messytech.xyz Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://messytech.xyz/?id_JIBBRS=DR-382037
Submission: On October 13 via automatic, source openphish (October 13th 2022, 2:20:55 am UTC) — Scanned from NL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is messytech.xyz.
TLS certificate: Issued by E1 on October 11th 2022. Valid for: 3 months.

This is the only time messytech.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BBVA (Financial)

Domain & IP information

	IP Address	AS Autonomous System
17	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	45.238.212.216 45.238.212.216	27730 (BBVA Banc...) (BBVA Banco Frances SA)
6	23.203.94.149 23.203.94.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.203.83.203 23.203.83.203	16625 (AKAMAI-AS) (AKAMAI-AS)
24	3

17 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

messytech.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.238.212.216 (Argentina) 6 redirects

ASN27730 (BBVA Banco Frances SA, AR)

bbva.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.203.94.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-94-149.deploy.static.akamaitechnologies.com

www.bbva.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.83.203 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-83-203.deploy.static.akamaitechnologies.com

assets.caasbbva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	messytech.xyz messytech.xyz	309 KB
12	bbva.com.ar 6 redirects bbva.com.ar — Cisco Umbrella Rank: 396922 www.bbva.com.ar — Cisco Umbrella Rank: 653409	5 KB
1	caasbbva.com assets.caasbbva.com — Cisco Umbrella Rank: 59547	3 KB
24	3

	Domain	Requested by
17	messytech.xyz	messytech.xyz
6	www.bbva.com.ar	messytech.xyz
6	bbva.com.ar	6 redirects
1	assets.caasbbva.com	messytech.xyz
24	4

This site contains no links.

Subject Issuer	Validity	Valid
*.messytech.xyz E1	`2022-10-11` - `2023-01-09`	3 months	crt.sh
bbvanetcash.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-24` - `2023-03-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://messytech.xyz/?id_JIBBRS=DR-382037
Frame ID: 2A2047083B95650753DF733AE89F0E54
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

75 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

316 kB
Transfer

608 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css

Request Chain 7

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css

Request Chain 8

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css

Request Chain 10

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css

Request Chain 11

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css

Request Chain 13

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css HTTP 301
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
messytech.xyz/ 13 KB
4 KB 274ms
197ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6a670b0fb2e823ce608d0ea8c72eeb159ea4dd47e9535a830d94b289b0c238

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75949919ea269199-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 13 Oct 2022 02:20:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVnm80U%2FjL%2Fd7%2FBkt1GW5y%2FIQoNwPoxUUghYvYjRyuuzq2aEF21Cti98eDgKbgc8YjYdwYy8dUGHRPNJiz5xp98YsKAu18sCpLHV3lLC5DBOMzOvJ3qk1TwYA3GLhgucKveWrKJDTTVo2s8G"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 icons.css
messytech.xyz/css/styles/ 19 KB
9 KB 35ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/styles/icons.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcaa23996703414c393b7b68596939e24720a7f61e358570d771e0ad59b8aae1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2622
cf-polished: origSize=20932
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"51c4-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5FUAcc6wxVaev5%2FzI7PZlVZQG0wY9pyKWHK4wgInBDq4NrbgIlSQsdGa8QZDw0%2BWQIJhYcccET1CvM2mE%2F2TQC2p7Dmz6XLTJUxePckIPVb6ElHEKjm6Ik7JfIqf2W%2BIJ0eCiZPlIJJJtQK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7594991b3b1d9199-FRA

GET
H2 200 normalize.css
messytech.xyz/css/ 8 KB
2 KB 30ms
28ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/normalize.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a3ed7c219716b32dbb68dc0cd9cc6b8c9ec518334cbcf404a83fabdeecdb88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2622
cf-polished: origSize=11181
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"2bad-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4Dtmg%2B45bhzdKM%2FoeMABS0pqhBE3z1QGTYrbJLPM2yxzFMqrjtwCqAD6O2c6aZzldZ2XLeI7zvG07X8vvhzoXP4t5d%2FnAdDoyO8Em6Sh8P%2FqcT%2BXdsS%2BroMXnDQZuUpiTqp%2BX2pbXIMme1%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7594991b3b219199-FRA

