banorte-comprasegura.com Open in urlscan Pro
138.197.219.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.banorte-comprasegura.com/
Effective URL:
https://banorte-comprasegura.com/
Submission: On February 11 via automatic, source certstream-suspicious (February 11th 2023, 3:27:55 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 17 HTTP transactions. The main IP is 138.197.219.94, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is banorte-comprasegura.com.
TLS certificate: Issued by R3 on February 11th 2023. Valid for: 3 months.

This is the only time banorte-comprasegura.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	138.197.219.94 138.197.219.94	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.93.155.31 142.93.155.31	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:1f18:24e... 2600:1f18:24e6:b902:cdea:ba51:5635:d22a	14618 (AMAZON-AES) (AMAZON-AES)
17	8

10 138.197.219.94 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.banorte-comprasegura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banorte-comprasegura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

nosir.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

core-mejorseguro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.155.31 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: apis-crons.nexosmedia.com

api-promos.ahorraseguros.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:cdea:ba51:5635:d22a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	banorte-comprasegura.com 1 redirects www.banorte-comprasegura.com banorte-comprasegura.com	488 KB
2	core-mejorseguro.com core-mejorseguro.com	504 B
1	browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 8655	286 B
1	ahorraseguros.mx api-promos.ahorraseguros.mx	647 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	27 KB
1	github.io nosir.github.io — Cisco Umbrella Rank: 466257	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
17	7

	Domain	Requested by
9	banorte-comprasegura.com	banorte-comprasegura.com
2	core-mejorseguro.com	banorte-comprasegura.com
1	session-replay.browser-intake-datadoghq.com	banorte-comprasegura.com
1	api-promos.ahorraseguros.mx	banorte-comprasegura.com
1	cdnjs.cloudflare.com	banorte-comprasegura.com
1	nosir.github.io	banorte-comprasegura.com
1	fonts.googleapis.com	banorte-comprasegura.com
1	www.banorte-comprasegura.com	1 redirects
17	8

This site contains no links.

Subject Issuer	Validity	Valid
banorte-comprasegura.com R3	`2023-02-11` - `2023-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
api-promos.ahorraseguros.mx R3	`2022-12-30` - `2023-03-30`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://banorte-comprasegura.com/
Frame ID: 9EC13CD468341712AAB222A347B0C433
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Emitir y Cobrar - Seguros de Auto - Seguros de Autos - AhorraSeguros®

Page URL History Show full URLs

https://www.banorte-comprasegura.com/ HTTP 301
https://banorte-comprasegura.com/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

524 kB
Transfer

2096 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.banorte-comprasegura.com/ HTTP 301
https://banorte-comprasegura.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
banorte-comprasegura.com/
Redirect Chain

https://www.banorte-comprasegura.com/
https://banorte-comprasegura.com/

293 KB
56 KB

416ms
337ms

Document
text/html

138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f0f6d79b697db1828af2aa21080f7fb5c18809f0db052093da9473263927269c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sat, 11 Feb 2023 15:27:49 GMT
etag: W/"63daddfb-495b8"
expires: Thu, 01 Jan 1970 00:00:01 GMT
feature-policy: autoplay 'none'; camera 'none'
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 162
content-type: text/html
date: Sat, 11 Feb 2023 15:27:49 GMT
feature-policy: autoplay 'none'; camera 'none'
location: https://banorte-comprasegura.com/
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 108ms
43ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 15:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 15:19:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 15:27:50 GMT

GET
H2 200 cleave.min.js Show response
nosir.github.io/cleave.js/dist/ 21 KB
7 KB 89ms
21ms Script
application/javascript 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nosir.github.io/cleave.js/dist/cleave.min.js
Requested by: Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-fastly-request-id: 354d3aa1b27cb405f39516b7784eee02403361f4
date: Sat, 11 Feb 2023 15:27:50 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 2
age: 257
x-cache: HIT
x-proxy-cache: MISS
content-length: 6354
x-served-by: cache-hhn-etou8220060-HHN
last-modified: Tue, 19 May 2020 10:51:11 GMT
server: GitHub.com
x-github-request-id: B3E4:4FBF:18E5B70:226F867:63E6DA09
x-timer: S1676129270.003924,VS0,VE1
etag: W/"5ec3ba1f-528d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Sat, 11 Feb 2023 00:08:01 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 31ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 162110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jwkd4uj1yxtGwzLW9qsb5S%2B4to9XA6ToxeGEWhV7qh10%2BkVkxFLwOFpPFL6lG4AmanGSr4wLzWtfbtp43Ey8atzCvtkeRgtnwI3e1RUAtOrOsB9E2vnEBB%2BhSGXH5MCkaehU8ohOkHgw36nlv4rLx2h%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 797e1c612ebcbbb6-FRA
expires: Thu, 01 Feb 2024 15:27:49 GMT

