| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/ | 104.21.49.69 | 301 Moved Permanently | 0 B |
URL HTTP/1.1wvwbanortelempresas.nmxcom-as02.buzz/banortehome/ IP104.21.49.69:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /banortehome/ HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Dec 2022 23:40:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Dec 2022 00:40:38 GMT
Location: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyDpr8dST%2FD0Q5N0AN33Kng8PH8V0lBVusYfs78HeG58u1ZtUmOnLCfTUZbffz6PE2WRyavFgrVLw7W1GOqH0xUOZFjP8dEOvi9mX3LkxcYFsQ%2BEbzZTY9v%2Bg%2BItWXOi%2FpWvWMhsbZNWe3%2FFnZGtinfsvBUrusc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dcb4274d28b4f9-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb8fbcd7ca1a893d05677318a8a198e7a 0851654c21f6e3741887e7deab8098c1dc56f33c edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3272
Expires: Fri, 23 Dec 2022 00:35:11 GMT
Date: Thu, 22 Dec 2022 23:40:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbbea1550fedd5eb9c265712fab75b137 2c2f981747898a380265f766345f2bb9c8c983fd c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4937
Expires: Fri, 23 Dec 2022 01:02:56 GMT
Date: Thu, 22 Dec 2022 23:40:39 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 22:46:05 GMT
content-type: application/json
age: 3274
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash32167242c3bbe7e45a2a865279df94a6 d03436f418ff77d50a553daa892c05e0725ba908 d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3793
Expires: Fri, 23 Dec 2022 00:43:52 GMT
Date: Thu, 22 Dec 2022 23:40:39 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MFKfj7R77SIhk+TaQUM0O78v/i9wOA121da6TgtnTmDjvbSIj0yPNkklZyCEPqJty2Z5UZ+u4hw=
x-amz-request-id: 0H5MNKJWN5P75K6W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 22:55:57 GMT
age: 2682
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/BDX0wjwrNnU | 142.250.74.131 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/BDX0wjwrNnU IP142.250.74.131:0
Hash41989f22a73806c94f22d720e1fd89aa a3309184ad90d6255da392e6008f83c720dfd0b9 3c26e997ef688fa217d2fcbeb1a5b4f3594e078f3131806a3b0e88e3d05b3815
POST /s/gts1p5/BDX0wjwrNnU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/BDX0wjwrNnU | 142.250.74.131 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/BDX0wjwrNnU IP142.250.74.131:0
Hash41989f22a73806c94f22d720e1fd89aa a3309184ad90d6255da392e6008f83c720dfd0b9 3c26e997ef688fa217d2fcbeb1a5b4f3594e078f3131806a3b0e88e3d05b3815
POST /s/gts1p5/BDX0wjwrNnU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/cms/Inklusion/Banorte-Icono-Navegacion-incluyente.png | 104.21.49.69 | 200 OK | 479 B |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/cms/Inklusion/Banorte-Icono-Navegacion-incluyente.png IP104.21.49.69:0
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Hashff40e1ca2aa6e5191f86090f9fa3f436 c72ec1e1baac55265dece9789ac934b1eb0a8499 3468b7900ca3ca1a266807c529f9352166b2c7824e9ba1b3e46a915074d5423a
GET /banortehome/public_banorte/cms/Inklusion/Banorte-Icono-Navegacion-incluyente.png HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: image/png
content-length: 479
last-modified: Sun, 04 Dec 2022 18:32:44 GMT
etag: "1df-5ef04cbf08b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RK38CgU35ZSmdZHxVy2X5OEE4T8ZLOtVADyDKUw75ifX0Hl9foQ3vw9N35HwVn3dGxg6mEHKscSH5HefXnw2JivhL4MXvpziAE95JphyvhF2cG30AWKGOtDGtuKxcugyQFEagXE%2B7TiR7mbNYV5P%2F7tJIk06IUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dcb42b0f3eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/slick.js | 104.21.49.69 | 200 OK | 14 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/slick.js IP104.21.49.69:0
