63.250.59.237/
200 OK 140 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d638760aea9fe28e13f5b53793f888e4
dbb2cee0e38a724aecfa82993cd70f9aa0807271
28d056cb916d4d287525a960c291edb36423dd91044764660861ca2963e96ded
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: 63.250.59.237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:58:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 140
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2167
Expires: Sun, 04 Dec 2022 01:34:35 GMT
Date: Sun, 04 Dec 2022 00:58:28 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3388
Cache-Control: max-age=124152
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:58:28 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:27:40 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7704
Expires: Sun, 04 Dec 2022 03:06:52 GMT
Date: Sun, 04 Dec 2022 00:58:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 00:20:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2307
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /i8jJZ+x3fexrAt/1hjPzOqVqvb83lpF5w7G0W6w5ES4/tfA9iIOJXQp6Rgx4zWTfcjC+D16DVc=
x-amz-request-id: MZGS1QX9KQP5AK94
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 00:46:46 GMT
age: 702
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
63.250.59.237/cloack.php
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
quad9 Sinkholed
GET /cloack.php HTTP/1.1
Host: 63.250.59.237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://63.250.59.237/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 00:58:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: scam.php
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
63.250.59.237/favicon.ico
404 Not Found 718 B URL HTTP/1.1 63.250.59.237/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fbc8dfe9102e75702c922fb8c6cb2a82
c5ca17434263d264e20e4ce72c27c50047c11dba
3324cce1d4298af8adb1138f6b19ce38a5f8d5840e4f001e8de7531c36050176
Analyzer Verdict Alert openphish Banorte
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 63.250.59.237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://63.250.59.237/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 04 Dec 2022 00:58:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 16:31:28 GMT
ETag: W/"580-5eeb2a2efae55"
Content-Encoding: gzip
63.250.59.237/scam.php
200 OK 116 B IP
File type HTML document, ASCII text, with CRLF line terminators
Hash f96b119492fc8a345074d25e7d66f6ff
7433c2fb34f83181b25cc99bc14db9d37d1cb835
42671d51d54356c1568b2741b2e1c6878e27e5cf14aaf1bbe71102f4219eb833
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
quad9 Sinkholed
GET /scam.php HTTP/1.1
Host: 63.250.59.237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://63.250.59.237/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:58:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 116
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/yjWPv-IuV7E
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yjWPv-IuV7E
IP
Hash 6456e760e22a4cbf4ebdbd374014b2c0
bff188f3d8c35148ec1089b2557cf35dd2ada259
3dd2fff07c711d33e97870f27e36894a698b99d96d9561f4c603fcfe2f8443d8
POST /s/gts1p5/yjWPv-IuV7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:58:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 00:11:19 GMT
cache-control: public,max-age=3600
age: 2829
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/yjWPv-IuV7E
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yjWPv-IuV7E
IP
Hash 6456e760e22a4cbf4ebdbd374014b2c0
bff188f3d8c35148ec1089b2557cf35dd2ada259
3dd2fff07c711d33e97870f27e36894a698b99d96d9561f4c603fcfe2f8443d8
POST /s/gts1p5/yjWPv-IuV7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:58:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wvvw-banortenx.nnxcom01.buzz/
200 OK 162 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28986)
Size 162 kB (161795 bytes)
Hash cbb581addefe18d0f5d5f98dfefc2614
306a397d6f983975cc850d5578b50317c487bc48
cd3ed29bb466c5bd310761de3d17d7af9f90de2ef4fc6a8f789fdd660ae4c405
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET / HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://63.250.59.237/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xanz9i%2BEkcRXd15aK3rOdZj5CkVhhHW9GAaMQLzd8xrTRm%2FQVaodGP%2BJ8cnhw95KtRChIWYUuw6oaNwlEuZpZHoIXitnTun%2B%2F4c9uYzJ1s4VDauleRuLYOqDVOCJwhtf1RpSFAIZdu1PC4cObIyH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77409809af7e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/5520c6f6-3074-4216-9f7e-879f16b06262/capilla_final.png
200 OK 13 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/5520c6f6-3074-4216-9f7e-879f16b06262/capilla_final.png
IP
File type PNG image data, 41 x 180, 8-bit/color RGBA, interlaced\012- data
Hash 6dd821d6838693c06fa094ef332e92e5
faa672b11ff35e4130e9b221a495612fb73c919a
fff02891fccc7e20c02c35bf6bf276e498c635327c6de98dc02cb8e00b921801
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/5520c6f6-3074-4216-9f7e-879f16b06262/capilla_final.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 13153
last-modified: Tue, 10 Nov 2020 18:35:36 GMT
etag: "3361-5b3c4f1d84e00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkeQ0TJnp7i%2B6FBlt6iS5C8S9UfQ12ZoknnauNtYZnfr8Z6KjpGmxIvUOILxk%2FYZbdA25ZmO6SRYvQjRM9qG7FbXiuKjq1N5YelR6XOJLyNh4wmi4XYY3vCArP9kVZqqzZRQwcEwfQkBDUVkZrJU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ad8170b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/2d8c9ea0-ff00-4a11-b1ff-b5f00e3a940a/banorte_cuentas.png
200 OK 3.8 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/2d8c9ea0-ff00-4a11-b1ff-b5f00e3a940a/banorte_cuentas.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 189772b7e5b814b7c0efeb0758322381
665cf36493cef77327c448a3c0e5abf5ae93e0ca
9bd04a64b795ca0433351a8ed166fae9d41b77d593993ad06bac0955f9244e2d
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/2d8c9ea0-ff00-4a11-b1ff-b5f00e3a940a/banorte_cuentas.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 3788
last-modified: Tue, 10 Nov 2020 18:35:22 GMT
etag: "ecc-5b3c4f102ae80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8r8vYQlTW3EUzMWllXPIQuRFD8gCNZFvFTenan3c9ZRpmyrZClt%2BlOeQfNoZXYkX7KuOsY4zgjtpGhxab1yqoZL%2BOC8xve2idnmqj3WF4jk7XhC5E44Z4Qr1cdIWv%2FBMD30rORIe6F7RIUK2NWA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ae8190b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/acf8aca7-9b11-48ea-b0de-a8716cfe15d2/banorte_creditos.png
200 OK 3.3 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/acf8aca7-9b11-48ea-b0de-a8716cfe15d2/banorte_creditos.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 795cbd0c095d8e549d5e9357819e536e
ff936b043d8358befc0145aa472066d312eeacef
ac676009f094ec7cd3be511e6b362724527a491abbff94a313782544b09bdd25
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/acf8aca7-9b11-48ea-b0de-a8716cfe15d2/banorte_creditos.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 3271
last-modified: Tue, 10 Nov 2020 18:35:58 GMT
etag: "cc7-5b3c4f327ff80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIU%2Fw05OgTEbHSM1b1YNba2r2RxaQtZ%2FPw%2FC8w4%2BPhlX9UWKhPEKmtr8ypfRvfIuwfg7BB7F1mokyj8QX8w%2FO6WqqQX1Bp7qY9CLLlYuEsqbroLVhAFhXoFmWQaUlcjIqTR7%2BI%2F9Yf0e02mHb%2F3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ae81a0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/75602bef-ae95-406d-914b-3cd4115be6f0/banorte_seguros_icon.png
200 OK 3.9 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/75602bef-ae95-406d-914b-3cd4115be6f0/banorte_seguros_icon.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 5febbc1cc566deb264dbfd46f5dfcf72
a93349a8f0e919d74562e752ddb9db66d82547ae
290538a65b5476fe5f486df69232564af2a6f9148be83003fdf1cb8010069861
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/75602bef-ae95-406d-914b-3cd4115be6f0/banorte_seguros_icon.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 3885
last-modified: Tue, 10 Nov 2020 18:35:22 GMT
etag: "f2d-5b3c4f102ae80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B157D9zGcrR0mHPpkheBA0iHTpGFhTpqjHCH3iu60%2BQm%2Fln00hXsMUTkb9pj5rNZj4%2Feqs9kUQy3F0mx33iIip2WSc6%2BBEjX3LyTAiEUXOgGpzDFJhX7T3d1zMzIfuQ2Rx%2FDujKIcLWvdfZVcVg0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ae81e0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/db30f513-4a36-43e9-baf4-6c7280f2519e/banorte_inversion.png
