p.banorte-comprasegura.com Open in urlscan Pro
138.197.170.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://p.banorte-comprasegura.com/
Submission: On April 15 via automatic, source certstream-suspicious (April 15th 2023, 2:55:56 pm UTC) — Scanned from CA

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 138.197.170.158, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is p.banorte-comprasegura.com.
TLS certificate: Issued by R3 on April 15th 2023. Valid for: 3 months.

This is the only time p.banorte-comprasegura.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	138.197.170.158 138.197.170.158	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::ac43:b2b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.93.155.31 142.93.155.31	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
15	7

9 138.197.170.158 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: pruebas.ahorraseguros.mx

p.banorte-comprasegura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

nosir.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:b2b4 (United States)

ASN13335 (CLOUDFLARENET, US)

dev.core-mejorseguro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.155.31 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: apis-crons.nexosmedia.com

api-promos.ahorraseguros.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	banorte-comprasegura.com p.banorte-comprasegura.com	450 KB
2	core-mejorseguro.com dev.core-mejorseguro.com	508 B
1	ahorraseguros.mx api-promos.ahorraseguros.mx	649 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	27 KB
1	github.io nosir.github.io — Cisco Umbrella Rank: 653742	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
15	6

	Domain	Requested by
9	p.banorte-comprasegura.com	p.banorte-comprasegura.com
2	dev.core-mejorseguro.com	p.banorte-comprasegura.com
1	api-promos.ahorraseguros.mx	p.banorte-comprasegura.com
1	cdnjs.cloudflare.com	p.banorte-comprasegura.com
1	nosir.github.io	p.banorte-comprasegura.com
1	fonts.googleapis.com	p.banorte-comprasegura.com
15	6

This site contains no links.

Subject Issuer	Validity	Valid
p.banorte-comprasegura.com R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
api-promos.ahorraseguros.mx R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://p.banorte-comprasegura.com/
Frame ID: 0E679CC90F99FE8A0B3381E2C357B466
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Emitir y Cobrar - Seguros de Auto - Seguros de Autos - AhorraSeguros®

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

486 kB
Transfer

1971 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
p.banorte-comprasegura.com/ 295 KB
55 KB 341ms
16ms Document
text/html 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

bea3a2c4dfc6c30ea1cffeb882c12d397a9af9f09e12ca6684643bfc44aa8e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
access-control-allow-origin: *
cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sat, 15 Apr 2023 14:55:51 GMT
etag: W/"63f4fc73-49b3d"
expires: Thu, 01 Jan 1970 00:00:01 GMT
feature-policy: autoplay 'none'; camera 'none'
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 82ms
35ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad834754e9c3e7fa40374f5500bcaa4fbf71ee193172dd3de0c783c42a26806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 14:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 13:22:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 14:55:51 GMT

GET
H2 200 cleave.min.js Show response
nosir.github.io/cleave.js/dist/ 21 KB
7 KB 51ms
12ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nosir.github.io/cleave.js/dist/cleave.min.js
Requested by: Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-fastly-request-id: 60dc4fb976fa3b458fb742c9293a55ef3b596940
date: Sat, 15 Apr 2023 14:55:51 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 5487
age: 461
x-cache: HIT
x-proxy-cache: MISS
content-length: 6354
x-served-by: cache-yul12821-YUL
last-modified: Tue, 19 May 2020 10:51:11 GMT
server: GitHub.com
x-github-request-id: B888:1E3D:28614B:373F80:64351034
x-timer: S1681570552.522651,VS0,VE1
etag: W/"5ec3ba1f-528d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 11 Apr 2023 07:55:56 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 57ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1973957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3unqdtXWDnWK%2F2SiGdYDZ%2Bm6uOX4cgzPFIpmtSzSR0WIgH%2BWv1Ni8Ke9XqAcjfb6H2%2FbSb%2F7rhWo5c7Z8LSFo5KfqR1DkAc4LrZdpZjhx%2Fj3T56Bzavf%2B%2BW3LIkJJyAYjF2gk%2F1Rf%2FsYGH70EIF%2Foqu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b85082afda17148-YUL
expires: Thu, 04 Apr 2024 14:55:51 GMT

