urlscan.io logo urlscan.io
SecurityTrails logo

portal.bbva.mx Open in urlscan Pro
23.56.201.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
Submission: On June 23 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 23.56.201.36, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is portal.bbva.mx. The Cisco Umbrella rank of the primary domain is 193574.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 22nd 2022. Valid for: a year.
This is the only time portal.bbva.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 23.56.201.36 16625 (AKAMAI-AS)
1 199.102.176.92 30109 (MEDALLIA-INC)
7 18.66.147.54 16509 (AMAZON-02)
4 146.75.121.230 54113 (FASTLY)
17 5
Apex Domain
Subdomains		 Transfer
11 medallia.com
cdn.medallia.com — Cisco Umbrella Rank: 27646
global.cdn.survey.medallia.com — Cisco Umbrella Rank: 43605
eu.cdn.survey.medallia.com — Cisco Umbrella Rank: 580750
358 KB
5 bbva.mx
portal.bbva.mx — Cisco Umbrella Rank: 193574
77 KB
1 medallia.eu
survey.medallia.eu — Cisco Umbrella Rank: 247003
23 KB
17 3
Domain Requested by
7 cdn.medallia.com survey.medallia.eu
cdn.medallia.com
5 portal.bbva.mx portal.bbva.mx
2 eu.cdn.survey.medallia.com survey.medallia.eu
2 global.cdn.survey.medallia.com survey.medallia.eu
1 survey.medallia.eu portal.bbva.mx
17 5

This site contains no links.

Subject Issuer Validity Valid
bbva.mx
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-22 -
2023-08-24		 a year crt.sh
*.medallia.eu
SSL.com RSA SSL subCA		 2023-02-17 -
2024-03-05		 a year crt.sh
cdn.medallia.com
SSL.com RSA SSL subCA		 2023-04-21 -
2024-03-22		 a year crt.sh
global.cdn.survey.medallia.com
SSL.com RSA SSL subCA		 2022-09-27 -
2023-10-28		 a year crt.sh
eu.cdn.survey.medallia.com
SSL.com RSA SSL subCA		 2022-09-27 -
2023-10-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
Frame ID: D97BA64CE803217370898F80194B85A4
Requests: 5 HTTP requests in this frame

Frame: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Frame ID: E45F5AA40AAC9F6E787FA887F07ADEED
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Encuestas - BBVA México

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

461 kB
Transfer

1514 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal.bbva.mx/encuestas/lb/ 		587 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.201.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-201-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43615fc13b0d7fff03304a900d9302f1d5f962e7cbe0109d1b272010d55b337b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
417
content-type
text/html;charset=ISO-8859-1
date
Fri, 23 Jun 2023 17:24:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Accept-Encoding
x-akamai-transformed
9 472 0 pmb=mTOE,1
x-ua-compatible
IE=Edge,chrome=1
style.css
portal.bbva.mx/encuestas/css/ 		147 B
289 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.bbva.mx/encuestas/css/style.css
Requested by
Host: portal.bbva.mx
URL: https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.201.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-201-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3080032825dd55b679b7e73933fda4160adcdcda4fab6904bfdd15602aa685cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:24:03 GMT
content-encoding
gzip
last-modified
Sun, 04 Sep 2016 05:02:24 GMT
etag
"93-57cbaae0"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
139
dGdyM
portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/ 		200 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/dGdyM
Requested by
Host: portal.bbva.mx
URL: https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.201.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-201-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f3d3ebc5c3834c6f1a6f30fb7d367dd50926e1c262e6f78c32e2fbc9c3726e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:24:02 GMT
content-encoding
br
last-modified
Wed, 26 Apr 2023 15:12:29 GMT
etag
"0de70e25d67afe88b25a94d8a25973e3136b4cf62020eb61c69701ff052f36db"
stored-attribute-sha-checksum
2f3d3ebc5c3834c6f1a6f30fb7d367dd50926e1c262e6f78c32e2fbc9c3726e7
x-edgeconnect-cache-status
1
content-type
application/javascript
cache-control
max-age=21600
content-length
74169
expires
Wed, 19 Jul 2023 14:22:34 GMT
/
survey.medallia.eu/ Frame E45F 		42 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Requested by
Host: portal.bbva.mx
URL: https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.102.176.92 , United States, ASN30109 (MEDALLIA-INC, US),
Reverse DNS
Software
/
Resource Hash
1fdd04f2182018f234b878ad97aba89e457ea6cdaf9ae7aa3eb57792182e0cce