200 OK 2.7 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/db30f513-4a36-43e9-baf4-6c7280f2519e/banorte_inversion.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 10dc66258579e9bc8f14dbedbc9f9790
dd5215f956c1746b350df0c900168ab1aaacff31
a98951b1dac14192f8b2541c5b10ff09ed26359903b2d426433f322b6edebc61
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/db30f513-4a36-43e9-baf4-6c7280f2519e/banorte_inversion.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 2654
last-modified: Tue, 10 Nov 2020 18:35:10 GMT
etag: "a5e-5b3c4f04b9380"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJzuO2gX7jNLNcZFQIBneo5bg4I0G2RRzCglXKc2W4qmfOeZQgG%2Fut5ea1whu0e41Q%2BIAfSOTLE68gX6uIx0RI8UiHAMnyB3CCWpNbt38SaBV%2FhT%2F%2FF41cIQZtC%2FqkMVeG95gfuQC0EF6RJRAxp5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ae81c0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/861607e1-2a6e-447f-b83b-db22c3062e6b/banorte_internacional_icon.png
200 OK 1.4 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/861607e1-2a6e-447f-b83b-db22c3062e6b/banorte_internacional_icon.png
IP
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 2dbdeee82a995b44c939aa8557e55f21
2350858bdce2bade40ab3bee8f0b0b9a582e0bfd
901f2262f6b95c7d0213a901ef289672eb3151c00af0afe5324ece4247ba4b67
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/861607e1-2a6e-447f-b83b-db22c3062e6b/banorte_internacional_icon.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 1361
last-modified: Tue, 10 Nov 2020 18:35:30 GMT
etag: "551-5b3c4f17cc080"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAwO9eurhbV8i8y%2FUczs1vUXP0vVsJI6VnpE5%2BqmHeGGPd6AS%2Feh81q7ycoIB3ld5OnNSshL0oxPvjScwUk0qX6pWABB%2BAzWLAmpT3UjlLwGmyxion2AJShNwdvKq2x9D2crQ3G6Io0Z83M182l4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980af8200b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/5c9bc485-4a78-48a5-890e-792a48488d1b/servicios_en_linea_icon.png
200 OK 4.3 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/5c9bc485-4a78-48a5-890e-792a48488d1b/servicios_en_linea_icon.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b63740f9ab32d3b20e57a07eba59830
ddb4446b4b03ea286fee6009bf5c1a0d3cc6867d
ade77790e0f4ce3e7a90dbaf3f289b7b8d62927ae9acb5f5f1cdc78731d21dab
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/5c9bc485-4a78-48a5-890e-792a48488d1b/servicios_en_linea_icon.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 4266
last-modified: Tue, 10 Nov 2020 18:35:54 GMT
etag: "10aa-5b3c4f2eaf680"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PdAOMJZ7gdkt5qjHNvazKlJD2PP3zfkHAbm0EtLdmSkexc%2BjTeWpv9o%2F77h5x2jZ7kOHupiImZM8%2F1uzHBiJv8YhUJSkmgFCMp8u3n9CPI0aXDyn8VwHAxEEYRRCRY1aJ0DYCKybFheO5zpHEZE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980af8270b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_BanorteLogin/images/lognspacer.png
200 OK 175 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_BanorteLogin/images/lognspacer.png
IP
File type PNG image data, 50 x 50, 1-bit colormap, non-interlaced\012- data
Hash 0218574b6165bd318ffc516d307e2a2c
db5ac11fab637b90e328a6fa6a4b327f80ef8774
c6c4708ab5d06ee9a37b84835952d4e620e1314d9e908865e8393709448cbd8c
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/PA_BanorteLogin/images/lognspacer.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 175
last-modified: Tue, 10 Nov 2020 18:39:22 GMT
etag: "af-5b3c4ff50ca80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40jUpwZMIOJVA4CIsEAp6Ol4crc2FtvWc3bRJODnLGk%2BNnqTb4mYvM84nF65p2Sti5Ckk0YJBLcgGTrquY%2BjWbVDamVvTkynl7uwunisQN0EeJWuRrRaPB8JokQhkJLh9aZzmGu1BjIln3CS2Aoh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b08300b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/Iconos/cotiza2.png
200 OK 8.7 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/Iconos/cotiza2.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 23efbd61e60cf9519c8ee180919c1c72
ffb49da2c1b67550333d5f6a8001d1e414c055b6
319922e17e484cb8f2176d1bcf244ed421a97eac0baa17745001817578ca5a81
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/cms/banorte/Iconos/cotiza2.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 8700
last-modified: Tue, 10 Nov 2020 18:43:52 GMT
etag: "21fc-5b3c50f68aa00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zpyd1vdGim1FM%2BDm%2BOXtETP4Yi6I%2BKKpV7qZT3CD0RbKNnJV4xdONQrvTHWuKaDV25JnBTO1WDD0nRqeQaNhvqECsCtAc7gwd%2FXoXGzUjtEZ0%2FcEdSQcUkFrY2ygMRn2bpkN%2B9OPOV244mBOtWw0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b082c0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/promociones/solicita_tarjeta/PopUpFormulario_tarjetas3.png
200 OK 22 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/promociones/solicita_tarjeta/PopUpFormulario_tarjetas3.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 650x650, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 61b3b9d19d27d58f92a2e5701cc4e67c
f8ac604020f397ebad5cc6160a7b3e2512c949da
d4961839be7cbb3a15f1060c9559d82400ea8c2c55324b8874d94c634c80e5c7
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/cms/banorte/promociones/solicita_tarjeta/PopUpFormulario_tarjetas3.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 21488
last-modified: Tue, 10 Nov 2020 18:44:06 GMT
etag: "53f0-5b3c5103e4980"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rbu1WgDxhP2UlR40%2FnHmALS4qgzHQPSC%2FF0skgBWU97%2FoHm0si0tbRWs3S4fRoW8P%2B91p4qovb6SkGBDteknY1WIlfmBoH7zAwG0xcN7VYKmdncXwvjXjgR80s7zk5tCQ4HXsDqn3X41CLqZWo4k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ae8180b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/youtube-btn-lateral.png
200 OK 2.5 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/youtube-btn-lateral.png
IP
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash a5322881c62bf340696e4400ea41359a
0d905f78262dc2077d75408466b3112d132d70fe
15fd7c871a00c3600791dcc0cea4148f16c006ef5d3245c730a9f133e9631f32
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/youtube-btn-lateral.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 2478
last-modified: Tue, 10 Nov 2020 18:44:00 GMT
etag: "9ae-5b3c50fe2bc00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0scULwt8D12JuI9q575mprt5faN7IBRtD4n9CjbCKgcPIFXeSabInsq63MKF0R7Aw30NuYTPF%2BcvjsF%2BWxXSwHv%2BbeiZRjSXA%2FCwtONRDfdHVdnjp6uIqWSjHcdZCEO8tpRJw9ImNOzIuQNDbEMZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b384b0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/Fb-btn-lateral.png
200 OK 1.0 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/Fb-btn-lateral.png
IP
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 1346fe80a8177731054a6293cea714d7
36faae6920c8276b9cb1c884e0102a2d1515a78d
658fcb74b69b971bd5853e16a32b51976bb59144d2bbd56ed83d762b5db4217a
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/Fb-btn-lateral.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 1029
last-modified: Tue, 10 Nov 2020 18:44:00 GMT
etag: "405-5b3c50fe2bc00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cr0bF5tlwbMgfTZdbFF9af29ibi%2FylVZACMejAcChfZNayM%2FYr5i1ZnbZlAnveYa1cJPLjAdIkDffyG8V72Lei5BXCp6Nn2bMnMQBBqFj%2F7Vjv7ttNNQRtljQSW6mWLX9WwpEkEeS2teEqJcHkEY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b38490b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/8d5b1a35-c00b-4c0e-8291-fbf7cd689a09/BannerAcceso24-Close-Icon.png
200 OK 776 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/8d5b1a35-c00b-4c0e-8291-fbf7cd689a09/BannerAcceso24-Close-Icon.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 6accf59ff0ba077104b3520a257f4374
888c8b72b97abb2070aca7f4b656667a1f4714a7
6352cf1cc43b7e7f83e50ae84c7bea7c4f23fd20656e31b47d1c0041e14fbfe9
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/8d5b1a35-c00b-4c0e-8291-fbf7cd689a09/BannerAcceso24-Close-Icon.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 776
last-modified: Tue, 10 Nov 2020 18:35:04 GMT
etag: "308-5b3c4eff00600"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxEwv8zwPMznGR9bwonfFABZ0gt6%2FjJ85DPInrfP6Vtfmor%2F3tXREvtDzldoQ1w4BHeK%2Ffn51Znxg1vDlPAUpqCN31T6CJHekx30RM8aosDBOKrsXbXtLH1W3eBpWYf5m3NpsEoz7oySDaZtYT0L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b484e0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/1b9190e0-ef3a-46ed-9fd0-2c199d456548/banorte_cuentas_opt.png