GET
H2 200 img-cards.ca2ba7e.png
p.banorte-comprasegura.com/_nuxt/img/ 10 KB
11 KB 19ms
19ms Image
image/png 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p.banorte-comprasegura.com/_nuxt/img/img-cards.ca2ba7e.png

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

8e14303b42ba93e1410a36ca398b143f70b45e052680ec3a9d776abd05328133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-282a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: image/png
access-control-allow-origin: *
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 pago-seguro.1e0f471.png
p.banorte-comprasegura.com/_nuxt/img/ 10 KB
11 KB 19ms
18ms Image
image/png 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p.banorte-comprasegura.com/_nuxt/img/pago-seguro.1e0f471.png

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

50c20f0115812c1e0ce17eb82166c8440d680f7aadebbd56e29c724e025550eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-2958"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: image/png
access-control-allow-origin: *
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0bc7ad9.js Show response
p.banorte-comprasegura.com/_nuxt/ 2 KB
2 KB 20ms
17ms Script
application/javascript 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p.banorte-comprasegura.com/_nuxt/0bc7ad9.js

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

0c7c7db033b9ca709542645efc997c280dbaa74919dbc2f85cc42b98b5d8a836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-944"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2781d63.js Show response
p.banorte-comprasegura.com/_nuxt/ 180 KB
41 KB 29ms
27ms Script
application/javascript 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p.banorte-comprasegura.com/_nuxt/2781d63.js

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

9ad8be10ecfcd469412c3e33680660a2782addd906ea2c27bd63f2cf1007e38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-2d05a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 faece59.js Show response
p.banorte-comprasegura.com/_nuxt/ 118 KB
32 KB 37ms
34ms Script
application/javascript 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p.banorte-comprasegura.com/_nuxt/faece59.js

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

50d95669692f3abb682484d784861e913546e6f3b8ce0bc75606b883c3af1d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-1d629"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4289f9e.js Show response
p.banorte-comprasegura.com/_nuxt/ 258 KB
83 KB 56ms
54ms Script
application/javascript 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p.banorte-comprasegura.com/_nuxt/4289f9e.js

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

b5d2205c84a57efa89aede2687f04d81e697dde6fdaf35121f05e3cde3f258cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-40741"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ae3574f.js Show response
p.banorte-comprasegura.com/_nuxt/ 892 KB
193 KB 124ms
122ms Script
application/javascript 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p.banorte-comprasegura.com/_nuxt/ae3574f.js

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

5c364bf827c3d54c41f7943ccfd492952aae3131c23cdb740ae8f8fa9dd34a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-df054"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 09ccdc4.js Show response
p.banorte-comprasegura.com/_nuxt/ 81 KB
23 KB 125ms
123ms Script
application/javascript 138.197.170.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://p.banorte-comprasegura.com/_nuxt/09ccdc4.js

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

pruebas.ahorraseguros.mx

Software

nginx /

Resource Hash

a1146410c9b7616a333febd335489fca23c285b9318b5aa3ec35ec37ac58951e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:51 GMT
strict-transport-security: max-age=31531000; includeSubdomains
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Feb 2023 17:16:35 GMT
server: nginx
etag: W/"63f4fc73-145d4"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: autoplay 'none'; camera 'none'
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9563182b98a7ac080d254d364c593ec71ed18d70fd399384b97d7406e34ca46a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 authenticate
dev.core-mejorseguro.com/v1/ 0
0 149ms
66ms Preflight 2606:4700:3033::ac43:b2b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.core-mejorseguro.com/v1/authenticate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:b2b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://p.banorte-comprasegura.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b85082dfa201135-ORD
content-length: 0
date: Sat, 15 Apr 2023 14:55:52 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YT2IfsM%2FsHPvwoaClRl8igvpv6s6sbVQd56TMPA3FFBzrZxkuPeTm%2BHwUtHXsFKn5Q2%2FUAgV3jg7NBD%2FTRFiGzCOJYC%2FQnnq4oe8oNnywgO5SPOAoeJb3%2BkW4abJjtmoR8u6G601tBPtgchHPj2TATPEateOBh0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 BANORTE Show response
api-promos.ahorraseguros.mx/insurers/ 295 B
649 B 1043ms
19ms XHR
application/json 142.93.155.31
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api-promos.ahorraseguros.mx/insurers/BANORTE