File typeASCII text, with CRLF line terminators Hashc18370b8e742a09ca84c928c9398ba8c b395b6c4f52c421e2d6b7019303f4dbbdfe244f6 4ccb45f02a4b24e62a45288dbff8e831cba434d8d517888f9a2e0defed1269d7
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/slick.js HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"11c24-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNdi%2FtH%2BFNmaCVabYfHw%2BSL1o%2FKEFEbuA2oq%2BfuP7NlrKDKERrMhQT4ue5fd0Zu2PkKHT8gHJM%2B%2BWezpTZD7pd0jDaBdhtz4HAEX8TrqG74b69Lrqgz88EEyXm8jvnbBY%2Bc%2FOMbF4hOOuwOWxyw7JdjQZaBa4MI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aef0db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.ui.touch-punch.min.js | 104.21.49.69 | 200 OK | 3.8 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.ui.touch-punch.min.js IP104.21.49.69:0
File typeASCII text, with very long lines (997), with CRLF line terminators Hash4b95ef44ab63fe1aa978eec786fe1403 368e524006d6a01564d8b9d7b81eb0fa95a812fb 59eaf899efcbb80a5bb804236b94dab8e1e121b19802dba83b30b0e2f3834926
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.ui.touch-punch.min.js HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"4ae-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZTlbq9aP9U32HkO%2F83wBdPRA3oNS0XWQL5%2BxyItXRe2MS4PS3Vn6TwGrVrLneYI3Qws2qfCyt1qLecFMsUEQAv2BY6yIuEZbmkWsHoamTN2YrZSX76BCMm%2F%2FMysMZJAq%2B18l3sYvknYBFSMakTUGsLudmyUOYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aef08b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.smooth-scroll.min.js | 104.21.49.69 | 200 OK | 3.9 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.smooth-scroll.min.js IP104.21.49.69:0
File typeASCII text, with very long lines (2912), with no line terminators Hashe2df1b7f55a07cd45fd78728cfcf2a68 a98137743e10d32b24a766074eb693b86f0d603f 5d7b4deae8a053b0bbd892b162b323795e33ef3f2654dcfc629ca8909a5a23ad
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.smooth-scroll.min.js HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"b60-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1qHwQWUShrtamAHFlJW84KWFdjVrXmZbGYZiPW1h04Vc9zoCmqGDPqL4FrrXfBL4LppvZu1Vx6XCQXIpzgZRnv4Zj04mCnCBKdBlhJdcjDmO2gqamYVw2BG55KJfRTLIa6bMiWtNnA4SqeQK38EOsKs0N%2BXmzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aef09b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/footable/css/footable.core.css | 104.21.49.69 | 200 OK | 5.2 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/footable/css/footable.core.css IP104.21.49.69:0
File typeASCII text, with CRLF line terminators Hash20805853d5a228548d106209290440b1 dea7b20c896a7a6221c500b0cfa2c8f5f978d3b6 8a07f3463d56734c01054cd0cb64056cf4af44974435fa8f3706307734f35e07
GET /banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/footable/css/footable.core.css HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"1605-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HByzCCh2UT0VvUYlD0VtWSKo%2Brwd4XozN8qXbyWY03BGXn6yaxImlx1uRToUkKvVOp0DN9HMU77IKfpHyJnycT78UijLTN1yT3jGA%2BSs76aXIwOCG5n3kojAqgYnNZzS6o2kTFstDQ6xbhYmtmcrLuWnVc5uoko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aef1db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/PA_locatorBanorteIxe/styles/jquery.custom-select.min.css | 104.21.49.69 | 200 OK | 9.4 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/PA_locatorBanorteIxe/styles/jquery.custom-select.min.css IP104.21.49.69:0
File typeASCII text, with very long lines (2564), with CRLF line terminators Hash0aa0dc993cdc53d3739cc4ba37296649 e5b2c9a9b6ae5ae8131c911bb3623f097a2e58bd 6ab233b74855e541a90536f2e2659dca36617ea9cf43df9e74e37a64773f6af4
GET /banortehome/public_banorte/wps/PA_locatorBanorteIxe/styles/jquery.custom-select.min.css HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 18:32:44 GMT