Request headers

Referer
https://portal.bbva.mx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 23 Jun 2023 17:24:02 GMT
expires
Mon, 03 Jul 2001 09:00:00 GMT
pragma
no-cache token
vary
Accept-Language Accept-Encoding, User-Agent
main.css
cdn.medallia.com/react-surveys/6.18.4/ Frame E45F 		175 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.medallia.com/react-surveys/6.18.4/main.css
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59c66dcdae790fd189b9cf9edd58916bb866355d64b4d1004b6c8d01cf7074a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
yReVSX5xhA2tNkGzpQ4aaxdtcZWfejkp
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Sun, 18 Jun 2023 20:35:49 GMT
last-modified
Fri, 24 Mar 2023 16:07:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
420495
x-amz-server-side-encryption
AES256
etag
W/"2b8a09231c86dd7849bab1131cfd7b0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-id
swVfTufynfhGBh-dkBCRbjfmd8tXPFsGr3We1tVLyJnIk9ubfPpW7g==
b156824ce93ea841b60011203abb17f04cf1fa93
global.cdn.survey.medallia.com/ Frame E45F 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.cdn.survey.medallia.com/b156824ce93ea841b60011203abb17f04cf1fa93
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96a5c03b589a25ef18548046f9ffcf38b0bbaf27ab345e8ff7afa8825d2334c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:24:03 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
58VVPAF14Z0RD6QY
age
1418
x-cache
HIT
content-length
1649
x-amz-id-2
X3jXOv3iJyTfPjQ/Tkx2moiuswBjGYAp1aVCGsAftqrYFxb0coPxWj0YAtgA93N9bVQ2n7M+Clo=
x-served-by
cache-fra-etou8220031-FRA
last-modified
Tue, 26 Jan 2021 16:43:07 GMT
server
AmazonS3
x-timer
S1687541043.086214,VS0,VE1
etag
"a96b9953f5a5f973394b683a5582bc81"
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
49ca3847befb4eafee0e3be19a6484fd19394e3c
global.cdn.survey.medallia.com/ Frame E45F 		281 B
415 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.cdn.survey.medallia.com/49ca3847befb4eafee0e3be19a6484fd19394e3c
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78f7c176018025f26ed57de0562cb05188ab7a232773596ecbb852cf26a3ea81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:24:03 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
58VQ5PJERDSQYG7M
age
1418
x-cache
HIT
content-length
160
x-amz-id-2
MJx/hxt2TiHOens5U682l8rOqSvw+mSkGlYDqIxfzQVYC7UElKBSCeczMif1Dfe6jr8AoKnuLbNcwteXdaZ23w==
x-amz-meta-originalfilename
custom.css
x-served-by
cache-fra-etou8220031-FRA
last-modified
Fri, 06 Aug 2021 19:55:58 GMT
server
AmazonS3
x-timer
S1687541043.086214,VS0,VE3
etag
"addba9c5aa38f653e7c090339f92eb2d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
da39a3ee5e6b4b0d3255bfef95601890afd80709
eu.cdn.survey.medallia.com/ Frame E45F 		0
350 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eu.cdn.survey.medallia.com/da39a3ee5e6b4b0d3255bfef95601890afd80709
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:24:03 GMT
via
1.1 varnish
x-amz-request-id
RDMZYEEF1KVT1SQV
age
2846
x-cache
HIT
content-length
0
x-amz-id-2
jJRv03JsLdVeepBSIFvpNNtd+He0fQpjCIYrHeEFQDj7YdF4Rm6BMt+Peg/9bwOydnDtz3p8Vlg=
x-amz-meta-originalfilename
main.css
x-served-by
cache-fra-etou8220026-FRA
last-modified
Thu, 15 Oct 2020 16:05:29 GMT
server
AmazonS3
x-timer
S1687541043.090946,VS0,VE1
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
jquery-1.7.1.min.js
cdn.medallia.com/react-surveys/6.18.4/ Frame E45F 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.medallia.com/react-surveys/6.18.4/jquery-1.7.1.min.js
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b2af59a4a464e1f97924a1530e6c96400b5285724b66e9b4ae43eabee00e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
g1v8RowbNBM4F9JT626WuddO7dav08dS
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Mon, 19 Jun 2023 23:24:59 GMT
last-modified
Fri, 24 Mar 2023 16:07:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
323944
x-amz-server-side-encryption
AES256
etag
W/"f76cc435bffc06dbfb3400ca8b2f264a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
7MVk5TNFeuP0TyNmfxkOub6EGAyipbtqRdYcub3LNGfwA4FYT4rWtQ==
main.js
cdn.medallia.com/react-surveys/6.18.4/ Frame E45F 		626 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.medallia.com/react-surveys/6.18.4/main.js
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cbdd9d618e2f14edbb11471e3b2518ed5fc953a420d2f8bf887dcd6da5eea30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