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/_nuxt/4289f9e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.93.155.31 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

apis-crons.nexosmedia.com

Software

nginx/1.22.0 / Express

Resource Hash

0a7906f76bb5afdad1e8ad0e9b8700750eaaeaa28304c2ae7cdda2f8efdc7d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:52 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx/1.22.0
x-powered-by: Express
etag: W/"127-gyq57QvnRgV78h3zUs1uy3F6OkI"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
feature-policy: autoplay 'none'; camera 'none'
content-length: 295
x-xss-protection: 1; mode=block

POST
H2 200 authenticate Show response
dev.core-mejorseguro.com/v1/ 200 B
508 B 323ms
322ms XHR
application/json 2606:4700:3033::ac43:b2b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.core-mejorseguro.com/v1/authenticate

Requested by

Host: p.banorte-comprasegura.com
URL: https://p.banorte-comprasegura.com/_nuxt/4289f9e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:b2b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fa607906b8b04c5ed7c4a944e3fea37bfd0b50bb00e261ca92a100ae931fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 15 Apr 2023 14:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zLgZhbgo2MPdutQ%2Blm1mJPaEH9GaRUMJylLeu7IhUk%2FEfPLwFsiIj9B%2Fsk%2BbKA5QK73PHc%2BsPyQlTK3zRMNraW%2BoqJO0vP3y4UCtVvBQ%2B2JpstF9TPB8Uim8OnZzdk7k%2FSQnY%2FWnnBW7oHwFaJUU8HVxGGcmKM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7b85082e6aa41135-ORD
expires: 0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-promos.ahorraseguros.mx
cdnjs.cloudflare.com
dev.core-mejorseguro.com
fonts.googleapis.com
nosir.github.io
p.banorte-comprasegura.com
138.197.170.158
142.93.155.31
2606:4700:3033::ac43:b2b4
2606:4700::6811:180e
2606:50c0:8002::153
2607:f8b0:4006:81e::200a
0a7906f76bb5afdad1e8ad0e9b8700750eaaeaa28304c2ae7cdda2f8efdc7d24
0c7c7db033b9ca709542645efc997c280dbaa74919dbc2f85cc42b98b5d8a836
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
50c20f0115812c1e0ce17eb82166c8440d680f7aadebbd56e29c724e025550eb
50d95669692f3abb682484d784861e913546e6f3b8ce0bc75606b883c3af1d0c
5c364bf827c3d54c41f7943ccfd492952aae3131c23cdb740ae8f8fa9dd34a0b
70fa607906b8b04c5ed7c4a944e3fea37bfd0b50bb00e261ca92a100ae931fa6
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
8e14303b42ba93e1410a36ca398b143f70b45e052680ec3a9d776abd05328133
9563182b98a7ac080d254d364c593ec71ed18d70fd399384b97d7406e34ca46a
9ad8be10ecfcd469412c3e33680660a2782addd906ea2c27bd63f2cf1007e38e
a1146410c9b7616a333febd335489fca23c285b9318b5aa3ec35ec37ac58951e
ad834754e9c3e7fa40374f5500bcaa4fbf71ee193172dd3de0c783c42a26806d
b5d2205c84a57efa89aede2687f04d81e697dde6fdaf35121f05e3cde3f258cd
bea3a2c4dfc6c30ea1cffeb882c12d397a9af9f09e12ca6684643bfc44aa8e35

p.banorte-comprasegura.com Open in urlscan Pro 138.197.170.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

486 kBTransfer

1971 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

p.banorte-comprasegura.com Open in urlscan Pro
138.197.170.158 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

486 kB
Transfer

1971 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions