urlscan.io logo urlscan.io
SecurityTrails logo

quixtie.com Open in urlscan Pro
104.21.93.29  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bbbva.es/
Effective URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referre...
Submission: On February 19 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 30 HTTP transactions. The main IP is 104.21.93.29, located in and belongs to CLOUDFLARENET, US. The main domain is quixtie.com.
TLS certificate: Issued by GTS CA 1P5 on January 22nd 2024. Valid for: 3 months.
This is the only time quixtie.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 103.224.182.248 133618 (TRELLIAN-...)
4 13.248.148.254 16509 (AMAZON-02)
1 18.66.121.69 16509 (AMAZON-02)
2 54.89.40.3 14618 (AMAZON-AES)
2 3 173.239.53.32 27257 (WEBAIR-IN...)
1 130.211.29.114 ()
2 35.241.15.240 396982 (GOOGLE-CL...)
3 104.21.93.29 13335 (CLOUDFLAR...)
2 104.18.215.59 13335 (CLOUDFLAR...)
14 108.138.26.124 16509 (AMAZON-02)
30 10
1    103.224.182.248 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-248.above.com
bbbva.es
4    13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com
ww38.bbbva.es
1    18.66.121.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-69.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    54.89.40.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-40-3.compute-1.amazonaws.com
enlil-syf.com
3    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.trustflayer2.online
tq.trustflayer2.online
1    130.211.29.114 (Kansas City, United States)

ASN- ()
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
3    104.21.93.29 (None, )

ASN13335 (CLOUDFLARENET, US)
quixtie.com
2    104.18.215.59 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
14    108.138.26.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-124.fra56.r.cloudfront.net
horny-honey.online
Apex Domain
Subdomains		 Transfer
14 horny-honey.online
horny-honey.online
472 KB
5 bbbva.es
bbbva.es
ww38.bbbva.es
6 KB
3 quixtie.com
quixtie.com
5 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 21038
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9516
9 KB
3 trustflayer2.online
xml-v4.trustflayer2.online
tq.trustflayer2.online
16 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4434
71 KB
2 enlil-syf.com
enlil-syf.com — Cisco Umbrella Rank: 370006
4 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
30 8
Domain Requested by
14 horny-honey.online quixtie.com
horny-honey.online
4 ww38.bbbva.es d38psrni17bvxu.cloudfront.net
ww38.bbbva.es
3 quixtie.com quixtie.com
2 cdn.onesignal.com quixtie.com
cdn.onesignal.com
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 xml-v4.trustflayer2.online 2 redirects
2 enlil-syf.com ww38.bbbva.es
enlil-syf.com
1 cdn.perfdrive.com tq.trustflayer2.online
1 tq.trustflayer2.online enlil-syf.com
1 d38psrni17bvxu.cloudfront.net ww38.bbbva.es
1 bbbva.es 1 redirects
30 11

This site contains links to these domains. Also see Links.

Domain
horny-honey.online
Subject Issuer Validity Valid
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh
quixtie.com
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
horny-honey.org
Amazon RSA 2048 M02		 2023-06-10 -
2024-07-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Frame ID: 0CBF0EA403BFD2389E7CCC727DB8D475
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anna94 quiere intercambiar fotos de desnudos contigo

Page URL History Show full URLs

  1. https://bbbva.es/ HTTP 302
    http://ww38.bbbva.es/ Page URL
  2. http://enlil-syf.com/zclkvisitor/9d981cd3-cf27-11ee-be54-0ae90b1af879/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. http://enlil-syf.com/zclkredirect?visitid=9d981cd3-cf27-11ee-be54-0ae90b1af879&type=js&browserWid... Page URL
  4. http://xml-v4.trustflayer2.online/click?seat=2464886&i=B8TjlS3g5Ts_0 HTTP 302
    http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=55360956937238... Page URL
  5. http://xml-v4.trustflayer2.online/click2?i=B8TjlS3g5Ts_0&ci=5536095693723818783&j=rv%3Db%26ss%3D1600x1200%26ws... HTTP 302
    https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=10... Page URL
  6. https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=10... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