ZLEx9Vyal1IXbxYXISxJKVHI8I0nLsos
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Sun, 18 Jun 2023 16:37:18 GMT
last-modified
Fri, 24 Mar 2023 16:07:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
434806
x-amz-server-side-encryption
AES256
etag
W/"c06497c470aca2493252a11f8d5ccd1a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
NjV3-pKY3DoCxbLfkD9uo6YQReMyXp-I231_5UysKTT7Wv8Ra5d5_w==
vendor.js
cdn.medallia.com/react-surveys/6.18.4/ Frame E45F 		162 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.medallia.com/react-surveys/6.18.4/vendor.js
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be3e3dd1031810643c12f3a60575fda45a4a42dda834a11ab6e1f27b835f3154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
IfdAW6UE7GAhIcXlQl1NfUmF8Ck723MY
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Sun, 18 Jun 2023 00:19:24 GMT
last-modified
Fri, 24 Mar 2023 16:07:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
493480
x-amz-server-side-encryption
AES256
etag
W/"f2e19e36c7bbe21474fac8af35e0e81a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
4Sq2CAqv7R8K_CI2phbHG9xxjhUWxMRUVIcwZTapR_p1vbThzGfiyA==
vendorPolyfill.js
cdn.medallia.com/react-surveys/6.18.4/ Frame E45F 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.medallia.com/react-surveys/6.18.4/vendorPolyfill.js
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f15b867ce07e5aeaf72c90a3dd0f67f2abbb03ebabdcb6d6e9872d49a10d3854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:36:19 GMT
x-amz-version-id
OqsowP79ycQW03aQDapIcIAvf4EvsddC
content-encoding
gzip
last-modified
Fri, 24 Mar 2023 16:07:46 GMT
server
AmazonS3
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"db597a4aef9366804b8638f7bd027d97"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
age
553665
x-amz-cf-id
mgjWcX_62ZSLgyON9JXwwgJL31YTOhfhgVTT1bOz8jh0KjknBCu0eg==
adrum.js
cdn.medallia.com/vendor/appdynamics/adrum/ Frame E45F 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.medallia.com/vendor/appdynamics/adrum/adrum.js
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b4af1bad59b96026f537d7f4787fc221d7fbbb834766723559c92feb4e22e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Wed, 21 Jun 2023 01:14:11 GMT
last-modified
Thu, 24 Aug 2017 19:55:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
230993
etag
W/"5f8ec127dc5dd928eb98a2b847384a7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
pVlpJjqYN-7mZ4Qb1-OoqvpG9ZNIKR9iKFojFYjTIFY3dpOSTkIMzQ==
dGdyM
portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/ 		18 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/dGdyM
Requested by
Host: portal.bbva.mx
URL: https://portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/dGdyM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.201.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-201-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 23 Jun 2023 17:24:03 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://portal.bbva.mx
access-control-allow-credentials
true
x_req_id
863a2701-088f-487b-b64a-6e1a563049ee
access-control-allow-headers
Content-Type
content-length
18
truncated
/ Frame E45F 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
356c48f33713c7914b861da976f4daa788d04ffef311a2ca32ecea9281f2b83a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
43bf8d0e19c0a070590059bcd2054f93d2154731
eu.cdn.survey.medallia.com/ Frame E45F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.cdn.survey.medallia.com/43bf8d0e19c0a070590059bcd2054f93d2154731
Requested by
Host: survey.medallia.eu
URL: https://survey.medallia.eu/?envvd5td37d26z6pvxpmht
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2b064851c0b6fa4cd42f26ffbf8a98f581abbb88e9a69df3da3421cb1a266b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 17:24:03 GMT
via
1.1 varnish
x-amz-request-id
CKJC2KP21E2DDXAS
age
1417
x-cache
HIT
content-length
16904
x-amz-id-2
gwVrTNii2d1DaKYMivcgAoIWj1IpAip5+6AxZZNLu1Vv7VUfiMcoAW5T0YYcMFiRnaIufPf+2UI=
x-amz-meta-originalfilename
BBVA Logo.png
x-served-by
cache-fra-etou8220026-FRA
last-modified
Thu, 15 Oct 2020 15:21:14 GMT
server
AmazonS3
x-timer
S1687541043.425007,VS0,VE1
etag
"7b860975a04d5fc3707bbf9edaf9d00f"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
truncated
/ Frame E45F 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11472a3b4a3cf77c07b275477e3fbd5db6934f63d9be98ec762c9cbcab5db956