etag: W/"a40-5ef04cbf08b00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0J%2BH7%2FfPBUs7fyVggi8LNYwfg9RamZkrwTPaN2Bi0vGiCc8U3uplNyyZT3W73ipXJdWzTDpNYDIHJM%2FG6nucLcCQ0k5Tm52pfktn7VtM3OGD%2F83oHEUAmmMntj%2BA7uXgYzlr%2BgxUIP%2FExO51H7g4tUPg16B9WQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42b0f44b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/GFBanorteResponsivoTheme/themes/html/GFBanorteResponsivoTheme/js/pgwslides.min.js | 104.21.49.69 | 200 OK | 3.5 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/GFBanorteResponsivoTheme/themes/html/GFBanorteResponsivoTheme/js/pgwslides.min.js IP104.21.49.69:0
File typeHTML document, ASCII text, with very long lines (13198), with no line terminators Hashb745a5f3a6d3faebb396c73fd2ce3c46 9d1020109a511dd0528f4063fef49c2b2db79ceb 24d115521ead94e7e59f0c9861f131c36c168e26b2bb7ea3ea9e8e018bd5b381
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /banortehome/public_banorte/GFBanorteResponsivoTheme/themes/html/GFBanorteResponsivoTheme/js/pgwslides.min.js HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"338e-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgSDdJ3SY2PvD%2FfulH6ddQKt3jsp7G78KUc5HRnzjI%2BMiRDG7si0mozS1%2FAouaLZA954jZ24CxyAiW97F3JAzEyJ3BSOmEVbGpZ0SC0nnOiiWB7UMkuQ0e1diRHaSxmSiqJpV1o2lht17AOqnoJXXOYcIfH68VI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aef0fb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/cms/watson/widgetFiles/css/widgets.banorte.css | 104.21.49.69 | 200 OK | 5.6 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/cms/watson/widgetFiles/css/widgets.banorte.css IP104.21.49.69:0
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash1330b9fd3ea5db34ee2818f98f04a10c 7995c7c52c2902d59e242a1a4643ca5b7a31fbef d4acb24f6142a7eae1f538e63016b99986a97f8b2b7e17b28cbf67fe4d9e1f88
GET /banortehome/cms/watson/widgetFiles/css/widgets.banorte.css HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"4317-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0%2Bm2LZe2dYjiQByz%2FNBfLfmeyfHx37LQuhbg33qe3laoNnkl4OmKXMWmuxVFvjekJoUyCPFrrZNC440lXpim9YfrT9IZqRHbYGjhtJ2bjILajAUZHPKVM1LOe6XnU2pyUCIUAkPAWAZecn%2FYpsQ6TVNSIJhLIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aff2fb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/cms/functions/popup-warning.css | 104.21.49.69 | 200 OK | 1.4 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/cms/functions/popup-warning.css IP104.21.49.69:0
File typeASCII text, with CRLF line terminators Hash687cd242e41358acc631ddc34b12a636 6ee8257742efb1175e4b7c7ef3e61c7114cc9092 166fe644f1da99482e7d1c1b6de710f6128eb769afcc80342fde640a5ccca91c
GET /banortehome/public_banorte/cms/functions/popup-warning.css HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 18:32:44 GMT
etag: W/"73a-5ef04cbf08b00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6eM10usnun1o9A7qg7QXqdAlkXNO7rcc9skkVIISt7HqI9FYMYGSk8z4pxJU7MYhONRgD9VZmqk8SaPAyUM2U2GVeMbckKsIQteOWXYgFellYYGlcc9aRyvxuU0ESK%2B28CEIrsiuxxW3qAISlLzo161wGZlzZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aff2db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/desktop.css | 104.21.49.69 | 200 OK | 535 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/desktop.css IP104.21.49.69:0
File typeASCII text, with CRLF line terminators Size535 kB (535079 bytes) Hash08cb0fb6b2b0e6dc90f013b131c6372f 4185a15993ecd841580c300f630084498d711cf1 f01ca274f5d997dc0da56f30a7b964edbc3572f9c3913ab2c80d2f34a7af1347
GET /banortehome/public_banorte/wps/contenthandler/dav/fs-type1/themes/BanorteResponsivoTheme/css/banorte/desktop.css HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 18:32:44 GMT