200 OK 1.2 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/1b9190e0-ef3a-46ed-9fd0-2c199d456548/banorte_cuentas_opt.png
IP
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash bc0dbf3fed36685b878c8cb48b43078a
dafb524222a90de70b0080da5570dae1046d3c41
244f21de381543939b499e0fc89f7492a43113fc6551aa2b7b95b8d111e24a42
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/1b9190e0-ef3a-46ed-9fd0-2c199d456548/banorte_cuentas_opt.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 1188
last-modified: Tue, 10 Nov 2020 18:34:34 GMT
etag: "4a4-5b3c4ee264280"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1kTUYTqKMBQ6CcTd5Qnp%2BIQkv3GPsGnTA5t84ZXoqLwyQDHvucU8NqjGEE9e7drNZVEVN0ki2WHmrxL7kceWz7IvFXKezwVviltCC1RL7qCXO2G%2BAJk59fKJ9Yke6KMDzj3DZUwV0L%2F71wCDDGh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b48540b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/BanorteSitioPublicoTheme/themes/html/BanorteSitioPublicoTheme/images/spacer.png
200 OK 220 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/BanorteSitioPublicoTheme/themes/html/BanorteSitioPublicoTheme/images/spacer.png
IP
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 15d0a6ba998faafc6e51d7beec5550f6
bd76710027c1d46cba36225a4f1fce7caca92bd3
c7e5e61afdfc9712f2ecad8315e7dbe7f2facf1247b9b03e7c965e1c5b024735
Analyzer Verdict Alert openphish Banorte
GET /BanorteSitioPublicoTheme/themes/html/BanorteSitioPublicoTheme/images/spacer.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 220
last-modified: Thu, 30 Jun 2022 10:19:18 GMT
etag: "dc-5e2a79a32f580"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0xQ1w%2FJG1p0NQsa14Tsy7qjh2B6Hs9pY3p0wAr7oDtzp3E8JsG0R4cIzy4Tq1C5S89lo7ZyzZE8xq%2Bm7Z4%2BU3cJBZvgSQTZ6X8haq%2F23EHtQ4FWOLfoz3jVMOL9fL4Cka1g13dNeeo9bqBARQQz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b183e0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/te-seguimos-apoyando.png
200 OK 84 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/te-seguimos-apoyando.png
IP
File type PNG image data, 650 x 650, 8-bit/color RGB, non-interlaced\012- data
Hash 5cc229a4872d79ba1a7ad51d843f0af1
f095ee1f7c8a642e7486d86e59649bac459b9ec6
495e20ec9803b0d47daab2d4cda18e5070e537eedf1f739de7af9f636fc7b8a2
Analyzer Verdict Alert openphish Banorte
GET /te-seguimos-apoyando.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 83926
last-modified: Tue, 10 Nov 2020 18:23:46 GMT
etag: "147d6-5b3c4c7869080"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJSefnmpE%2FSBCu%2B7JCeCcwkpMhawV45lXUZPoNUhOvQ9o99lg06%2F1DtTv5ubCjPed0U8%2BQLLOWvF49PA1Hxwcs%2B5sAGvY5G8PQOcCSS%2B25G2xmzrJo7JCGHOP5vbGKTGQk2F387wko7m4CRa4EBu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ad8140b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/f51d14ca-5875-450c-872b-3bd4f23d680f/icono_store_banorte%2331DD6C9.png
200 OK 5.8 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/f51d14ca-5875-450c-872b-3bd4f23d680f/icono_store_banorte%2331DD6C9.png
IP
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 51ff606d245a2819a466d5c9fa9dadab
77ef006ef5c6fc2181de09b9db56b45249bbf4c7
5e66ef82c8d227973a3e5e8b7bb59d4613c204ed419771b44416bee1f573a842
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/f51d14ca-5875-450c-872b-3bd4f23d680f/icono_store_banorte%2331DD6C9.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 5803
last-modified: Tue, 10 Nov 2020 18:35:08 GMT
etag: "16ab-5b3c4f02d0f00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ltj%2FFtdvBpH6YzFxySfShp9PpF6fCLlUPEr7dq4JvkTOtHwuaHXanTMjkVCuOCRv8VT%2BU0wk20hDZjJjb8YC5cCfSTblyaDRGQg2woCDBWzG%2BBEVvHm7P5YXE5WMfGtgf8tsoE%2BEfuh5sZEqQI6z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b484f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/instagram-btn-lateral.png
200 OK 2.5 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/instagram-btn-lateral.png
IP
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 262f5acb6b38cbe0785498854a62ef0c
47355aca7848f538f4251f4e07b4c3fa5cde487f
8fc2f9180494377e432af20d462eb84b1a456d19fd8aee5e3efbad834ef12b05
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/instagram-btn-lateral.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 2491
last-modified: Tue, 10 Nov 2020 18:43:58 GMT
etag: "9bb-5b3c50fc43780"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvzreWykVrSVMQOg8GphSHm7ob5eTqwUZeDyBhcg%2FYm%2BOEVX7mnMK2h9euIKzMS5MYoj8sLUjOn7yw0EfKQcvg8W6zyFN2fdDn7D%2F1LGUD19MvrIGzMrgM75ZBTsXLyOYEnG7I7dbaQZ7Hj1dKrw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b484d0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/7fa50eae-d1bb-47cf-8a86-739b71eb6812/003-Banner-A24-Download-BTN-Opt.png
200 OK 272 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/7fa50eae-d1bb-47cf-8a86-739b71eb6812/003-Banner-A24-Download-BTN-Opt.png
IP
File type PNG image data, 50 x 51, 4-bit colormap, non-interlaced\012- data
Hash be26726cb1f8db2a686f81d10d017aa2
1109270462a6efa2e380bbf897d32e023b55b06c
eb5d758957db50e7c3c2f91970af623c83a030c6a702411d7800bb5d4cefed57
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/7fa50eae-d1bb-47cf-8a86-739b71eb6812/003-Banner-A24-Download-BTN-Opt.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 272
last-modified: Tue, 10 Nov 2020 18:35:02 GMT
etag: "110-5b3c4efd18180"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWERt2%2FIVpjTwlEQ19IESXFEzsVEtog%2FZYxHABY0f6eP6r6kQLG7Fj5CNkuT4jJlO1teAkK5Oq25kMrT%2Bdvzz5k6DznQ5nWf63soeojt7fPdEF5WBecarNFconjeLEwfFjfuJrjqmTJ2uJWPc1Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b48500b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/twitter-btn-lateral.png
200 OK 2.3 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/twitter-btn-lateral.png
IP
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash e156fb6f90204543c1b62e485948a194
35daef7b31b191993c29e943736d644742bafb43
b21dd1dcc49679573d4311680f8ddf46c459aa24918a2c0210efd004d49b4ba0
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/cms/banorte/imagenes/iconos_redes_sociales/Botones-RedesSociales-Banorte-2018/lateral/twitter-btn-lateral.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 2253
last-modified: Tue, 10 Nov 2020 18:44:00 GMT
etag: "8cd-5b3c50fe2bc00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bK%2BmXQje%2FDAHlHFswPgKnL1gZQOPzdfrIV0NyKEZDgiRuc35yHMfKD0y1eV1ovS0kvIjm6IdSRDc4wB77lGJc0P7ygH26Hh7CtxTX0By7IhrALnGHWVtMyjsUgA7hiSYAwUIkFNV%2BHGgwzNHMvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b384a0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/e04e84ff-9460-455a-8c15-fe75c11415f4/BannerAcceso24-Expand-Icon.png
200 OK 1.4 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/e04e84ff-9460-455a-8c15-fe75c11415f4/BannerAcceso24-Expand-Icon.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b530a6f15c1aab03edcbc267facd526
5ff4bed4cabdeec435dbeb6fc1e78486d4bbd60d
0d21127ae490d663d6717256bc4cbb5596ef795dde963f23004cf4c319221953
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/e04e84ff-9460-455a-8c15-fe75c11415f4/BannerAcceso24-Expand-Icon.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 1360
last-modified: Tue, 10 Nov 2020 18:35:06 GMT
etag: "550-5b3c4f00e8a80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FBcCNA5bgxZg3af9iwf9QETQsVyspxKgdlropucBIeEUlzrpxUyQbmVIBoGpwlhRkKPSZwJJCAg6581WyLNsMmgTEWwJbVtlG3eKWmQawgTJjVkgcsZ2rxYFTxO%2FN3uQqAHPBDU6Koh4DX4Y%2F6M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b48520b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/629936c9-1f3a-4a65-a7f3-5d3872d6ad42/banorte_creditos.png
200 OK 3.3 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/629936c9-1f3a-4a65-a7f3-5d3872d6ad42/banorte_creditos.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ad79f0394d5c9732a4a2942e3305617
b6e89119194440326cd47f2ab2b894ea86aa2790
d7fa798f43c145a93c7bd0a3ce1751b09a7e2cb09c618dde1e92c624546b6c77
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/629936c9-1f3a-4a65-a7f3-5d3872d6ad42/banorte_creditos.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 3307
last-modified: Tue, 10 Nov 2020 18:35:26 GMT