GET
H2 200 fix.css
messytech.xyz/css/ 6 KB
2 KB 31ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fix.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 221ac88b7cff0d3b4d3ecf34706a054271cc3f6ac3a0d4f178efe9af8e06f7d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2622
cf-polished: origSize=7836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"1e9c-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1uTB8k3BqtuWJv1P3wu%2BhKT3GlYfK70fyN%2FZ10Se8ZYc3pRzplsZP0CxeG7b10DjMUNrIOB1Ed0NQko8xah7nzVpC5SRe23uvLIkGkF94OBd4idhzGaNSjxpK2yB7c8gOQ3QLXmpIPlPqJ5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7594991b3b239199-FRA

GET
H2 200 header.css
messytech.xyz/css/styles/ 23 KB
5 KB 30ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/styles/header.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0725e180c306e62d457c2466d27a2c667fe40e076adf3a924997f301d3b9ef29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2622
cf-polished: origSize=31208
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"79e8-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pkkO8a%2FMsXYjHm%2BKufAYxfMeJpD3dQhG3dQo2rsz4Q7zWR5%2BN9C1fpd8ZvTTaVU%2FaN1QH%2FGFelT7S%2B%2FqAtx14FOadaX%2B7U4EmX3gvo1bEXGiXUUQTmjg6JSmsMLms4Xh251Qy8aCBUK7hki"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7594991b3b259199-FRA

GET
H2 200 mafalda.css
messytech.xyz/css/ 168 B
421 B 31ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/mafalda.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68dbab0653d3504af40c5992dba242e105cf4c07ed3ff30e5587b9a46ba43e57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2622
cf-polished: origSize=209
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"d1-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69hByjjFCsvRx7ROF4RFL%2FkrwBWNO9m9nef69%2F%2FeFFDbzLe8FaKqTWMDjOqeJmW%2FkfAbOgfyimXmwV7PZOuwN%2FyRo8bWINnDlnwU1zsSQWDckN449wva9jA6ksvsM%2FSLOzn5pLAMFiq0pgwq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7594991b3b279199-FRA

GET
H2 200 styles.css
messytech.xyz/css/ 40 KB
8 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/styles.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28d202c97413a86418d9a82ce988091f0f313bb6975cee64c1e783ada4ba164

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2622
cf-polished: origSize=51674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"c9da-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqtoo9hI2gWw5AyDm5mm9H4fqNWYf30bq6fqOJ1sBBUDYPL7tDuD%2BaUELqidAcdwcwnppBSzbZ5vzWwpwPLPHXDngl4Nkt0Qgz7hrfb%2F8C6ZMmHby5oMyvVRNcjropgdmX7OVwUAaFs7lTni"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7594991b3b299199-FRA

GET
H2

404

small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css

0
0

1238ms
866ms

Stylesheet
text/html

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Server: 23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-94-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css

1 KB
809 B

512ms
141ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

438aae0c1bf4d080efe48a79f24bccad646cca83e3644021bcd29b45b5ce84fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 02:20:49 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "80458c407a8cb6bd9a2c3b3eb9b9d357"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=28318765
server-timing: cdn-cache; desc=HIT, edge; dur=26
accept-ranges: bytes
content-length: 472
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/large.lc-20220223-181547-lc.min.ACSHASH755ee5decd16cc8430a2f90a59f49fb1.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