etag: W/"1147-5ef04cbf08b00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlLAVLnE%2B%2BcJBRgLrr3FW2kjQnvWURUbHMv3d9QtzJs4FNz4cvN3HeglCI9GqetZx3OMy55qYYpzaUi9vWz9LwrLtKgpMXNLyr45%2F8oqIfauF57FjrJAtjqoFXQ83Ae7WXGhOMQZ9gqn1SG96td9cPcchpXOs6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aef22b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash709454b3ea845b802a8f520e80539b62 421e020f808dbf46345a50e2a864cb17f5c767c4 32e123deb308fdaa77148993b3e46e9e641940fa7c61801b8629c182546a0db6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4241
Cache-Control: max-age=126083
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:40:40 GMT
Etag: "63a423ea-1d7"
Expires: Sat, 24 Dec 2022 10:42:03 GMT
Last-Modified: Thu, 22 Dec 2022 09:31:22 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash709454b3ea845b802a8f520e80539b62 421e020f808dbf46345a50e2a864cb17f5c767c4 32e123deb308fdaa77148993b3e46e9e641940fa7c61801b8629c182546a0db6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4461
Cache-Control: max-age=126303
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:40:40 GMT
Etag: "63a423ea-1d7"
Expires: Sat, 24 Dec 2022 10:45:43 GMT
Last-Modified: Thu, 22 Dec 2022 09:31:22 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.min.js | 104.21.49.69 | 200 OK | 249 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.min.js IP104.21.49.69:0
File typeASCII text, with very long lines (32086), with CRLF line terminators Size249 kB (249078 bytes) Hash3f9d0145b01015f4f4954d91a709e16d fe712b325cdf3b3b67cf03ce130609fc7b0ed8ba 2f2e9934821dc3becde2578f4f3a25722744ec4bab052b75782f92cb44bf7a91
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery.min.js HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"1762c-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCq47mJUYi0RJ%2BJKtK5C3MBeIZ9Ppdm3jxkFwTu1mAWvf7fQT%2FwKaIa4%2BYYlnVLP1ccXlbt6Zgcmnb8o%2BEzsFB3Molx0335y%2BtjRGqli3nzF3vPiNjKKCe23oGCHqZoDHJqiz3DkedRQjv608ziuVH%2BSdtT8FJQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42adefab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery-ui.min.js | 104.21.49.69 | 200 OK | 125 kB |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery-ui.min.js IP104.21.49.69:0
File typeASCII text, with very long lines (32119), with CRLF line terminators Size125 kB (124816 bytes) Hashb7f3621784af588465026be5ebbb375c 4821234ad04403097cfd52be831d62181e971e0f 425f59f24ea9a6ad4d895f5e91c5957f3baf25d1b2b17349472b49d98b0c7daf
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /banortehome/public_banorte/BanorteResponsivoTheme/themes/html/BanorteResponsivoTheme/js/jquery-ui.min.js HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 18:32:42 GMT
etag: W/"3a2f6-5ef04cbd20680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xaP4N8kWMTruwBmQ%2B4UgNhEKhJCz9AVOC0v2hy5dvZtHRJRVF0ca4QkT9wMZs85deqY3cvMkhIsEPTfQ2NPl5VLJ9ocQYFO4TbbRV1B5NtBFLgso4%2BQdzuZHht7gAG29Qmmx%2FJNaQW%2FAltKCBo8GD8Woi7HlME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42adefcb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 23:33:24 GMT
age: 436
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash70a7b165f99b2b8fa0dc98318a7158d7 4d924f7febab9c8fe3fe9199e8879fd6ad892575 c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3454
Cache-Control: max-age=123824
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:40:40 GMT
Etag: "63a41e2a-1d7"
Expires: Sat, 24 Dec 2022 10:04:24 GMT
Last-Modified: Thu, 22 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
|
|
| www.banorte.com/cms/chatbot/prodtest/newDesign/images/assets/banorte.png | 23.36.79.43 | 200 OK | 3.3 kB |
URL HTTP/2www.banorte.com/cms/chatbot/prodtest/newDesign/images/assets/banorte.png IP23.36.79.43:0 ASN#20940 Akamai International B.V.