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9563182b98a7ac080d254d364c593ec71ed18d70fd399384b97d7406e34ca46a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 img-cards.ca2ba7e.png
banorte-comprasegura.com/_nuxt/img/ 10 KB
10 KB 167ms
167ms Image
image/png 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banorte-comprasegura.com/_nuxt/img/img-cards.ca2ba7e.png

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8e14303b42ba93e1410a36ca398b143f70b45e052680ec3a9d776abd05328133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-282a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block

GET
H2 200 pago-seguro.1e0f471.png
banorte-comprasegura.com/_nuxt/img/ 10 KB
11 KB 170ms
170ms Image
image/png 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banorte-comprasegura.com/_nuxt/img/pago-seguro.1e0f471.png

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

50c20f0115812c1e0ce17eb82166c8440d680f7aadebbd56e29c724e025550eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-2958"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block

GET
H2 200 bffa24a.js Show response
banorte-comprasegura.com/_nuxt/ 2 KB
1 KB 172ms
172ms Script
application/javascript 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://banorte-comprasegura.com/_nuxt/bffa24a.js

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

11b4ecde78b225554508f1b81e1d84c7626b155ceaed687aa979cd588a31e23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-944"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 29f8ff1.js Show response
banorte-comprasegura.com/_nuxt/ 178 KB
41 KB 175ms
174ms Script
application/javascript 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://banorte-comprasegura.com/_nuxt/29f8ff1.js

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1912a6b71e8b701b5b646efa21b25bea3645f362640e1b3c73716aa567c94162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-2c8a8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 147cf7b.js Show response
banorte-comprasegura.com/_nuxt/ 256 KB
74 KB 335ms
334ms Script
application/javascript 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://banorte-comprasegura.com/_nuxt/147cf7b.js

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6ec3ffb090084cb2753faf86ec34b480d8cdc03b6a6adf5f683f2cceed4cbd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-3ff52"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 62a2dcf.js Show response
banorte-comprasegura.com/_nuxt/ 224 KB
73 KB 341ms
341ms Script
application/javascript 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://banorte-comprasegura.com/_nuxt/62a2dcf.js

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8da493b31fdf043570804db0f3eb8a24e258295525b15563b5df494d113c755f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-37eb7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 435a828.js Show response
banorte-comprasegura.com/_nuxt/ 892 KB
198 KB 322ms
316ms Script
application/javascript 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://banorte-comprasegura.com/_nuxt/435a828.js

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4000f69c8b46258be94b19531754e9dcca3f673bfffc830f90b03814a0fdefcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-dee26"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 501d61b.js Show response
banorte-comprasegura.com/_nuxt/ 80 KB
23 KB 326ms
320ms Script
application/javascript 138.197.219.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://banorte-comprasegura.com/_nuxt/501d61b.js

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.219.94 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ccc462c2501f6e7234e9e83133f987f22bddd76dd9d8c91d25e26fd0178edaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 21:47:39 GMT
server: nginx
content-encoding: br
etag: W/"63daddfb-140df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 authenticate
core-mejorseguro.com/v1/ 0
0 380ms
192ms Preflight 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://core-mejorseguro.com/v1/authenticate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://banorte-comprasegura.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 797e1c689c6a923d-FRA
content-length: 0
date: Sat, 11 Feb 2023 15:27:51 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7iGyL8UJqn5vX5WIQa70YbWEe4Ur3xCk4A%2BXHzR6tgVJWLA3zFtUNyygJ5HS4W86Fkg0N%2FAJuicaB7K5JxFgD%2BN3g9%2Bj%2BHHl3lqiotaGAE%2BoY3H7h2jq2PO75%2BvQUxUtVf7iTfhl1gaDDbDXdfkdmpZag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 BANORTE Show response
api-promos.ahorraseguros.mx/insurers/ 294 B
647 B 973ms
110ms XHR
application/json 142.93.155.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api-promos.ahorraseguros.mx/insurers/BANORTE

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/_nuxt/147cf7b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.93.155.31 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

apis-crons.nexosmedia.com

Software

nginx/1.22.0 / Express

Resource Hash

38d93a106fc20a1656d4ec27787b0b2177af6e9cc2e289190ee6deb92dc25fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:27:51 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx/1.22.0
x-powered-by: Express
etag: W/"126-xexDf8r90TRAeb1etd05TE7u7OU"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
feature-policy: autoplay 'none'; camera 'none'
content-length: 294
x-xss-protection: 1; mode=block