404

bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css

0
0

612ms
242ms

Stylesheet
text/html

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Server: 23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-94-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 logo.svg
messytech.xyz/img/ 2 KB
1 KB 51ms
51ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messytech.xyz/img/logo.svg
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b285aac3331fbd851ff9e33933cf15bfb8a3a37126348ecbb657006b4f6996d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2745
etag: W/"6eb-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9HSl7PnamjIj8EBDIfc7qj4bbSCmVWQZlvLjrJStsW11FPS49B07jI6JD9jrY%2BcvxWugEa71nh8nWFnm4%2FXIvgn9HBzEqf2T%2F%2Fm4hAnpPHsM1Nkxt9KbstEdpo9PWvScMuAzdAkEYsoPv26"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7594991b5b459199-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css

2 KB
1 KB

498ms
141ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

8482b316775946099a3d8b33f3edb1fb45cdfff6ac1548c42e69cb1590bca9f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 02:20:49 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "7beb7270d3f50fefd5511cf2ec2546d0"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=29414617
server-timing: cdn-cache; desc=HIT, edge; dur=31
accept-ranges: bytes
content-length: 671
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/small.lc-20220223-181547-lc.min.ACSHASHa37a04db69bc42a5e08c4323c3bfefe8.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css

651 B
637 B

489ms
142ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

d2f999fca7c7c5802acac5d3a72c37739607983a10635dc50437c2752c7266af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 02:20:49 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "6475e611b6f47fc3f643403a3604630c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=29572599
server-timing: cdn-cache; desc=HIT, edge; dur=20
accept-ranges: bytes
content-length: 285
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.mainNavigation/large.lc-20220223-181547-lc.min.ACSHASH8f81358eebb18a1778ddd3319a401956.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 profile.svg
messytech.xyz/img/ 346 B
559 B 51ms
50ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://messytech.xyz/img/profile.svg
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df844644d3b842832dcda8a2edd9ae5d7ec53bbfc4b50ec2cf2cbf726011e84a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2622
etag: W/"15a-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcAlnyvf1s8yXP%2F71gVd72HmqyaPanElA5x%2BBgruJuu1%2B82kHOxTwefZC5uxzFBdY7bZClWBUqIwg%2B3RuoaOjcq5r7Zn%2FU%2BOH%2FRuawFCw%2BL3xCFLcf%2F20G%2BUbUGzk53BXTY8QiDW1CcJ784N"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7594991b5b469199-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

small.lc-20220223-181547-lc.min.css
www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/
Redirect Chain

https://bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css
https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css

1 KB
816 B

507ms
165ms

Stylesheet
text/css

23.203.94.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Server

23.203.94.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-94-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

fc44e8702d8d6a9fc80e43a8b5c738a650cc3bd6087e3331b88dfbf444ddd597

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.arg.igrupobbva
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 02:20:49 GMT
content-security-policy: frame-ancestors 'self' https://*.arg.igrupobbva
etag: "fa93ce295bc3a13d2729cb760d97506e-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=29428581
server-timing: cdn-cache; desc=HIT, edge; dur=3
accept-ranges: bytes
content-length: 461
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.access/small.lc-20220223-181547-lc.min.css
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 query.min.js Show response
messytech.xyz/js/ 178 KB
42 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/query.min.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c97d5902567383725076e6f0982024d543ced3055a5730203aa8680b1acc50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2620
etag: W/"2c831-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sZn9SiAb0ENmR58Ji%2F%2F63RfbEcjNqqfZ8uKz%2B8yzCtxkiG9MRpTaaQAdY6ciJ58xA%2BmuMykI0ohPPWJxbBjjN44yL39WjitrZswjBpRTKByDeNAhrTuRwWGzsz8WF1UG%2F7hwvROuA5V8Vnh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7594991b4b359199-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 query-form.js Show response
messytech.xyz/js/ 20 KB
7 KB 52ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/query-form.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6f37cf3ef5dc8e8afd01a30fcd944e5b7fc20e52d6ddcd762ef9fab3820939