73 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

582 kB
Transfer

1029 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bbbva.es/ HTTP 302
    http://ww38.bbbva.es/ Page URL
  2. http://enlil-syf.com/zclkvisitor/9d981cd3-cf27-11ee-be54-0ae90b1af879/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=9db14a20-cf27-11ee-be54-0ae90b1af879 Page URL
  3. http://enlil-syf.com/zclkredirect?visitid=9d981cd3-cf27-11ee-be54-0ae90b1af879&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true Page URL
  4. http://xml-v4.trustflayer2.online/click?seat=2464886&i=B8TjlS3g5Ts_0 HTTP 302
    http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26 Page URL
  5. http://xml-v4.trustflayer2.online/click2?i=B8TjlS3g5Ts_0&ci=5536095693723818783&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6807%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3Denlil-syf.com%26lo%3Dtq.trustflayer2.online%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F121.0.6167.184%2BSafari%252F537.36%26tp%3D17%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D55%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Ddenied%26cnvs%3D80808080 HTTP 302
    https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23 Page URL
  6. https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bbbva.es/ HTTP 302
  • http://ww38.bbbva.es/
Request Chain 7
  • http://xml-v4.trustflayer2.online/click?seat=2464886&i=B8TjlS3g5Ts_0 HTTP 302
  • http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
Request Chain 12
  • http://xml-v4.trustflayer2.online/click2?i=B8TjlS3g5Ts_0&ci=5536095693723818783&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6807%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3Denlil-syf.com%26lo%3Dtq.trustflayer2.online%26mb%3D0%26hb%3D1%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F121.0.6167.184%2BSafari%252F537.36%26tp%3D17%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26er%3D%26shs%3D%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D55%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Ddenied%26cnvs%3D80808080 HTTP 302
  • https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww38.bbbva.es/
Redirect Chain
  • https://bbbva.es/
  • http://ww38.bbbva.es/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww38.bbbva.es/
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e4c839d140c367de857a791369ded69fe7d87ad2ff46820082a0ce6d9970285c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Feb 2024 13:05:55 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_rEp1I3YDfSIaHt5Hn53y38f9Zp9FfTskOHshBt2ESiz80VVWx9UuIr9RwpIAxNH+A10/gpi3EeE7+U4ytDmGFA==
X-Buckets
bucket011
X-Content-Encoding-Over-Network
gzip
X-Domain
bbbva.es
X-Language
spanish
X-Redirect
zeropark_zeroclick
X-Subdomain
ww38
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