Request headers

Referer
Origin
https://survey.medallia.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
application/font-woff2
adrum-ext.2aed9d091ef08efa95822e864b4554d2.js
cdn.medallia.com/vendor/appdynamics/ Frame E45F 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.medallia.com/vendor/appdynamics/adrum-ext.2aed9d091ef08efa95822e864b4554d2.js
Requested by
Host: cdn.medallia.com
URL: https://cdn.medallia.com/vendor/appdynamics/adrum/adrum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-54.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dae3bb58ef50123b2cd8483d5c0659036929e6ef8b8c2a6e4b731e5743cb971c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.medallia.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Sat, 17 Jun 2023 05:46:07 GMT
last-modified
Thu, 24 Aug 2017 19:57:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
560277
etag
W/"4aee3fb26fa6e2174a78a396a876404b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
2PTnsqE9RJqO96WC8JlT9Rbhu2odc_RE2omNOxdrtUYduB20uO0qGg==
dGdyM
portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/ 		18 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/dGdyM
Requested by
Host: portal.bbva.mx
URL: https://portal.bbva.mx/TyBoutYoSM4Pa9sip7zogUbXPuM/aau5cVwD8wV3ri/LwkITClvAg/eylkV1/dGdyM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.201.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-201-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://portal.bbva.mx/encuestas/lb/?envvd5td37d26z6pvxpmht
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 23 Jun 2023 17:24:03 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://portal.bbva.mx
access-control-allow-credentials
true
x_req_id
fdd6b6de-dc32-46b6-8720-e44acab25fd2
access-control-allow-headers
Content-Type
content-length
18

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf object| bmak string| _sdTrace