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2621
cf-polished: origSize=45167
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"b06f-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3OJxXcqcjlJQyCQzNcboF25QR23zpjlVFx13p9HE1jg7QxOb%2FQRkDaWEWeUDxT%2Fp7MhOcE5MiEkQLI5T8C1%2BQmvL2n%2BYReXHFsgROJL7DFGM2onA4Vm%2FT0GMONuf9308UCg6aJ9jdhZcRBn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7594991b4b389199-FRA

GET
H2 200 jquery.mask.js Show response
messytech.xyz/js/ 11 KB
4 KB 30ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/jquery.mask.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 072eb05095eeede132910b564b573b1dd4c53478ea8c44cf2a9d39be56886794

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2622
cf-polished: origSize=23780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
etag: W/"5ce4-5e722f7738280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Y8cwFGrUf%2FojoUJPdbxttmHI2%2BOgEMqU1GNndeNITWHKFlhO2tqtbrzC1mKB7ZTzh%2FcdM06TXhilgNbD4Mn7JIPfzpn6mCKtBCVeDs1CTWgk8q6SOao5Fewc9zFLxZ5CCL7hK0qZhPd0SEb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7594991b4b3b9199-FRA

GET
H2 200 custom.js Show response
messytech.xyz/js/ 91 KB
37 KB 38ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/js/custom.js
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6e4bc908f1555cbba5b0fd55f78dc8583359d0a35c2d6ebfc7797c01d6b8cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/?id_JIBBRS=DR-382037
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
server: cloudflare
age: 2622
etag: W/"16dd1-5e722f7738280-gzip"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttgQEyPTdvJhA%2BNHKKWN4PaI9CP5wY11k68bbPx%2FSFBMnfX7p6VHyeSsbxolS2fmn042XpjvPOx31OPMkQU7RI%2FcQqTiWTk%2FWtNUcf7g%2FuYwWEmr72eKCWtIPyPxh7ngnWoRb%2FICd6bTSo2S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7594991b4b3c9199-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 identification.png
assets.caasbbva.com/argentina/net/security-tips/ 3 KB
3 KB 331ms
39ms Image
image/png 23.203.83.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.caasbbva.com/argentina/net/security-tips/identification.png

Requested by

Host: messytech.xyz
URL: https://messytech.xyz/?id_JIBBRS=DR-382037

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.203.83.203 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-83-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec7c21a9a4d67fd9fbca7c0781031a9b6dbca1229bd4d25c51966596f57a7aec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://online.bbva.com.ar https://s3-dev.movil.bbva.es https://movil.bbva.es https://pre.web.bbva.es https://qa.web.grupobbva.com https://web.bbva.es https://.es.igrupobbva https://.igrupobbva https://bbvanetcash.com https://www.bbvanetcash.com https://www.bbva.es https://www.bbvanetadvance.com https://bbvanetadvance.com https://k0fe8mkn.openweb.bbva https://empresas.bbva.es https://www.bbva.pt https://bbva.pt https://www.bbvaglobalnetcash.com https://*.bbva.it https://netcash.bbva.es/
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://messytech.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Thu, 13 Oct 2022 02:20:51 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://online.bbva.com.ar https://s3-dev.movil.bbva.es https://movil.bbva.es https://pre.web.bbva.es https://qa.web.grupobbva.com https://web.bbva.es https://*.es.igrupobbva https://*.igrupobbva https://bbvanetcash.com https://www.bbvanetcash.com https://www.bbva.es https://www.bbvanetadvance.com https://bbvanetadvance.com https://k0fe8mkn.openweb.bbva https://empresas.bbva.es https://www.bbva.pt https://bbva.pt https://www.bbvaglobalnetcash.com https://*.bbva.it https://netcash.bbva.es/
etag: "41f5f0bb890fdbb9619196a49fbc1e10"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14417
accept-ranges: bytes
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Access-Control-Request-Method
content-length: 2863
x-xss-protection: 1; mode=block
expires: Thu, 13 Oct 2022 06:21:08 GMT