connection
close
content-length
2
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 13:05:53 GMT
location
http://ww38.bbbva.es/
server
Apache
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: ww38.bbbva.es
URL: http://ww38.bbbva.es/
Protocol
HTTP/1.1
Server
18.66.121.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-69.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://ww38.bbbva.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 04:32:06 GMT
Via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
30829
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
cwurPGLRPosq4N_-DJkoHtr3Pld2-CnnRTTe4pGw7thIU4LWIOmg-Q==
track.php
ww38.bbbva.es/ 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.bbbva.es/track.php?domain=bbbva.es&toggle=browserjs&uid=MTcwODM0Nzk1NC44MTMxOmQyOTgyMjBmZGQ2MmY0NmRjNTlhYzQ4NTFiODg5ODU2ZDczODM2ZTg5MDEwMDM4ODY3MDQ0ZGUyOTk5YjI1NmM6NjVkMzUyMzJjNjg0ZA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://ww38.bbbva.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 13:05:55 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-Content-Encoding-Over-Network
gzip
Connection
keep-alive
ls.php
ww38.bbbva.es/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.bbbva.es/ls.php?t=65d35233&token=6c4cc2908b7ac727b96f6c48212d923b6008a2bf
Requested by
Host: ww38.bbbva.es
URL: http://ww38.bbbva.es/
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://ww38.bbbva.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 13:05:56 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ackJd/bhzA1n+H8bfEhpwvHundIC7nqIUHTJX6oYO1QSacj7CccEbLN7LtUeYG1siQajCcJfe4CTdJ+WPgOX0Q==
Connection
keep-alive
X-Log-Success
65d3523487a2de35de0264ea
track.php
ww38.bbbva.es/ 		0
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww38.bbbva.es/track.php?click=fb81174a71cc301346734670fe68f524cf434b54&domain=bbbva.es&uid=MTcwODM0Nzk1NC44MTMxOmQyOTgyMjBmZGQ2MmY0NmRjNTlhYzQ4NTFiODg5ODU2ZDczODM2ZTg5MDEwMDM4ODY3MDQ0ZGUyOTk5YjI1NmM6NjVkMzUyMzJjNjg0ZA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NWQzNTIzMmM2ODFlfHx8MTcwODM0Nzk1NS4xODk4fDAzN2YxOTczMGQwMzI1NDgyNWI5N2Y3OGJjZTQxYzdkOWZjNWQ0ODV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw2YzRjYzI5MDhiN2FjNzI3Yjk2ZjZjNDgyMTJkOTIzYjYwMDhhMmJmfDB8fDB8MHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://ww38.bbbva.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Mon, 19 Feb 2024 13:05:56 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
X-Content-Encoding-Over-Network
gzip
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
enlil-syf.com/zclkvisitor/9d981cd3-cf27-11ee-be54-0ae90b1af879/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enlil-syf.com/zclkvisitor/9d981cd3-cf27-11ee-be54-0ae90b1af879/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=9db14a20-cf27-11ee-be54-0ae90b1af879
Requested by
Host: ww38.bbbva.es
URL: http://ww38.bbbva.es/
Protocol
HTTP/1.1
Server
54.89.40.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-40-3.compute-1.amazonaws.com
Software
HLPCwxQQ /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://ww38.bbbva.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 19 Feb 2024 13:05:56 GMT
Server
HLPCwxQQ
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
enlil-syf.com/ 		318 B
1005 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enlil-syf.com/zclkredirect?visitid=9d981cd3-cf27-11ee-be54-0ae90b1af879&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Requested by
Host: enlil-syf.com
URL: http://enlil-syf.com/zclkvisitor/9d981cd3-cf27-11ee-be54-0ae90b1af879/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=9db14a20-cf27-11ee-be54-0ae90b1af879
Protocol
HTTP/1.1
Server
54.89.40.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-40-3.compute-1.amazonaws.com
Software
RPyuzCgu /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://enlil-syf.com/zclkvisitor/9d981cd3-cf27-11ee-be54-0ae90b1af879/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=9db14a20-cf27-11ee-be54-0ae90b1af879
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 19 Feb 2024 13:05:56 GMT
Server
RPyuzCgu
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
filter
tq.trustflayer2.online/
Redirect Chain
  • http://xml-v4.trustflayer2.online/click?seat=2464886&i=B8TjlS3g5Ts_0
  • http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
Requested by
Host: enlil-syf.com
URL: http://enlil-syf.com/zclkredirect?visitid=9d981cd3-cf27-11ee-be54-0ae90b1af879&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Protocol
HTTP/1.1
Server
173.239.53.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
7d14a3c2ed2b8510e05913b99ba7318076e1aa3abcb542d65d7fdf00f73d4625

Request headers

Referer
http://enlil-syf.com/zclkredirect?visitid=9d981cd3-cf27-11ee-be54-0ae90b1af879&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
15285
Content-Type
text/html; charset=utf-8
Referrer-Policy
unsafe-url

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: tq.trustflayer2.online
URL: http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN (),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 12:13:09 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 25 Oct 2023 04:28:49 GMT
server
nginx/1.24.0
age
3169
etag
W/"65389981-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
jsdata
cas.avalon.perfdrive.com/ 		316 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Mon, 19 Feb 2024 13:05:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Mon, 19 Feb 2024 13:05:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
/
quixtie.com/khappr/
Redirect Chain
  • http://xml-v4.trustflayer2.online/click2?i=B8TjlS3g5Ts_0&ci=5536095693723818783&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D6807%26cs%3D1%26fr%3D0%26hc%3D0%26fl%...
  • https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.93.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5f8a0b61bbfa64fb7b3377bccabed5c3ed650b57122fd8ac235f45fa89642b

Request headers

Referer
http://tq.trustflayer2.online/filter?q=bank+accounts%2Cloans%2Cbbva+bank&i=B8TjlS3g5Ts_0&ci=5536095693723818783&t=1219812828&h=26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
857eb976da942f83-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 13:05:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc8ueDJsud%2FNwgthOQOOHnoEDp%2FOAl8eNnKuwQWiEwdzm%2FYe5iuzj5LcF8ZfIbSJa%2BtswoOj%2BS%2B57FeIoJbzvuxkiMnDtvBm31GjOUbj3oI30WtQfvhDqjIco7B03Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Primary Request /
quixtie.com/khappr/ 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.93.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
445ac085960a21e08a5ff35f0bfe4312702e38c4adb32309abf7faf53affddde