etag: "ceb-5b3c4f13fb780"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be%2BvUBGH5CQt88SqjOwEhGTmJNVIQPUJ1XERrYhl4%2F1P0bp6Pu3yoK6%2BhFn7e%2BV2kAVthkW0nboGqOUfCMLuMhgXVzQTHsZvpaQniCzkSO3qB%2BA5K0UhOH%2B9PVDh%2F5SkrN4bruEZKDP02XHth11I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b48590b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/0440917f-1a65-4c82-b91c-11fbb2ffe86d/banorte_inversion.png
200 OK 2.8 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/0440917f-1a65-4c82-b91c-11fbb2ffe86d/banorte_inversion.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a5bc13d3bb33baad82420dbc1d3b976
967f5d01485450e3d43779119c6e59f4e3f1d0ab
b913aa8a6f77cebea4f656ed1c48cbb83689533fd27c8369507f3929f87f5c8e
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/0440917f-1a65-4c82-b91c-11fbb2ffe86d/banorte_inversion.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 2776
last-modified: Tue, 10 Nov 2020 18:35:32 GMT
etag: "ad8-5b3c4f19b4500"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfeLpsKc3vAxf%2FepSbORK6VMesIAbO5DwG7MPOXZTOO6Qjyl3F5kkdBb2gZ9AXQDah89zXr58uis1MBlWEuo42q%2FDS3F9JE2%2Fu7BvKWsahp4Z2ceCaGQKECoLbKOe7BQk9GjmhZAzRTOxPADHDRw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b485c0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/514b2490-95e4-4223-a2fe-e8d9ce64508d/banorte_seguros_opt.png
200 OK 1.5 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/514b2490-95e4-4223-a2fe-e8d9ce64508d/banorte_seguros_opt.png
IP
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash e134a3a14e8d82f40dede04498ed4a2c
9c28ede0daef177d07cf2dca059bb61d4491a8a8
2a7fda0500f5019393e23df9158f023b946404c63e036b7c89f6372c646d5ff6
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/514b2490-95e4-4223-a2fe-e8d9ce64508d/banorte_seguros_opt.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 1497
last-modified: Tue, 10 Nov 2020 18:35:48 GMT
etag: "5d9-5b3c4f28f6900"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCZgWN9sgC2yE%2B4Qi1HLjJs%2FXGuMZyGPUJk%2BQub03xODUJXy2eOEMYgzpg%2B07WDSPC0%2BxKVBFTiR1EjLtSfXoEivrtbclYxnH1JTAc60Jx8yWQw5IdoJftCh9JHZ%2FVTRYjQjQSqFuqzkWcm6ggKO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b585e0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/9fca413e-b995-475a-ae31-d3d7962b0e23/banorte_internacional.png
200 OK 2.5 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/9fca413e-b995-475a-ae31-d3d7962b0e23/banorte_internacional.png
IP
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 25466dcbe60cf86a20206a8d38c1cb45
2dd8040e5cff80cf90b3b6d0dd3683226d57f660
f150d7867c9505af3391e5da6a796c1268c262601694ede749cdecfed2541944
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/9fca413e-b995-475a-ae31-d3d7962b0e23/banorte_internacional.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 2474
last-modified: Tue, 10 Nov 2020 18:34:40 GMT
etag: "9aa-5b3c4ee81d000"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1VPuNHt4oVC9etpKDmgJt9p53m3SvD9B6fs4SOUwRblfhvJZCXFP8Q52uuOjWpGRuhW2ZKuddCcFH7HB90pTUR0vWOztPgjFDnwkIEHZqqgOt6mzoFttaS06dkCHrQEtiJM5clLGU%2Fzf0AQGQBW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b58600b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/715f029d-4764-4df1-aa2b-b4a3d145a1e8/Acceso24.png
200 OK 4.5 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/715f029d-4764-4df1-aa2b-b4a3d145a1e8/Acceso24.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 3276d32c0fb0d8fb0e4b977265e3dad7
53df47cc742ca7c8073e5f3770f3f96c32997a50
f8368723bdcb917c33f5f0b94348f464a45a9e6659004af48d8ae1a0ca1669b0
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/715f029d-4764-4df1-aa2b-b4a3d145a1e8/Acceso24.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 4483
last-modified: Tue, 10 Nov 2020 18:34:52 GMT
etag: "1183-5b3c4ef38eb00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc5uPNEmZTPyY2LTYElPtt2X0iuDHK2SqwSCE1%2FhQwpgjZgj3qukRwbXfh04d9aJTL57C8%2FuGB9W7%2BqusCEATU0euclDJcAYwCUK39iPwBcSVbBJoOnHzA7JfWnsJXwXp%2BbqJrh%2B3u%2BRpKlwFryX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b58630b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.ui.touch-punch.min.js
200 OK 1.0 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.ui.touch-punch.min.js
IP
File type ASCII text, with very long lines (997), with CRLF line terminators
Hash 92d13ef9b9b0d6069f7d5f4a0b552e06
54d0fbf53a893be05b6f5b2d234ca9f6acae16d1
43c4cc39379ccb950eea483bb1360f7d7adb4401634aed17a4619be3d9a79efc
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.ui.touch-punch.min.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 18:43:00 GMT
etag: W/"4ae-5b3c50c4f3500-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ra97nzsEcsNdcTrMFLTc%2F9iDzOXkR8VJFlCnkGoPl1ed4lKoqNg8CBHG%2BCNlMhQTaaURPAV%2FLA1kPyfNwUv5OocySsQ1INm%2FUZmy3U8s2TfPxDE9ZF31AfWuEOEGwFWQKU1OmfQWRa70bpU1CCr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aafea0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/de28cccb-2aa1-478e-b5ea-a3bbb968fa0d/Banorte-y-PayPal-asociar-tarjetas-Carrusel-Final.jpg
200 OK 29 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/de28cccb-2aa1-478e-b5ea-a3bbb968fa0d/Banorte-y-PayPal-asociar-tarjetas-Carrusel-Final.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x492, components 3\012- data
Hash 9d9d8991b0f7b50725cf4e63450a25e1
6b7971e57a756b7e66a2d5c8e53e5c70ca9e3cef
9d2a29d76d23fe2992ae51493f52c63b9681937f94098faf844f204bf6bab4be
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/de28cccb-2aa1-478e-b5ea-a3bbb968fa0d/Banorte-y-PayPal-asociar-tarjetas-Carrusel-Final.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 28642
last-modified: Tue, 10 Nov 2020 18:34:34 GMT
etag: "6fe2-5b3c4ee264280"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38Qw%2FDkXECfOudiD%2BiiHPFs123KPQ2EXLCeILFhVlBjcj%2BFdl4yKEJQ74xfD5MsJPH%2FSPMYSzr4E8XUjPoZ34dVZnwypFKnpw2Nx4Vpjvlz28r3%2BW0%2FpQSfBUzKxHQWNQwPsiREcIKAm3fE74DOP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b98900b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/1da03764-835d-49fa-8b73-23138578ad3a/Banorte-Chip-Mas-Nip-Carrusel.jpg
200 OK 26 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/1da03764-835d-49fa-8b73-23138578ad3a/Banorte-Chip-Mas-Nip-Carrusel.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x492, components 3\012- data
Hash e340a366a2118dc1412654b3ddaa16c5
4f77f059dc1a2c1e642541e0461e6bad45ce30d2
d5dcfa6c5659209a702a6dc2972e003fa14342cdd0bdfa9ae6563704fddcea43
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/1da03764-835d-49fa-8b73-23138578ad3a/Banorte-Chip-Mas-Nip-Carrusel.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 26309
last-modified: Tue, 10 Nov 2020 18:35:06 GMT
etag: "66c5-5b3c4f00e8a80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SsypENJ49NF1AApdlwX54bVhycQkjFt3WMEqV0Til3ljbFJQCOt0U%2Fn4KLkfFvFIMUOnZLG4gbL1BBza3CJnKxxlpj8cPCn%2BrtF2j%2F8VYpIGOQTxLYDe0jo0qLu9ReuONi54gqkyBHwYIqClZYh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b988f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/947d421c-9d77-49df-9cd3-ca2c86996cfd/Banorte-la-MLB-en-Mexico-Web-Final.jpg
200 OK 119 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/947d421c-9d77-49df-9cd3-ca2c86996cfd/Banorte-la-MLB-en-Mexico-Web-Final.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=700, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1300], progressive, precision 8, 650x350, components 3\012- data
Size 119 kB (118729 bytes)
Hash 9a953da545f11a9411d22a20ec64b3b0
531e322f87f2276612407a11ce20f10c36268cdb
79d3cb1f8e2ff2dba7cccffea3458eff1106ccce57674fa8a654cb70c292ad6e
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/947d421c-9d77-49df-9cd3-ca2c86996cfd/Banorte-la-MLB-en-Mexico-Web-Final.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 118729
last-modified: Tue, 10 Nov 2020 18:34:28 GMT
etag: "1cfc9-5b3c4edcab500"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT6%2F9wstaBNZwkt8O20moPGRvznsialv%2BY3iJnMNAyFsfSlNoJdufF61f2OTgCjUcmHTEqZu5LMHwYp9xbDBsnLfPmETSl1By4l%2FeV%2BjLf01F7c1kYqmySXs7RY0Lo6hf1qfXoB0dT46m4g4Sq74"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b887d0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/564b2728-2206-474d-bf61-cc1f92deb3f4/Foto04_SinTex_770px.jpg
200 OK 178 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/564b2728-2206-474d-bf61-cc1f92deb3f4/Foto04_SinTex_770px.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 770x352, components 3\012- data