Hash5f85c56c83c1c55c14069b477d28d808 a622673fa0314d631963825f30ec7b64d9c11a13 960cc8d5063ae0b8f09be1a67b588bbdf94565f8048fa3a6193d664fc2189b83
GET /cms/chatbot/prodtest/newDesign/images/assets/banorte.png HTTP/1.1
Host: www.banorte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "4de-56fcb1355fd40"
last-modified: Thu, 22 Dec 2022 20:01:22 GMT
server: Akamai Image Manager
content-length: 652
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Fri, 23 Dec 2022 11:40:40 GMT
date: Thu, 22 Dec 2022 23:40:40 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: akavpau_www_failover=1671752740~id=a3b25509bb5417cea42c51644434349e; Path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| www.banorte.com/cms/pop_up/BancoEnLinea_1280X700.jpg | 23.36.79.43 | 200 OK | 47 kB |
URL HTTP/2www.banorte.com/cms/pop_up/BancoEnLinea_1280X700.jpg IP23.36.79.43:0 ASN#20940 Akamai International B.V.
File typeISO Media, AVIF Image\012- data Hashe192b8c49b0b22bbd6265b665fd445e7 daf6584312c757f5a6ecf62c95fc70ac6e1b2e29 1d3ed3aa6562f9eac9f54adf95014bae834dcb381a3edd80de29dd67430e46c6
GET /cms/pop_up/BancoEnLinea_1280X700.jpg HTTP/1.1
Host: www.banorte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "197cf-5c94badca4dc0"
last-modified: Thu, 22 Dec 2022 20:00:04 GMT
server: Akamai Image Manager
content-length: 46676
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Fri, 23 Dec 2022 11:40:40 GMT
date: Thu, 22 Dec 2022 23:40:40 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: akavpau_www_failover=1671752740~id=a3b25509bb5417cea42c51644434349e; Path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.148.69.31 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.69.31:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DZpl4JwNjVqgpm8pfwvbFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R03SeeU38NvHExNF10WyHKw1Sbk=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashfc328f2e44d4ac962c03be665dbf6436 7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe 7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5432
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 23:40:42 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash86c588ce8a5cde9b24e6f80343cf7c14 014622b9d2cac3527649ed02a7615897d08e5fe8 2ca9290c5c7ce52bd26e94c37c73a3e85a3cd22f80c39f447ea6fa0eb83f1766
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 865fc5a0-a122-4625-bc1c-a7ed04fbdb1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhcOAHfDIAMFR3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3a726-183035205ffc38482c286a4b;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 00:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hnYExdSSesGisF7bfrDfSNapm3ABFi5zaXbomSOhH3-wfTdADjViTg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 16:15:14 GMT
age: 26728
etag: "014622b9d2cac3527649ed02a7615897d08e5fe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e289df1-a1b6-4a7a-a3f0-0326ee48b354.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e289df1-a1b6-4a7a-a3f0-0326ee48b354.jpeg IP34.120.237.76:0
Hashfa501c82583ff22b2f7b0e3e794d12c4 a42de18920a0a60909375b796f4f02af984a943a 23a5e0334c315a640a35a5533db7197cce23c20cfca815288ef545d269d58d08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e289df1-a1b6-4a7a-a3f0-0326ee48b354.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8628
x-amzn-requestid: bf74fd40-dfac-4565-8e8d-a79bdaf4e1ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJpaHvTIAMF9ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebca2-29fa0add445d8e0d1691645d;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:22 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: v_cc-cskoH2Fd8guDwxt7OhXQozpMVr77b5YvSz5q3NQidTA3R5B2g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 05:48:09 GMT
age: 64353
etag: "fcecaab531e403f8d5912cf29d977e549f96765b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe832123ea0c92a446b5894e75efc86ae bb438ca635b43819701067ef07a3d910ad29a0c7 e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: c3930b44-f511-481e-9243-1e41542c5453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUqqEcwoAMFa6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce44-15ae4def22a8ffbe1df7766d;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7bK6kvmV0u8DGj-ffqbz4MJY5nJ29fOjRa7zY3E-_wH2c4ml-acERQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:36 GMT
age: 7326
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg IP34.120.237.76:0