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://quixtie.com
Referer
https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
857eb97a89132f83-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 13:06:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dI0MvVPdJojgJ1wYL89sMVTeXcNBoQ76p1L73AHjq61XtknN3UDbvf1S9U2WlhPzD4mOiZPP17x9Jr7OxyKTBarXW5qqQduzcz8ZH5CwsQsqZbZS%2FbktJIcWs0AIZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 13:06:00 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1172
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
857eb9834ecb2178-MAD
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 13:06:00 GMT
bootstrap.css
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		88 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap.css
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a36f11a2de744b07c116286d6cc2bd69b0a3f56a2eddc56e4df292776c317ab0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 16:38:33 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:08:23 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
73647
etag
W/"609cfa97-1612a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
_PYwXVssFzPjDdDBR-F7ederO-pLP0wxItFKU1RpWBT8aR6n_E_oNw==
expires
Mon, 19 Feb 2024 16:38:33 GMT
stylesuk.css
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/stylesuk.css
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
e46562dac24cc3884cdb830e50a3b0688e464a95ccf4395ae6ee46276303cc68

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 13:06:00 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Fri, 20 Aug 2021 10:55:43 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
3507
etag
W/"611f8a2f-1c7c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
lZkGMPudbMhrfzwjTV7NNKpiEG_zJ-G5FxeC9jeeGWlOc_s-0R5hnQ==
expires
Tue, 20 Feb 2024 12:07:33 GMT
jquery.min.js
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/jquery.min.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
171fd21e97e46af986418732ecbf85fb1359873840a75bb44dd61e80221838cd

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 19:45:11 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 21:17:57 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
62449
etag
W/"647e5105-16ea3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
xfbEK3wnPXi869S-hTaE44Mht_fPBnp2OzKVAWlEpVd0VGoDkezzvg==
expires
Mon, 19 Feb 2024 19:45:11 GMT
bootstrap.min.js
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap.min.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
259620481ec9cb30f40cb8576a87bb91b2f93428a97c7f35869e93d383da8b75

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:25:01 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:08:23 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
16894
etag
W/"609cfa97-710d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
BnOZCPeBuIbuwMrz8ef5BfK89tVXIFBJfhARzoOKULIIMIIQzWKXVA==
expires
Tue, 20 Feb 2024 08:24:26 GMT
bootstrap-slider.min.css
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap-slider.min.css
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
3632bd40e3643a895c246e59b55ea75a6be9ae9ee97f5f39d6f9ad2bc5e66a18

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 19:45:11 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:08:23 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
62449
etag
W/"609cfa97-17f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YRoCC82RvIZtAOiJQYa-EAwodu7ZUBry_2ig1HpX8Yuu5z5M49lnwQ==
expires
Mon, 19 Feb 2024 19:45:11 GMT
bootstrap-slider.min.js
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bootstrap-slider.min.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
bf2fd2eea338946d2bd01d1ee94297d82607040378fe56827205b5d1b3f2af7b

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 10:33:14 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:08:23 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
9166
etag
W/"609cfa97-61ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZFimFADdFtcmn4RM4JOtF-Vr-KfcD1y7YLvwj406sdE6RlKXP6oU_w==
expires
Tue, 20 Feb 2024 10:33:14 GMT
lp-confirm.css
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/lp-confirm.css
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d9a922e0b1b0ea9d5648986b33222de7445d0b1c19c9f1bb0a8ab8c11e8bde3c

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 13:06:00 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Fri, 12 Aug 2022 19:17:53 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
3507
etag
W/"62f6a761-1915"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
s_tO_2nfMwYafiN01hOmmdSaM5_yxgtUbh-osbJikFFqFFZT6vGWMg==
expires
Tue, 20 Feb 2024 12:07:33 GMT
notdat.js
horny-honey.online/landers/redfiles/pesimg/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/redfiles/pesimg/notdat.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
755d97a5849bc359413aab3a9768671b6a92a4ae48dc9fa5121862353c8a84e7

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 13:06:00 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Fri, 27 Dec 2019 16:25:01 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
2878
etag
W/"5e06305d-151a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
AK9GQGmaxWPtvZ-0dLqQwd5Mjdx-pknlTaPGqzWo5IQdvzz68YXJQw==
expires
Tue, 20 Feb 2024 12:18:02 GMT
redmp.js
horny-honey.online/landers/redfiles/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/redfiles/redmp.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
8b2d24543e601569eb17a31ef3182fe748b9cae24b179520266b13292afeeb7d