Size 178 kB (177452 bytes)
Hash 96a6c31c650dccb6154e2aa8812a2ce7
623432770faedfc11e60e993b2e4205dafae2f5b
d9e0a53bc448693dfb8a2d912d9126a8872c6c93aca93ba7c42581e8a977e5cb
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/564b2728-2206-474d-bf61-cc1f92deb3f4/Foto04_SinTex_770px.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 177452
last-modified: Tue, 10 Nov 2020 18:35:16 GMT
etag: "2b52c-5b3c4f0a72100"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRFTDixPc15Ni3wOVWaOPelJxFb1UI5csDTaAi8hErrZ%2BDV7llD2zWW56NJN5dvqejbOQ8nQBzG5YRct%2BUEQMcKTbWwirhYVhTZtG4jo5NFOchFV91kG4HSTEdFBGvyNk1kMujqkycawMe%2FEGnXX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b78780b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/cfb25ba5-546d-4a71-af4f-58b49f7f24d9/Foto02_SinTex_770px.jpg
200 OK 195 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/cfb25ba5-546d-4a71-af4f-58b49f7f24d9/Foto02_SinTex_770px.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 770x352, components 3\012- data
Size 195 kB (194817 bytes)
Hash 3b6628a3b66f7ec99a4cf34876e378ed
9fb3822131d6b0fb324f673cf495883a02d692a4
7158079a3e02e4972226b8615059f1e811a936409ba1b849f0769962a6de38d2
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/cfb25ba5-546d-4a71-af4f-58b49f7f24d9/Foto02_SinTex_770px.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 194817
last-modified: Tue, 10 Nov 2020 18:35:46 GMT
etag: "2f901-5b3c4f270e480"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfQJAE7hS8d3E1LzK8oVfJ1XMBLj2M2BV6Nj6Jvh8F21dyqe9t%2B%2FqorgRQvG4AywEZLKi0l6iBJM%2FNIKWKmXe364DXOHUIBvcyHGpgiRV%2FP985JqydUSNMq7m0QDYYK33HHqYqRxVi15mbEnw862"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b78770b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/wps/wcm/connect/banorte/7e47a485-5cb3-4907-8596-113b32c17bbe/Banorte-Sorteo-1junio.jpg
200 OK 232 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/wps/wcm/connect/banorte/7e47a485-5cb3-4907-8596-113b32c17bbe/Banorte-Sorteo-1junio.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3647x1107, components 3\012- data
Size 232 kB (231752 bytes)
Hash 15a0b2a85c1b73541d3f1b533334354f
cc64fbb7bd2ce67574e933d9a931d761db14efaf
b101f79619eb51179502805bef9f6235bfb263e893f187b4c98c5c1b8ec8aeb8
Analyzer Verdict Alert openphish Banorte
GET /wps/wcm/connect/banorte/7e47a485-5cb3-4907-8596-113b32c17bbe/Banorte-Sorteo-1junio.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 231752
last-modified: Thu, 30 Jun 2022 10:27:58 GMT
etag: "38948-5e2a7b9318780"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBESdbewWV%2Fi4T3QnT7Vj8GIRcdz%2BFt195knyiBGKPrhuKEUzfjjPKdE9KQaD3Ph0h2dj8UWkiMEkAaal1xSOQYhrX5IMakgGlyPTGp%2Bg%2Bri5L8H1jCR1pA1Tv9CB0%2Bq4ZBHrDKi%2BMjcWPsqu%2BOm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b283f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/b34de7c6-f083-468b-b836-b50e250775f1/Cuenta-Mujer-Banorte-Mayo-2019.jpg
200 OK 70 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/b34de7c6-f083-468b-b836-b50e250775f1/Cuenta-Mujer-Banorte-Mayo-2019.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x492, components 3\012- data
Hash 4a019192c921b20bfb5532f79a8b0a0e
226f1592d5145d836d5694ab2b6d74a5e8a7f053
662e10f50a370444bda8686be906a3b64b86ba95cad39c08ff8a5fb45fec4cfa
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/b34de7c6-f083-468b-b836-b50e250775f1/Cuenta-Mujer-Banorte-Mayo-2019.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 69894
last-modified: Tue, 10 Nov 2020 18:35:26 GMT
etag: "11106-5b3c4f13fb780"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJHRSgIrZ%2FTxreOIpUkFzoCUnjQqjbCdwyWOfNkTos%2Bq8xixCPDRABG%2FBRUroYTZgOjVCqy5sommrOFQsCupoZi90C3X9LHiTonrDxehXFbVe8c1qlKZa10YrNV7ecW%2BcRVCHiQMfEjGCLJBg75R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b98920b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/wps/wcm/connect/banorte/1088f383-ee2e-4a31-805d-e9fdca14ec58/TDC-Marriott.jpg
200 OK 534 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/wps/wcm/connect/banorte/1088f383-ee2e-4a31-805d-e9fdca14ec58/TDC-Marriott.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3647x1107, components 3\012- data
Size 534 kB (533813 bytes)
Hash a05e549dc4f161a1985627478a43ed47
a5dff9073ab70f2e1091487e04f86187ef731d99
0a630bd0c6705ab2cbaedba05d99bd830c04081f7acfbbeb0e0a23f377d0e946
Analyzer Verdict Alert openphish Banorte
GET /wps/wcm/connect/banorte/1088f383-ee2e-4a31-805d-e9fdca14ec58/TDC-Marriott.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 533813
last-modified: Thu, 30 Jun 2022 10:29:52 GMT
etag: "82535-5e2a7bffd0800"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MZ6n57cfLo1esm7Fa4lUi6oqylLGcc8Jiu0cjOEIXoNFB1i6SrArH%2BA8V8epvhPzqyIYPMsuWW9IXea5fD%2BE2Hc%2B0NlpubkSTBRwkns38hrt%2BxYbW%2FJCfeY%2F%2FpwcDqNMiAzsqTZPYcM7hNagejX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b28410b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/f75255e0-b697-41cc-934d-ba267bb90384/Foto01_SinTex_770px.jpg
200 OK 152 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/f75255e0-b697-41cc-934d-ba267bb90384/Foto01_SinTex_770px.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 770x352, components 3\012- data
Size 152 kB (151629 bytes)
Hash 95776dd158e3a303aa5841c6536a558a
702e1e591b8353e9eb8d9fcd4069179a90e79786
dcddda5117101b411ffef537d1101b389fe61eccd9c77d748046fcaa0f031387
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/f75255e0-b697-41cc-934d-ba267bb90384/Foto01_SinTex_770px.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 151629
last-modified: Tue, 10 Nov 2020 18:35:54 GMT
etag: "2504d-5b3c4f2eaf680"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li40tsOYNU%2FW%2Fd9Hk5Esfxcy9D5sFRs5g%2Blt8nrPkYW4Cd5r4cYRPlIbqIqAh4qlSkMDT3tTZnTMfOOL0fs0Su8rWgf0%2FpDUFWIeV0Dj9e1X5%2BhcltvgE1B8yA34tVJQ3hh1kuAq%2BFItPEAt3WNp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b787c0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/d3dfd32e-b634-4830-b152-b85c1d7c2ff3/Banorte-TuneUp-Fuego-vs-Agua-Mayo-2019-Web.jpg
200 OK 122 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/d3dfd32e-b634-4830-b152-b85c1d7c2ff3/Banorte-TuneUp-Fuego-vs-Agua-Mayo-2019-Web.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=700, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1300], progressive, precision 8, 650x350, components 3\012- data
Size 122 kB (122027 bytes)
Hash cf50919d5ac11828ac9ad7a61374441d
dd5b53cbb6dd5dd344237d397f68f01971bff8ce
8752cd6c9d9a4edd825341cf2e609ff78f0d061929dc62674e537aebd2b2fe13
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/d3dfd32e-b634-4830-b152-b85c1d7c2ff3/Banorte-TuneUp-Fuego-vs-Agua-Mayo-2019-Web.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 122027
last-modified: Tue, 10 Nov 2020 18:35:36 GMT
etag: "1dcab-5b3c4f1d84e00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eddTK9Bo00GPxPc3x55biXUM8cpJMmnocsWfgiT%2F5IXOkXYHSBB%2Fd%2BLM1IMRmlAENM8yhdUfBu9Fc%2BbDfyBV4UfmvAV%2BvWY0BlwDcqOZ%2F7kOiGfSC7zTII9lcgJxTgMIkv%2BCiyk0aHbfU7wz9evS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b88850b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/slick.js
200 OK 120 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/slick.js
IP
File type ASCII text, with CRLF line terminators
Size 120 kB (120511 bytes)
Hash 6b0a39a1a7ae96cd096f01972f81f6f5
ddfde673d4a9e910e510e212b9d27671b64d3ae8
7d4dde25f60058185234cc16e197b6a01a26c4fe941c072a9fc417fc90e21906
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/slick.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 18:43:06 GMT
etag: W/"11c24-5b3c50caac280-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BX9W0ugP8rBMaA77%2BfuSj2aFj98iQGWp77QfzSYwThd%2BcAT5iTNseyy8jVoBxndgh1nSwGWLxcYX%2FlWcIrr%2FaGyyyB9E%2F81C9pLcugcy6N5CEJ%2B6fR1TBJNZVoVo5a2yGaOSrBmXXWOeJQWY8rjz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aafee0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/8f679141-8f9b-4190-977d-51f8f8e97819/Banorte-Reino-Animal-dia-del-ninio-2019-Web.jpg
200 OK 277 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/8f679141-8f9b-4190-977d-51f8f8e97819/Banorte-Reino-Animal-dia-del-ninio-2019-Web.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=700, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1950], progressive, precision 8, 650x350, components 3\012- data