Hash7be9d240dc2048c9ffe20227c3086e4c ab1ff4d7fdb301bebd24ccb9d68198471f742aae 0e4d07620c0a8fcb2c94d493419aad1f552b000a06d087f7f40e0a5b5ee5085f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 0f18f9e7-c8b3-4250-8156-96d3ea8a9749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVuQE5fIAMFeXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a40327-520100d2431fabd14317afe3;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wlbsFRA9RE58p9RSkKdnQmVE8niEiqJw4STrdtsq5ApmyB35htcJtA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 07:13:54 GMT
age: 59208
etag: "233988de2b66d8d97e0f21cbd1a182a9b4bd162f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg IP34.120.237.76:0
Hashc7ca3072b1aaf8781e64c756049527d1 1b936784a6b80c10417676b9f5cb28a41b96b1e7 e350fe934b848004ed75502268c05fa8621adf2cadf624a350676768fc5c7801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8732
x-amzn-requestid: 25cbd9e6-ad97-4369-a02c-e740030b437c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: defNLECQIAMFiQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a278ba-4e1a2cd801c389584e320ffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qHW93j1deKtsnRU5YYgcKJEJJfWQrYE85yG_4y9M1ECrfLtaiSYxiA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 03:14:16 GMT
age: 73586
etag: "c2c523d207935363931aa17cd9aaabb9a48c28a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfcdd5fc33823bcbfee082a3c0f2b083a ed38fa97bee58621ef44a2ea6fbe4c291a12e12e 0ef1916483458d2c629077614f5ba5ea268c85679e60e8e14c7d4ca4993b674a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5642
x-amzn-requestid: e4e58ace-9158-4419-b3da-ed0e5502fdd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJviFUAoAMFifg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcc9-1c38199e663a289b775de5df;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:10:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrKTso9Ew9gzmJSilPJfvh1VkrxZyoDiTvakJOn7exvwnhfXHd_Srw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 06:14:29 GMT
age: 62773
etag: "ed38fa97bee58621ef44a2ea6fbe4c291a12e12e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/contenthandler/banorte/!ut/p/digest!rS9i7P6IO6UD2l4fynD2yw/sp/mashup_ra_collection.css | 104.21.49.69 | 200 OK | 0 B |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/contenthandler/banorte/!ut/p/digest!rS9i7P6IO6UD2l4fynD2yw/sp/mashup_ra_collection.css IP104.21.49.69:0
GET /banortehome/public_banorte/wps/contenthandler/banorte/!ut/p/digest!rS9i7P6IO6UD2l4fynD2yw/sp/mashup_ra_collection.css HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 18:32:44 GMT
etag: W/"5ed0a-5ef04cbf08b00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T70YSEttFa6pT1ASbz6ZLNC80k0K%2FPccLtLoVgRnfJ7lzTfDHsD8T7HwjL39abA6Q2dlJBS9GmJo4i6GqKmPHytTa%2BMATFgWIEeDNU1M%2FUA1GNLLk%2Bn43ocs8I2bu9hsjZStpUCEbpDLEvXq6yTk0%2ForbLdYxq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42aef14b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/ | 104.21.49.69 | 200 OK | 0 B |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/ IP104.21.49.69:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.buzz domain |
GET /banortehome/ HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1vvwb%2Ft9SraaXpHHx9CtFD6iRLZSETqXGMcIgXK8IRDkzUABqiDztEHjSPRG%2F%2BJEjweG7MNZD9wYJy3TNZ%2BoAuGawu%2FzH3m%2B3QW1GrjYkOmaXkFeEcrMOA8qPPHPejSejX8LfAuo%2Fq%2Bkwjsm9B4sHKLYV1roDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb4295db9b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/PA_locatorBanorteIxe/styles/locator.css | 104.21.49.69 | 200 OK | 0 B |
URL HTTP/2wvwbanortelempresas.nmxcom-as02.buzz/banortehome/public_banorte/wps/PA_locatorBanorteIxe/styles/locator.css IP104.21.49.69:0
GET /banortehome/public_banorte/wps/PA_locatorBanorteIxe/styles/locator.css HTTP/1.1
Host: wvwbanortelempresas.nmxcom-as02.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wvwbanortelempresas.nmxcom-as02.buzz/banortehome/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:40:39 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 18:32:44 GMT
etag: W/"14e7-5ef04cbf08b00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AIcNbz%2BpwUG9E2rUP8W4nryb1dI2d2unwAdfPjdnBwQn%2FH5KYswcJBfBJHaGlJSHIPDzP%2BfW5iCJSwuMiFEUZ9abf926k5nzPjkm7O8WuLAbEsjlrvsT33lxz2L5wR%2FACkZBD16RHW70cF6yugd%2F9hoPSDYU2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dcb42b0f48b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|