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 11:09:00 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Tue, 21 Nov 2023 20:43:58 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
7078
etag
W/"655d168e-3c0a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QN0W-3NzYYZJVLbuvBu6qRlz4Q1l-NkHkw99HPfzbKpo_ClzJvj7EQ==
expires
Tue, 20 Feb 2024 11:08:02 GMT
w1.jpg
horny-honey.online/landers/redfiles/pesimg/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horny-honey.online/landers/redfiles/pesimg/w1.jpg
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
3b15ac884347ef181693eed80dcf225171c14deb6aa9f3c148e8701ea7605e39

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 10:58:36 GMT
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
7803
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7364
last-modified
Mon, 05 Jun 2023 07:40:00 GMT
server
nginx/1.18.0
etag
"647d9150-1cc4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
ZrDmwPtF2N2BMon-ImUbG8a_e_AT8lLwlXWyW6neDcQQqWUVNHhgew==
expires
Tue, 20 Feb 2024 10:55:57 GMT
radar.gif
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/radar.gif
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:20:12 GMT
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 07:40:05 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
17148
etag
"647d9155-2aeaf"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
175791
x-amz-cf-id
KnC2aXz2aac3lPZsQxKx5Y_ZblA-L0IbuhXFHfWLHWhkXtrsC_kaVg==
expires
Tue, 20 Feb 2024 08:20:12 GMT
main.js
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		1 KB
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/main.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9fc88e1319456c0c75f3f8bf82410e91e124767e5dcaf5755ba845801892ac9a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 07:03:10 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:08:23 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
21770
etag
W/"609cfa97-4ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LG-AeBnBTMg1hudb2DEYJqVIw0oHZ9hXLnOG0wQcKo-yxO3QbWATHg==
expires
Tue, 20 Feb 2024 07:03:10 GMT
bbradar.js
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		639 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/bbradar.js
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 07:36:00 GMT
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
47529
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
639
last-modified
Thu, 13 May 2021 10:08:23 GMT
server
nginx/1.18.0
etag
"609cfa97-27f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
l9qu1-xBh8vqsbxtruJGR_2BI44Jw0pAj7YMyBwDljyCfZ_evvPRGg==
expires
Mon, 19 Feb 2024 23:53:51 GMT
outdoor.jpg
horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/outdoor.jpg
Requested by
Host: horny-honey.online
URL: https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/stylesuk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-124.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
b0b9b668729dc630f2ff79478f74bdaa7d6eb53a5b8ae665a3144c5cf7629351

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://horny-honey.online/landers/dat_wm_g_all_esp_lp1anna94radarteens_080521/esp_lp1anna94radarteens_080521/files/stylesuk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 19:45:11 GMT
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 07:40:00 GMT
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P7
age
62449
etag
"647d9150-363bd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
222141
x-amz-cf-id
qwnLC7-oEPuzD9X8oX4UiV0atxkAWzcC3PX7myXi1ERudQF5RWeKKA==
expires
Mon, 19 Feb 2024 19:45:11 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 13:06:00 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1172
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
857eb98418342178-MAD
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 13:06:00 GMT
w3.jpg
quixtie.com/redfiles/pesimg/ 		555 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quixtie.com/redfiles/pesimg/w3.jpg
Requested by
Host: quixtie.com
URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.93.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 13:06:01 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSYGWjb%2FjcBZPvikfkI%2FPBJcEDMG2iFa4blJqgA1QQVcj4uwJ9%2Bdp4jzwWhe8it8J7K%2FL19%2BnM6rIzEfPDxmya4E0qWROt%2BrCk8ncbUTgXNSJtoFjCwWeQc3qPiUsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
857eb98459a92f83-MAD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _0x177c object| vd object| _location function| $ function| jQuery function| Slider object| _0xa18a object| lp_confirm_img object| lp_confirm_title object| lp_confirm_text object| _$_3726 string| currentHost undefined| appId undefined| safari_webId function| OneSignal function| handleBackButton function| findOutOfferUrl function| redirectWithPixels function| smartAdditionalOffer function| isCrossOriginFrame function| showAdditionalOffer function| oneSignalPush function| showDialog function| subscribe function| close_confirm function| waitingForParentMessage function| getConfiguration function| getURLParameter function| getCurrentHostname function| decodeBase64ToUtf8 string| oldLinkPath string| baseUrl string| offerUrl string| offerUrl2 object| pixels object| exoPixels object| oneSignalIds object| oneSignalSafari object| configuration string| secondOffer string| pushDelay boolean| PreventBb function| getUrlParameter function| getUrlWithParam string| backButton number| __oneSignalSdkLoadCount