Size 277 kB (277057 bytes)
Hash 263d7a629d8d67d1fd55dac4aa475f05
ec07923e677d230ab7841b48947a7937ef46bdce
3f8d279c8fcb52a396a5df11d920d07dfd1951bfd9c0b9005c4a32f075a8b701
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/8f679141-8f9b-4190-977d-51f8f8e97819/Banorte-Reino-Animal-dia-del-ninio-2019-Web.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 277057
last-modified: Tue, 10 Nov 2020 18:34:36 GMT
etag: "43a41-5b3c4ee44c700"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F%2BcNdUcdBpwyV7rUmSwgk4s%2B6y03U4q1lKNKtnLp%2FaTeXOqmhpIVbQs005wYLzu0bONelDnLHbmay0kmj6Js6luhMXP7RnDrKk2BPRaDFmJlsLVqHfd7I%2Bzh0EVT96eZM8KSUHC9FxKbj75dVHC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b88860b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/5cb6e538-820f-484c-8fa7-dfc7e8641883/Banorte-Capilla-Sixtina-Monterrey-2019-Web.jpg
200 OK 130 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/5cb6e538-820f-484c-8fa7-dfc7e8641883/Banorte-Capilla-Sixtina-Monterrey-2019-Web.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 650x350, components 3\012- data
Size 130 kB (129583 bytes)
Hash 77051f85c8772ca03b99f2d1c38352ce
879c4cc87a74693bc6e6c43d38db6221b1a536b4
77316e5d463262378b5e9cec28ea119add766101c7353279a77720c797e4cdc6
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/5cb6e538-820f-484c-8fa7-dfc7e8641883/Banorte-Capilla-Sixtina-Monterrey-2019-Web.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 129583
last-modified: Tue, 10 Nov 2020 18:35:58 GMT
etag: "1fa2f-5b3c4f327ff80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BDpRHZ6vxY9NQ65ZZd4SZcx3PwviKo9V%2BHjVrwg5T1L7GYis3zSONMrzMbYj6mQ2wwCeyT8DERE5mEnLeeJbRQZHCTLZ5zk%2BsLJt3uzrIt7rXyiPvScJgJQ0Vbo1%2Bld1NqCrPuZh2QRbAaxWNJ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b88830b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/1fb41902-22df-4ec7-a12b-429a47135fcb/Banorte-21K-ESPN-2019-Web.jpg
200 OK 215 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/1fb41902-22df-4ec7-a12b-429a47135fcb/Banorte-21K-ESPN-2019-Web.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=376, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1950], progressive, precision 8, 650x350, components 3\012- data
Size 215 kB (214771 bytes)
Hash 50bc6262e5674611fc072f660e8cfb4b
ac1a3c8e22bead8c0bdae972ea7e2e2e4f4a8047
3e1e06977564cd46cde18392ce85552992e5e827f677baa442bc0adfcd5cfe8c
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/1fb41902-22df-4ec7-a12b-429a47135fcb/Banorte-21K-ESPN-2019-Web.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 214771
last-modified: Tue, 10 Nov 2020 18:35:20 GMT
etag: "346f3-5b3c4f0e42a00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHBtEzuI3ctJkH3nXJ324SIB4E3JwUNGYMcm%2FgFPM7X1k00LDINLlHSF7dnujWBHcjTc6HgEmDtFFyGI7QF9frovrhJ0i0QM89PqsGVimK89JJ2i88MC20AoSmTd09hAjD61deCPBT%2FBQLEL6T%2FS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b88870b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/close.svg
200 OK 38 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/close.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash aaad2b68c02c03d50e44ed73e83bb51d
ac4f04883bf93da4f12f5a754974c50b1cee476f
fca47aa0a13b7fbb1c11ab6e2ea3d014b77eb7ce94551527f2913c7189ccd728
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /close.svg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Nov 2020 18:23:56 GMT
etag: W/"35b-5b3c4c81f2700"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vdrbAJXQZMGMDG%2FI%2FDg9TahvTWBrxEd9oNiaKAm4ttitWiBIgpJnLDWkDmw%2BlRAlkEZjR5aC%2BeTAOG8jFtNhGFFB0w%2BWXDjJ2bFLiveEeBEmS7eVqnj0MlczKdeZZ5A0J2Yd7xSURN2Myj35hVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980ad8130b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/GFBanorteResponsivoTheme/themes/html/GFBanorteResponsivoTheme/js/pgwslides.min.js
200 OK 4.0 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/GFBanorteResponsivoTheme/themes/html/GFBanorteResponsivoTheme/js/pgwslides.min.js
IP
File type HTML document, ASCII text, with very long lines (13198), with no line terminators
Hash 94bda535d46ebec1df28048c0bb2e23c
2263e0df313cf2d68f67799fea3a55f2360ad45d
38a968dfbdc7e09c36093df1e884e4e725b6b246e1cf71b7b199d8051ae75082
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /public_banorte/GFBanorteResponsivoTheme/themes/html/GFBanorteResponsivoTheme/js/pgwslides.min.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 18:44:38 GMT
etag: W/"338e-5b3c512269180-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UbvUuFIX5B4v1w0cVr2IeTf2YnFB9sgWNcniXuHeo47WnMhgK4YG3GJZHOEE60MejbSQx%2FRhtH3usX%2BQkbMiNOc4aKxpDeIHPO%2BgQjXYfOM4SlJuv%2Bkn6YP%2Bqqlz4BXRiJkjw6VMgVtminVBIcK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aafef0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery-ui.min.js
200 OK 68 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery-ui.min.js
IP
File type ASCII text, with very long lines (32119), with CRLF line terminators
Hash 0593279cb44b2d2aeb4f44de0653daf0
627697696075be7064a02d8dc79fbe0efb9cbc76
d4e7c9198769a9b1bc7627a52cd463e5d085ca46f8a09f99c94e8f85833b4944
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery-ui.min.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 18:43:08 GMT
etag: W/"3a2f6-5b3c50cc94700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYEq8p9rEBKnrXgsQAtCvRLjFm6vBEpMPfg6Ldb6dVPe%2F1AW7AJ%2B2dJE6esRDtw%2FIS26n%2BL72G3gigKZ5zXFEqZvXEd07Iugda%2FASIjK2TM%2B5gOZD3FD%2FTHkLffdaQJn964pEjH2jXVnPd54oe0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aafe90b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/0006489f-69f4-4540-92b0-7116e110cd1c/Banorte-PyME-Credito-Negocios-y-Empresas.jpg
200 OK 139 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/0006489f-69f4-4540-92b0-7116e110cd1c/Banorte-PyME-Credito-Negocios-y-Empresas.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x492, components 3\012- data
Size 139 kB (138689 bytes)
Hash 626fa9c4f2057a43a374570758e8b2ec
8157005d3f17365cecda290f15afe4cc875215c4
4a56ed00e060f45cb3042ca23363b54f8a64f9e32b1bc1ffbe31edbd4fd4be8f
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/0006489f-69f4-4540-92b0-7116e110cd1c/Banorte-PyME-Credito-Negocios-y-Empresas.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 138689
last-modified: Tue, 10 Nov 2020 18:35:56 GMT
etag: "21dc1-5b3c4f3097b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmiFcN6GqSvc9T7jMWmTzULwmfevJTM8v3XDbqj6MjT9a6NltpLTI%2FWCFUyVaGB%2Fu6jaadeVlFo5sMt6oCi2kKYigi7WJAUHxMHldJ87QcoKv%2Fx2X9tAE1Ui5rknAbvzJgspTKcOWCvyPz19vlhw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b98910b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kq/ESOG4i6+xw9o6UwCWcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q1OX9+9Soj6iUhP4K+5kw1kbDVg=
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/dc324eb8-308a-4fcb-9f15-9c95e7fe6b34/Banorte-Genera-tu-nip-Web.jpg
200 OK 475 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/dc324eb8-308a-4fcb-9f15-9c95e7fe6b34/Banorte-Genera-tu-nip-Web.jpg
IP
File type GIF image data, version 89a, 50 x 22\012- data
Hash 9123d73356aac5cc7cdfa6d1895b13f0
38edbd8972c5bb7b69f632134dc61ad73a75df13
c79f747b758176f845146ef5a8ce88818260fa3226ffac4a054141e174bc1f11
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/dc324eb8-308a-4fcb-9f15-9c95e7fe6b34/Banorte-Genera-tu-nip-Web.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 117552
last-modified: Tue, 10 Nov 2020 18:35:42 GMT
etag: "1cb30-5b3c4f233db80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BpVOAdu6vTGx9HETWmj90TCTQ%2FFFkFT317twp%2BmwCPOeqylArSuVvb0Go0ivgd35XPfKXlKbkpO%2FVgYO%2BkjsdzzAd9J4h%2FPj9TcbqW1aWq10MVNifoAes%2BwFFFLwbw%2FbOPLz5qxpH%2BvJX6P1g4Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b887e0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 999 B IP
Hash 3f07b9dbbc35fab932a67c9d58b4399a
247efaccc298c82cf740bb2981a5181e0f860c9e
5329e14b3fbbb1e0ff9a1b3685f008d12437baf981b6f0cb5d09f3a5f229a405
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5264
Cache-Control: max-age=122439
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:58:29 GMT
Etag: "638b176c-1d7"