GET
H3 200 BentonSansBBVA-Book.woff
messytech.xyz/css/fonts/ 59 KB
58 KB 370ms
357ms Font
application/font-woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/BentonSansBBVA-Book.woff
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb3c57a1ca0ab92e36d9082b85aea35543cb2cf5ada00850603482f03bf3dd2

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"eaf8-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqJ2w73TVmNaZftfJR0BaE8cPC%2B5ln3JtqpJFb3NOgheDVeGEix9OFF%2BzkIXuWaTQwR3gAf83Zo09ysYLWcdSZtRh292zNEwC7J6E%2BTWPGs6ol11DiD2OkP5kQQC5QPmT2gnCk0XFO1XGpPq"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 759499317c3f9007-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bbvaweb-book-woff.woff
messytech.xyz/css/fonts/ 67 KB
68 KB 419ms
404ms Font
application/font-woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/bbvaweb-book-woff.woff
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5cbf9eefbf37f814f27cc710f7a65d28bc38549be266a917a393f6f5b6b1f5e

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10cdb-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOMkrEweT7sri62IhhOA1eO5oLHCdv5m3jJEnbucGsU7fMUPc0bLKHePYwjOX%2BPAqOGO45vM3swKUoqsdNrPNbwjWiabB%2BZp7rv%2FNZw%2FE6PgzMp7kHG%2FSIxarmOKjWVkM5rui6azAzsVyBBx"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 759499318c439007-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bbva-icons-login.ttf
messytech.xyz/css/fonts/ 4 KB
3 KB 221ms
204ms Font
application/font-sfnt 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/bbva-icons-login.ttf
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ae17c55ec9c085399c353c9eed2f9c96d892c72ecc9823b6da080cbc3d98b2

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"11b8-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bpa321qnQyeBdt7cVwLFKoR1EOKFQDF6Fg8a8UOo7Mgy0il4%2BzTX06HPRxuPpOL02ik2NWnKalykIlg22TrS0C8U3Ed6hITSu2yGD%2BMjKNCxZ3JIn4ZuJ7s6sfte2MDYiNtut2%2FXzuV%2BrnZa"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
cache-control: max-age=14400
cf-ray: 759499318c449007-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 BentonSansBBVA-Medium.woff
messytech.xyz/css/fonts/ 60 KB
59 KB 407ms
390ms Font
application/font-woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://messytech.xyz/css/fonts/BentonSansBBVA-Medium.woff
Requested by: Host: messytech.xyz
URL: https://messytech.xyz/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d10509e7c3322010a5b2beef454d7c44593e6cb1cab9baedd57b4b91425990