12 Cookies

Domain/Path Name / Value
quixtie.com/khappr Name: _cid
Value: 844f00d5f38a807206d3358589d15aab
bbbva.es/ Name: __tad
Value: 1708347953.6734441
.trustflayer2.online/ Name: x3325799
Value: 1515489506
tq.trustflayer2.online/ Name: c-1518985055
Value: -1515489506
.trustflayer2.online/ Name: __ssds
Value: 2
tq.trustflayer2.online/ Name: jc
Value: 6807
.trustflayer2.online/ Name: __ssuzjsr2
Value: a9be0cd8e
.trustflayer2.online/ Name: __uzmaj2
Value: c536b91a-043c-4f8b-b203-ce8766644631
.trustflayer2.online/ Name: __uzmbj2
Value: 1708347958
.trustflayer2.online/ Name: __uzmcj2
Value: 451081069148
.trustflayer2.online/ Name: __uzmdj2
Value: 1708347958
.onesignal.com/ Name: __cf_bm
Value: VgnNx4ltjvZ8GASQyJyANgDfo0fTO4YK4FW3MpeozUY-1708347960-1.0-AWNMxZXZBun5DJyc9/GaSvGWDKAbpdPhgm7VvE/PmiENyCUkEDUZr9ARWyov2naxgxA+iS5TFv8gZ1vlWpSyPiw=

3 Console Messages

Source Level URL
Text
other warning URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://quixtie.com/khappr/?bid=0.02&conversion=TNQps7L6Wx8&source_subid=12294157940&campaign=1000764&search_referrer_domain=bbbva.es&query=bank+accounts%2Cloans%2Cbbva+bank&carrier=Vodafone+Spain&state=ib&banner=5704303&ip=84.126.33.23
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://quixtie.com/redfiles/pesimg/w3.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbbva.es
cas.avalon.perfdrive.com
cdn.onesignal.com
cdn.perfdrive.com
d38psrni17bvxu.cloudfront.net
enlil-syf.com
horny-honey.online
quixtie.com
tq.trustflayer2.online
ww38.bbbva.es
xml-v4.trustflayer2.online
103.224.182.248
104.18.215.59
104.21.93.29
108.138.26.124
13.248.148.254
130.211.29.114
173.239.53.32
18.66.121.69
35.241.15.240
54.89.40.3
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
0a5f8a0b61bbfa64fb7b3377bccabed5c3ed650b57122fd8ac235f45fa89642b
171fd21e97e46af986418732ecbf85fb1359873840a75bb44dd61e80221838cd
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
259620481ec9cb30f40cb8576a87bb91b2f93428a97c7f35869e93d383da8b75
3632bd40e3643a895c246e59b55ea75a6be9ae9ee97f5f39d6f9ad2bc5e66a18
3b15ac884347ef181693eed80dcf225171c14deb6aa9f3c148e8701ea7605e39
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
445ac085960a21e08a5ff35f0bfe4312702e38c4adb32309abf7faf53affddde
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
755d97a5849bc359413aab3a9768671b6a92a4ae48dc9fa5121862353c8a84e7
7d14a3c2ed2b8510e05913b99ba7318076e1aa3abcb542d65d7fdf00f73d4625
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef
8b2d24543e601569eb17a31ef3182fe748b9cae24b179520266b13292afeeb7d
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
9fc88e1319456c0c75f3f8bf82410e91e124767e5dcaf5755ba845801892ac9a
a36f11a2de744b07c116286d6cc2bd69b0a3f56a2eddc56e4df292776c317ab0
b0b9b668729dc630f2ff79478f74bdaa7d6eb53a5b8ae665a3144c5cf7629351
bf2fd2eea338946d2bd01d1ee94297d82607040378fe56827205b5d1b3f2af7b
d9a922e0b1b0ea9d5648986b33222de7445d0b1c19c9f1bb0a8ab8c11e8bde3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46562dac24cc3884cdb830e50a3b0688e464a95ccf4395ae6ee46276303cc68
e4c839d140c367de857a791369ded69fe7d87ad2ff46820082a0ce6d9970285c
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a