Expires: Mon, 05 Dec 2022 10:59:08 GMT
Last-Modified: Sat, 03 Dec 2022 09:31:24 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 14 kB IP
Hash 1701b48cd2abcf904e70c71c3fc67c12
7ae6ba17a03bc055a5cfe80b5ce94f22c148b486
2c19b6a746ec425b7262c5f906526c6dec2d8d324da49ac65f64093e8053f2cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3831
Cache-Control: max-age=121006
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:58:29 GMT
Etag: "638b176c-1d7"
Expires: Mon, 05 Dec 2022 10:35:15 GMT
Last-Modified: Sat, 03 Dec 2022 09:31:24 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3197
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sun, 04 Dec 2022 00:58:30 GMT
Connection: keep-alive
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/jquery.bxslider.min.js
200 OK 5.6 kB URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/jquery.bxslider.min.js
IP
File type ASCII text, with very long lines (19032), with no line terminators
Hash 0c1ca5375e5ba58096a34b7102c87f94
47e10944e775a170269ae30a0b9178b5952c5132
6076fd208b92b05dc735f3ed5361181d80066c34ae2d84028daac5d1906cfe8b
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/jquery.bxslider.min.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 18:38:18 GMT
etag: W/"4a58-5b3c4fb803a80-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZhaZoIpAY65Ds6V%2ByHSCK0iigxYDGUfUAzLrYWgv52CMbOSkd2c2KeeRatcvcVJ25req4ug6rH3i40%2BTMoHjyTthmmod0N1AYtB0YJCD1Svp%2BBWkZaCIw%2FMgD%2BrgcsCkAnJCDtQHKrt%2FQ3BNqJz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b988e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3197
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sun, 04 Dec 2022 00:58:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3197
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sun, 04 Dec 2022 00:58:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3197
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sun, 04 Dec 2022 00:58:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 11143
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 63107
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 11309
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 10543
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 11152
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t1vmY4fBoLpFjqHbLyMewgUrpvRjqG4QTAuA4BeB4Gl2jqbxI0gYQA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:08 GMT
age: 11302
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.banorte.com/cms/pop_up/BancoEnLinea_1280X700.jpg
200 OK 47 kB URL HTTP/2 www.banorte.com/cms/pop_up/BancoEnLinea_1280X700.jpg
IP
ASN #20940 Akamai International B.V.
File type ISO Media, AVIF Image\012- data
Hash e192b8c49b0b22bbd6265b665fd445e7
daf6584312c757f5a6ecf62c95fc70ac6e1b2e29
1d3ed3aa6562f9eac9f54adf95014bae834dcb381a3edd80de29dd67430e46c6
GET /cms/pop_up/BancoEnLinea_1280X700.jpg HTTP/1.1
Host: www.banorte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "197cf-5c94badca4dc0"
last-modified: Sat, 03 Dec 2022 20:00:07 GMT
server: Akamai Image Manager
content-length: 46676
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 04 Dec 2022 12:58:30 GMT
date: Sun, 04 Dec 2022 00:58:30 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=90
set-cookie: akavpau_www_failover=1670115810~id=ab9e64319b9353e867528c86334c8038; Path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
www.banorte.com/cms/chatbot/prodtest/newDesign/images/assets/banorte.png
200 OK 652 B URL HTTP/2 www.banorte.com/cms/chatbot/prodtest/newDesign/images/assets/banorte.png
IP
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash fb394891af1ca6e906a11dc95684e236
d10be78fad225b91dcefdfc00066c9b5407e4c0a
46a2944a01d08c0637cb8fc1ba0192805e7b30109c1913cace4c85d28224f333
GET /cms/chatbot/prodtest/newDesign/images/assets/banorte.png HTTP/1.1
Host: www.banorte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "4de-56fcb1355fd40"
last-modified: Sat, 03 Dec 2022 20:00:36 GMT
server: Akamai Image Manager
x-serial: 762
x-check-cacheable: YES
content-length: 652
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Sun, 04 Dec 2022 12:58:32 GMT
date: Sun, 04 Dec 2022 00:58:32 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1138
set-cookie: akavpau_www_failover=1670115812~id=cc97eaf64548501f6e27de294e13b20c; Path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.smooth-scroll.min.js
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.smooth-scroll.min.js
IP
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.smooth-scroll.min.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 18:43:12 GMT
etag: W/"b60-5b3c50d065000-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gob%2F4sgVeTidv9DwqLh7yLMMAhzQDuIFd5EzUYutkaAdVpk5UtM4HodG72tGLwfzpJoxNBFQqKfEmHKz%2B9c%2Bxn%2FTVVx7vSrXYPILe3V0uwW9X75HrT1CtBemjv%2BrJkZCfgPT0RYt1miktl8VX5ky"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aafed0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/cms/watson/widgetFiles/css/widgets.banorte.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/cms/watson/widgetFiles/css/widgets.banorte.css
IP
Analyzer Verdict Alert openphish Banorte
GET /cms/watson/widgetFiles/css/widgets.banorte.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: text/css
last-modified: Mon, 07 Jun 2021 11:49:02 GMT
etag: W/"4317-5c42ba0aec780-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oh6kKzzjC4quTE91JiZkI6mB8D5uHerLUXD3SM6nVmAkVXVykGCK0N3TwybKQh3yVBb7B0v0JQEPlVoOuKOdKAqIrvmzlt%2BRKrySRiecG7XI277jZ6DrUQBQjkueYeR52v3YsPoIWMoI6RNTCta"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980abff60b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/metasoluciones.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/metasoluciones.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/metasoluciones.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:38:20 GMT
etag: W/"313c-5b3c4fb9ebf00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh6KbZAwWQyDN6mM8%2BvDFq6qFsRkk%2BUEIXLAEuqVoe9PkYfnf9Fej9BcMh9xjDYkPKcl%2ByGNQmcVnqsQtTfBVzkfQ0vU9jTTEQCwB7EuteE0dwYMX6wMZKbUHDTJLAz5xQwOvhbeik1x4vAz8I4a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b58680b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/widget_carrusel_slider.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/widget_carrusel_slider.css
IP
Analyzer Verdict Alert openphish Banorte
GET /wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/widget_carrusel_slider.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: text/css
last-modified: Fri, 10 Dec 2021 13:53:58 GMT
etag: W/"17bf-5d2cb0df66980-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO2xxTcCNI7LxZE7o8rLPwj6MZMecq%2BB%2BYaimKxRI8B5%2FDuqNftd1kQjhKAhWWsJWvFuuF3k9SWzzyTf2sR5QjSxoF4cEWlJ6udm2a0HvWp64Qt29VFrkGFNcePygehIHjU19dUtPyVxjp1gKXEA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b18390b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_locatorBanorteIxe/styles/jquery.custom-select.min.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_locatorBanorteIxe/styles/jquery.custom-select.min.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/PA_locatorBanorteIxe/styles/jquery.custom-select.min.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:36:30 GMT
etag: W/"a3e-5b3c4f5104780-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z74JbQufjMqE4chOX5lAPBDv15wRTGNj%2BG8XnZsFfk4wUldMEtb%2Btfg0Pdm95W0mBOLJX6iWF47pLPSjA2%2FU4ij0D73NryPar7MsL%2FB3pAaRz8tTza8KjR7fGUS5CCl87q%2FVRQbl4GQ6bwKK4t%2F0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980abff90b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.min.js
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.min.js
IP
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.min.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 18:43:02 GMT
etag: W/"1762c-5b3c50c6db980-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vry5WCZLN3U67LNn8v1QH9KxDr3TXoocT4YlWM6qFDJB6KsnUhTvK3CMMR9Rq37lN1voNc%2BiLD%2F00W4VZk8VFazLjy72DPsU%2F%2B8A12VjAQ9T%2BI8fBo%2FfV2tT%2F7iQZXQhj1GOKoHXcZfTrQmbKLOI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aafe80b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/widget_carrusel_slider_beneficios.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/widget_carrusel_slider_beneficios.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/widget_carrusel_slider_beneficios.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:38:22 GMT