Request headers

Referer: https://messytech.xyz/css/styles.css
Origin: https://messytech.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 02:20:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Aug 2022 11:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ee5c-5e722f7738280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=colIRMVgngvjv2pBhUwfRDT5J57oewXXa619hyCFL0gTzCAi1X8MwyAtuudLZhRkDkD2PV4yltKRLnxHs46%2FIssb7HiB5Fjee%2BJgSei1KIXRzx5hnzU7AP5mE4I4F5YeETblPB0Khu5h7Od5"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 759499318c469007-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BBVA (Financial)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
messytech.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: elg7hlfdf5fas6mejouc63ohrj
www.bbva.com.ar/	1970-01-20 06:50:32	Name: AWSALBCORS Value: d+XQIQZOOR78WPzUB6yVQHs4q8d7u0a/PoJdviat40iDGah6/a6gLFs88vCoxUfJraULGRnx6CQJpz8TPYR4sdZrcfbRmR4WtwkRQE8EAbdXsDC+ahXSlY5b31W1
.bbva.com.ar/	1970-01-20 06:40:34	Name: ak_bmsc Value: A382BFBEA3C86299CFE89806ADCBC69D~000000000000000000000000000000~YAAQhlgDFx4z7qCDAQAAY/kkzxFOJ9lGYvlvWl8FIca6hBCk+UcihGgfgIayyog6Nh9aQDVyuR8vaVHKJ9pbk19E3DtpE9g4TRriTBONT7o75tVZKVkxM95cPdVnGPkI9x19A9gU4Nz73z5LLoW09LdwYD+1WwJ8kzwBXyND71vXoQqHOTbHMPQCSJAoozYMkhmu6rz3IFmUvPbkB0BL1ZMQV6Fu+LB8i7oGiXGSSf1fbalewL0GkiuOUH76v4USoqOgqJN9Ggw78wtahYAzJTUvT9fVpAIabRqeDBZlbH72wMhoWZxSfLe/Z8G9+UHx00c8n6TLD4wsOPZhUrbL7MCclRbrFkjhDhfRBUFKuPArpXwCBtkGxtaBou/0sH2MiapWRzYUC36HfQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.stickyalert.lc-20220223-181547-lc.min.ACSHASH0cef8f8c276b6349ca014f53d495361a.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bbva.com.ar/apps/bbva/pwebs/components/clientlibs/bbva.alert/small.lc-20220223-181547-lc.min.ACSHASH188b9a681452e17cd885be8f4ee86173.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.caasbbva.com
bbva.com.ar
messytech.xyz
www.bbva.com.ar
23.203.83.203
23.203.94.149
2a06:98c1:3120::3
45.238.212.216
0725e180c306e62d457c2466d27a2c667fe40e076adf3a924997f301d3b9ef29
072eb05095eeede132910b564b573b1dd4c53478ea8c44cf2a9d39be56886794
20c97d5902567383725076e6f0982024d543ced3055a5730203aa8680b1acc50
221ac88b7cff0d3b4d3ecf34706a054271cc3f6ac3a0d4f178efe9af8e06f7d8
438aae0c1bf4d080efe48a79f24bccad646cca83e3644021bcd29b45b5ce84fc
4b285aac3331fbd851ff9e33933cf15bfb8a3a37126348ecbb657006b4f6996d
5f6f37cf3ef5dc8e8afd01a30fcd944e5b7fc20e52d6ddcd762ef9fab3820939
68dbab0653d3504af40c5992dba242e105cf4c07ed3ff30e5587b9a46ba43e57
80d10509e7c3322010a5b2beef454d7c44593e6cb1cab9baedd57b4b91425990
8482b316775946099a3d8b33f3edb1fb45cdfff6ac1548c42e69cb1590bca9f2
ab6a670b0fb2e823ce608d0ea8c72eeb159ea4dd47e9535a830d94b289b0c238
bbb3c57a1ca0ab92e36d9082b85aea35543cb2cf5ada00850603482f03bf3dd2
bcaa23996703414c393b7b68596939e24720a7f61e358570d771e0ad59b8aae1
ca6e4bc908f1555cbba5b0fd55f78dc8583359d0a35c2d6ebfc7797c01d6b8cc
d28d202c97413a86418d9a82ce988091f0f313bb6975cee64c1e783ada4ba164
d2f999fca7c7c5802acac5d3a72c37739607983a10635dc50437c2752c7266af
df844644d3b842832dcda8a2edd9ae5d7ec53bbfc4b50ec2cf2cbf726011e84a
e6ae17c55ec9c085399c353c9eed2f9c96d892c72ecc9823b6da080cbc3d98b2
ec7c21a9a4d67fd9fbca7c0781031a9b6dbca1229bd4d25c51966596f57a7aec
f5cbf9eefbf37f814f27cc710f7a65d28bc38549be266a917a393f6f5b6b1f5e
f7a3ed7c219716b32dbb68dc0cd9cc6b8c9ec518334cbcf404a83fabdeecdb88
fc44e8702d8d6a9fc80e43a8b5c738a650cc3bd6087e3331b88dfbf444ddd597

messytech.xyz Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

75 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

316 kBTransfer

608 kBSize

3 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

3 Cookies

2 Console Messages

messytech.xyz Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

75 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

316 kB
Transfer

608 kB
Size

3
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!