed2f9c96d892c72ecc9823b6da080cbc3d98b2

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:21:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11b8-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMbPx15qOYRWT0QO%2Fv1EFp0kArvv7Cqg%2B4Ng78xCXubnl89QJ%2F%2FtAS6Wi%2BBuvaPidqxo%2FeL181vYFbaP7RwYQwgAWnvR%2B%2B7jTVjdORvchn7T4gNqMj%2BFs323ZEgMNMa2ZK7jfMdfkUsR%2BuXJ"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
cache-control: max-age=14400
cf-ray: 759bcf2509db6903-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 BentonSansBBVA-Medium.woff
messytech.xyz/css/fonts/ 60 KB
59 KB 361ms
361ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/BentonSansBBVA-Medium.woff
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d10509e7c3322010a5b2beef454d7c44593e6cb1cab9baedd57b4b91425990

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:21:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ee5c-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCb1D2vix%2F8EfLKOktFsvoQ5jhdDyZ2EfargwswiUrmew%2BKiDj6Rf8eU8h9koBDpGhGygv1Ibt3CN7ES7wBgtmfKXLMRD%2BYmwmkkQy0mteA%2Fl86ZyMK%2Fn9qFlp16PHgMUgIA7fUmqPfc9qbo"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 759bcf2509dc6903-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BBVA (Financial)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
messytech.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4hsdg2uj7ut41rc18fb4hd14vq
www.bbva.com.ar/	1970-01-20 06:51:48	Name: AWSALBCORS Value: NMg0QsXpBuvaFLYGijUHZ4mNM8xoEN53U5Wo/jt9MP8RpMQwvAOWfjx5bIxUk3x/yCtbKqTVTE+idZQ0h2+p6o93sBTMmufob6A6XKZQOJJ7GdAf3i9/BKcqIvPD
.bbva.com.ar/	1970-01-20 06:41:50	Name: ak_bmsc Value: 7DBBE83FAC3E00996718AE2E3B099840~000000000000000000000000000000~YAAQhlgDFwZ1NtKDAQAACLOm0xFZTqkgX8qOtD3hyjwCAtJNRfgsQPO+yYqdkBN5u9hv6kkU4HIhynZ5xlSgACzA3DzoOHuSwUT2l74zPwkkHwI4nkRiRyoXP050CodtzvxRqasgGP1GTRKyDfibXuF6kkDWOp11aQ0jCqShyOzXncrY1f5qBYZqCrJCikFtoqAVwaJjAMfZov1zEX2wpZMB9fRkTm8AyVZSOjxjUZsSGDejivg73uAAmobBrGFrYUdbKr7KoGChtNfeRuNwkG/w4BIg7iOnRDb/RxnFxmlZ4otU4NJvthXdPEr9e5pISx5SQVrNWVLoOvjvgV+Z2quLby3/514lY1bKAxQAjaPoK1kyWKjm98fp8T9jFWtWdqnewqNd2e75

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.caasbbva.com
bbva.com.ar
messytech.xyz
www.bbva.com.ar
23.203.94.149
23.205.228.87
2a06:98c1:3121::3
45.238.212.216
20c97d5902567383725076e6f0982024d543ced3055a5730203aa8680b1acc50
366e1f474f255a458f0a0c7566ccdf62624d6410b3c81b2549fe4368cbe5786b
42f2b8dd25e03082cf4650d3d79842043cde354604a3a9572aa60798f8a1bda3
438aae0c1bf4d080efe48a79f24bccad646cca83e3644021bcd29b45b5ce84fc
4b05ed417c37a01fba3f2904702ee68f4883409fd79a78e515566a4dc0655967
4b285aac3331fbd851ff9e33933cf15bfb8a3a37126348ecbb657006b4f6996d
80d10509e7c3322010a5b2beef454d7c44593e6cb1cab9baedd57b4b91425990
8482b316775946099a3d8b33f3edb1fb45cdfff6ac1548c42e69cb1590bca9f2
9e0401d156e7a79d484615a4c5045d8795acdea0cb3855d347cf5bbd31405fde
ab6a670b0fb2e823ce608d0ea8c72eeb159ea4dd47e9535a830d94b289b0c238
bbb3c57a1ca0ab92e36d9082b85aea35543cb2cf5ada00850603482f03bf3dd2
bf4c9d221c73c5761c4927e387ca4f503251eb64c38323f8e9bc146025f8025f
ca6e4bc908f1555cbba5b0fd55f78dc8583359d0a35c2d6ebfc7797c01d6b8cc
d2f999fca7c7c5802acac5d3a72c37739607983a10635dc50437c2752c7266af
d3b31d9eaea84615c5f47b11c4636aa272cd2319680d2f4f2785876fdf262214
d9d0af257cadab67fd0f3663aa1635d017108ea48be88031485eb6e8f53af228
df844644d3b842832dcda8a2edd9ae5d7ec53bbfc4b50ec2cf2cbf726011e84a
e6ae17c55ec9c085399c353c9eed2f9c96d892c72ecc9823b6da080cbc3d98b2
ec7c21a9a4d67fd9fbca7c0781031a9b6dbca1229bd4d25c51966596f57a7aec
ecd55d8db3c35e397d33fc691d243ae54f6e5c51a5fbe2886409e050e30d64b7
f5cbf9eefbf37f814f27cc710f7a65d28bc38549be266a917a393f6f5b6b1f5e
fc44e8702d8d6a9fc80e43a8b5c738a650cc3bd6087e3331b88dfbf444ddd597

messytech.xyz Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

75 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

325 kBTransfer

670 kBSize

3 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

3 Cookies

2 Console Messages

messytech.xyz Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

75 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

325 kB
Transfer

670 kB
Size

3
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!