etag: W/"2438-5b3c4fbbd4380-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=va05GHVKfHSbQ4nnkK58Uvw60oWLYagMxRjaanx4Vh7shXxCQG35HEvVy%2BGN3Tt4vc%2BaWnw6WjW1nypc%2BNFpvtwpVBPrwAk8HbpcNiG7jL%2B5GhELX%2BuKbT7xCQkYUvVmll9qZikIeD5Y3tLaX%2Bpg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b988d0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/footable/css/footable.core.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/footable/css/footable.core.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/footable/css/footable.core.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:42:38 GMT
etag: W/"1605-5b3c50aff8380-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0CEdATk03bzX5r00p4TMPEDOXbQTtOBvGbp5S6axm8xWb2StXgMhbzhoGyJuGx8erWEwdXaRPDk2MTO%2BTpxh4TK6vu9zjGAPZxr7%2FkJiF3iRP9auSsbH%2BaOve2mKNjakmSSmU9N7bxttcThPTJ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aaff10b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/functions/popup-warning.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/cms/functions/popup-warning.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/cms/functions/popup-warning.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:44:08 GMT
etag: W/"6e8-5b3c5105cce00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo2bVaWdJcNVMVU8CQgFXRvJO6Vlx2PgoknEi3Zo7wy8u%2BJgV6Qcp8trMgh8T8LbXYcJl3sWK29epbNv%2FSZ2vRRlukebAdVESIAaSPS30DHsb0Kji8lohrGbwl6Wc2v6KrZsFk6FYzucvvoEZ8i%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980abff50b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/banorte/!ut/p/digest!rS9i7P6IO6UD2l4fynD2yw/sp/mashup_ra_collection.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/banorte/!ut/p/digest!rS9i7P6IO6UD2l4fynD2yw/sp/mashup_ra_collection.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/contenthandler/banorte/!ut/p/digest!rS9i7P6IO6UD2l4fynD2yw/sp/mashup_ra_collection.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:38:12 GMT
etag: W/"5be5d-5b3c4fb24ad00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0YXnJbpepD4fmLZ9yhqHs%2F7sg3gX7C7DkOx0i9%2BPkDcsd1c5InXgu9C8%2Bjx%2FCPXGkTyWDSXgILtRv%2Bx%2BMTkHn01JnB8mv%2FAB4VOFKyOsIT8ClTF2UEi51%2BSLt43RzMZ805WrVlvM7cwnmulstfy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aaff00b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_BanorteLogin/styles/widget_login_q.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_BanorteLogin/styles/widget_login_q.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/PA_BanorteLogin/styles/widget_login_q.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:39:36 GMT
etag: W/"d20c-5b3c500266a00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIBEQ9HBMuk7QWb3OUPX%2FsvFcCIqX81wuntMRj3GGNQIGC56ONbaQ0kOouKgaTPS64ugbibRtrv%2Bwre3DLLsbYEAh01LhUemkssMwtrWtCoh%2F0mgi%2BetLGOHkT0yZYjBxl%2FtNNlCF%2FCkpF1CmPBw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b082e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/carrusel_desktop.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/carrusel_desktop.css
IP
Analyzer Verdict Alert openphish Banorte
GET /wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/carrusel_desktop.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: text/css
last-modified: Fri, 10 Dec 2021 13:43:24 GMT
etag: W/"227-5d2cae82c5700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbaEeKBZDNAzIRDaXLiK1B66qLANzF%2Bc%2B4ctZhBhwpT5QtYBvOPdy4BMm7vCTdN%2FvVGaUxQ5QLbZrANCK4HeLpGiw6rRrAu85AyUPBKxwVsEtniTKcv5Iq7ulD9way%2FNMDi3QUykO6K8Yfw81Hq6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b183b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/wps/wcm/connect/banorte/b57993cc-e497-41f2-992c-b228ae7154ad/Banorte-Nomina+Seleccion-Slider2.png
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/wps/wcm/connect/banorte/b57993cc-e497-41f2-992c-b228ae7154ad/Banorte-Nomina+Seleccion-Slider2.png
IP
Analyzer Verdict Alert openphish Banorte
GET /wps/wcm/connect/banorte/b57993cc-e497-41f2-992c-b228ae7154ad/Banorte-Nomina+Seleccion-Slider2.png HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/png
content-length: 559736
last-modified: Thu, 30 Jun 2022 10:31:44 GMT
etag: "88a78-5e2a7c6aa0400"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eP1bDHrj3B7X6rFZt6yWpukw1Fz1hjMAAIqCmLeBt8Mt0dWYANCzlaK%2Bb8%2FP6pSSSbG0Rbfq1mfMn1EkdDkRa1aNT07oMaFvBPRtUoQ28DOn6HbaUeGGtYjO3epiK5QFaMNCBIWQmdnnHjRTU%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b28430b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_locatorBanorteIxe/styles/locator.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/PA_locatorBanorteIxe/styles/locator.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/PA_locatorBanorteIxe/styles/locator.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:36:30 GMT
etag: W/"14e7-5b3c4f5104780-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IcOv0ZIhstxJGS2ft0T0xGEYRGj5%2Fdwn0QnRHwuWwEOhYXYfV5tYehAKXokcnoaxeVy7Il80NSJ4kZq5pWFlUQCsOcZFV8bP%2FBlEF%2FaCzazjHiUnASuQQ2xryKQhKkY56lIZ30ur6NYQU7r%2B%2B28"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980abffb0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/desktop.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/desktop.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/desktop.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:28 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:38:14 GMT
etag: W/"1147-5b3c4fb433180-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvA7ZxNISkJlofHgD8lV%2FRqakzURpERX7BCxRXjoNB0zxS9rmc%2BT0rFKM6SV0kgdl1eIEfd7NkRJu2DFO7tJ7v8%2FGQj0APLsPJ39eYi6Osw87yKBUTXyw6FdkhAu9M44w1JThN3kSXWL8xcqfLl6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980aaff20b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/cms/scriptsHome/carrusel_home.js
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/cms/scriptsHome/carrusel_home.js
IP
Analyzer Verdict Alert openphish Banorte
fortinet Phishing
GET /cms/scriptsHome/carrusel_home.js HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 10:20:14 GMT
etag: W/"2e15-5e2a79d897380-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69klYMstDhBauVq1aIXQzFfhmB5U7zV9va%2BxXKPMugFjfPcC%2BknFxExFiR1vhSZSH6%2BTgdWqcKqmOrvncKlhvM1EKVciFx4JynURlg2AoLqcdXC5daaZOeh68Mjmn7zRWBdjM3PAZE9DQxfXNd1w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b183c0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/jquery.bxslider.css
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/jquery.bxslider.css
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/new/jquery.bxslider.css HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: text/css
last-modified: Tue, 10 Nov 2020 18:38:20 GMT
etag: W/"e43-5b3c4fb9ebf00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVhrr33TZ6DJa26qX9dYmQiwaji%2F2eVo99RbGn2w2%2BLoeSLxgnqwmU0JmvzSWEO7bS%2FhVl5t0YX6vy%2FC79DoDIzc2va%2FlyZ6htdHTLGdSwsNMVFP7swu%2FagBK8UJ5dxkS2RsTNqFVQJw9tlzCoia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740980b88880b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/b8c2cb63-5859-4dee-9a4d-1fb30ef99b50/Foto03_SinTex_770px.jpg
200 OK 0 B URL HTTP/2 wvvw-banortenx.nnxcom01.buzz/public_banorte/wps/wcm/connect/banorte/b8c2cb63-5859-4dee-9a4d-1fb30ef99b50/Foto03_SinTex_770px.jpg
IP
Analyzer Verdict Alert openphish Banorte
GET /public_banorte/wps/wcm/connect/banorte/b8c2cb63-5859-4dee-9a4d-1fb30ef99b50/Foto03_SinTex_770px.jpg HTTP/1.1
Host: wvvw-banortenx.nnxcom01.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvvw-banortenx.nnxcom01.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:58:29 GMT
content-type: image/jpeg
content-length: 207319
last-modified: Tue, 10 Nov 2020 18:35:18 GMT
etag: "329d7-5b3c4f0c5a580"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYqwp31401wpiVEgWO1mzwJYJuJh1JD8tKUd%2FHq3JKJRct8qQg12cWR5KWM4hrAod8p9b8tv6pBIQf1DbdduDnkrnIrCAFtIKWZ84WKqxcpznNi2claUZ2gQ0bu9fuEpbt%2BEQwTKdd3BaE8WOqMv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740980b78790b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
63.250.59.237
52.41.91.37
95.101.10.139
93.184.220.29
0.0.0.0