5 Cookies

Domain/Path Name / Value
portal.bbva.mx/ Name: JSESSIONID
Value: 08A6D41A58E64CE2F9583BEB906500E5
portal.bbva.mx/ Name: BIGipServerPool_AEM_BBVA_8085_MX_PR
Value: 1617171116.38175.0000
.bbva.mx/ Name: ak_bmsc
Value: 23F8D5F9EE26AEE5079C76163C49C080~000000000000000000000000000000~YAAQGChDF2LmQ+WIAQAAo85I6RQbvboNLdyxN+i/b6MXlGjkLOg9DZSlXrtKNhWwO29EfnbY+Ar2LCx0+H1ReIaxet1Gpa8DX0JrbCZcVCCqLolUwwPTtKk8RDFLgggf1EPGBk849XbxOfym8YIZTD7BvM+QZ+RKorDR7A/veUMgr45avEgoaSTjOYuTJQg0unknzy92FYquF1HcTHJdacD9s8jdriArD8TNL/6EP50gGEGkbCUtKhZ1G4Mut/Xu4AN07FcCrTnYIlhgKMMpL5SzlfEEmISEakfQpwc52biXig9LCXJHIQVZ2ZgEhSmCwU7pyKnj/xaTHmhyeDk0JH7JGT5ok8BXZIC2XOq7va47XzRx6McSqjQQ2iDj66phdG4yly4JkA==
.bbva.mx/ Name: bm_sz
Value: ED2695BB73748BF9679071B6A3480A9C~YAAQGChDF2PmQ+WIAQAAo85I6RS049IOBs6kCY4vmPSVPL/TEQ0YWujnFjCa4tlARwB4lANGy1GNWci1aKkixo5aN1/aPibanuVMpt9diau6KoW/q95HQAng7x31I9faQX8Y315As4sBdGhQclulJSGIcwVJ3lNXw+ZNmpnQyYs0prG0OgcgO1i6hfhtW85kJZ3TVd3RPAO5zUzVRTWhRABK9TorWAono18FMhJRznhSI6vVGucGnmBdKp9IitA5EsX/ABCBaCrvYssJmNnc4OKvMHGqCIhh8fJVjTM9fj4=~4273459~3225922
.bbva.mx/ Name: _abck
Value: 42C3783D856C878E5C60BB8DF5E3B05D~0~YAAQGChDF8LmQ+WIAQAAjtJI6QqEgSHHalgCejYPGIZfYUX63IuJ4/tVQSI0VP1fwjnmpdrsVyK9h3+LYs/dvaDZkGUD0NOBtNmMc7jznEWNjnfkGXesYbljMrfUhpo0pwiWo3NLWS4o2oxlHUrwH/16I71hNCI+HqEI9y1KhSeKiJppcsfSdYva8BQF2wtBl9+BMk9ierfb3+Ku7H2Irh19VCzPbpuTWlFXyu1Z83bUkMDrD5B6NefNd7Y0NeGlZGt7vv50pMlK4e02g70jfBiPi+erZ58hfLYWAvVR+ds7iXhUK8r4utf2XwQpdjEgWe9D92Mcs96Qf2S/r8HF6pO8hRVtNVs/RpuAmV5PYipr8LsgZ+yw0kOohSCVBeRra5CfijeggPIG6o+API9R4SunANdH~-1~||-1||~-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.medallia.com
eu.cdn.survey.medallia.com
global.cdn.survey.medallia.com
portal.bbva.mx
survey.medallia.eu
146.75.121.230
18.66.147.54
199.102.176.92
23.56.201.36
08b2af59a4a464e1f97924a1530e6c96400b5285724b66e9b4ae43eabee00e4d
11472a3b4a3cf77c07b275477e3fbd5db6934f63d9be98ec762c9cbcab5db956
1fdd04f2182018f234b878ad97aba89e457ea6cdaf9ae7aa3eb57792182e0cce
2f3d3ebc5c3834c6f1a6f30fb7d367dd50926e1c262e6f78c32e2fbc9c3726e7
3080032825dd55b679b7e73933fda4160adcdcda4fab6904bfdd15602aa685cd
356c48f33713c7914b861da976f4daa788d04ffef311a2ca32ecea9281f2b83a
43615fc13b0d7fff03304a900d9302f1d5f962e7cbe0109d1b272010d55b337b
59c66dcdae790fd189b9cf9edd58916bb866355d64b4d1004b6c8d01cf7074a7
6b4af1bad59b96026f537d7f4787fc221d7fbbb834766723559c92feb4e22e35
6cbdd9d618e2f14edbb11471e3b2518ed5fc953a420d2f8bf887dcd6da5eea30
78f7c176018025f26ed57de0562cb05188ab7a232773596ecbb852cf26a3ea81
96a5c03b589a25ef18548046f9ffcf38b0bbaf27ab345e8ff7afa8825d2334c7
be3e3dd1031810643c12f3a60575fda45a4a42dda834a11ab6e1f27b835f3154
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
d2b064851c0b6fa4cd42f26ffbf8a98f581abbb88e9a69df3da3421cb1a266b4
dae3bb58ef50123b2cd8483d5c0659036929e6ef8b8c2a6e4b731e5743cb971c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f15b867ce07e5aeaf72c90a3dd0f67f2abbb03ebabdcb6d6e9872d49a10d3854