POST
H2 200 authenticate Show response
core-mejorseguro.com/v1/ 200 B
504 B 204ms
203ms XHR
application/json 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://core-mejorseguro.com/v1/authenticate

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/_nuxt/147cf7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a4bf1ab38c114026fbc4bfad937ee8359f8a744303410e7ee047afc1d66c1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 11 Feb 2023 15:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9KrqgIJ73TO9PUg9h%2Bq8cPBQpqTu1Vya%2F2DETEuzh1XeWQIgRYHSZZMOl95GO7Q%2F3WXFkJy%2B7WCqJLUMqZrdSpgEdY7x8i0H%2Bl95B8wUYRASQR%2B1NPHgHmFP5PsYA9ncaSTw1qxRSW5LiD9dVP%2BVsXEGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 797e1c69dd76923d-FRA
expires: 0

GET
BLOB 200
OK ae51eeff-7535-47c2-9977-379ce56582f4
https://banorte-comprasegura.com/ 26 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://banorte-comprasegura.com/ae51eeff-7535-47c2-9977-379ce56582f4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0bb611cf7b12a38c03bd3d7e6c0fc75d75b3ae53a7be7843192bb26db44fca0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 26525
Content-Type

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
286 B 737ms
358ms XHR
application/json 2600:1f18:24e6:b902:cdea:ba51:5635:d22a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.32.0%2Capi%3Axhr%2Cenv%3Aprod%2Cservice%3Abanorte-ecommerce&dd-api-key=pubf99f77ba20932061657960e05a5258a7&dd-evp-origin-version=4.32.0&dd-evp-origin=browser&dd-request-id=826847e8-661d-4bcd-810d-b08f5ede6429

Requested by

Host: banorte-comprasegura.com
URL: https://banorte-comprasegura.com/_nuxt/147cf7b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:cdea:ba51:5635:d22a Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

f2c051fdbb574825f40c3517d4d3c459f8a1e8f53ac46d05c74e570d05cf6891

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCMIhp9PvMgdaA0fo

Response headers

date: Sat, 11 Feb 2023 15:27:51 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			banorte-comprasegura.com/	1970-01-20 09:35:30	Name: _dd_s Value: rum=1&id=06da45d1-1112-4e32-833f-5d6560d69df5&created=1676129270916&expire=1676130170916

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-promos.ahorraseguros.mx
banorte-comprasegura.com
cdnjs.cloudflare.com
core-mejorseguro.com
fonts.googleapis.com
nosir.github.io
session-replay.browser-intake-datadoghq.com
www.banorte-comprasegura.com
138.197.219.94
142.93.155.31
2600:1f18:24e6:b902:cdea:ba51:5635:d22a
2606:4700::6811:190e
2606:50c0:8001::153
2a00:1450:400d:802::200a
2a06:98c1:3121::c
11b4ecde78b225554508f1b81e1d84c7626b155ceaed687aa979cd588a31e23e
1912a6b71e8b701b5b646efa21b25bea3645f362640e1b3c73716aa567c94162
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
38d93a106fc20a1656d4ec27787b0b2177af6e9cc2e289190ee6deb92dc25fc0
4000f69c8b46258be94b19531754e9dcca3f673bfffc830f90b03814a0fdefcb
50c20f0115812c1e0ce17eb82166c8440d680f7aadebbd56e29c724e025550eb
6a4bf1ab38c114026fbc4bfad937ee8359f8a744303410e7ee047afc1d66c1e5
6ec3ffb090084cb2753faf86ec34b480d8cdc03b6a6adf5f683f2cceed4cbd92
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
8da493b31fdf043570804db0f3eb8a24e258295525b15563b5df494d113c755f
8e14303b42ba93e1410a36ca398b143f70b45e052680ec3a9d776abd05328133
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9563182b98a7ac080d254d364c593ec71ed18d70fd399384b97d7406e34ca46a
a0bb611cf7b12a38c03bd3d7e6c0fc75d75b3ae53a7be7843192bb26db44fca0
ccc462c2501f6e7234e9e83133f987f22bddd76dd9d8c91d25e26fd0178edaeb
f0f6d79b697db1828af2aa21080f7fb5c18809f0db052093da9473263927269c
f2c051fdbb574825f40c3517d4d3c459f8a1e8f53ac46d05c74e570d05cf6891

banorte-comprasegura.com Open in urlscan Pro 138.197.219.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

524 kBTransfer

2096 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

banorte-comprasegura.com Open in urlscan Pro
138.197.219.94 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

524 kB
Transfer

2096 kB
Size

1
Cookies

17 HTTP transactions
1 data transactions