urlscan.io logo urlscan.io
SecurityTrails logo

imduyv.gob.mx Open in urlscan Pro
68.65.121.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://surl.li/fzdlk
Effective URL: http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
Submission: On April 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 68.65.121.216, located in New Kensington, United States and belongs to NAMECHEAP-NET, US. The main domain is imduyv.gob.mx.
This is the only time imduyv.gob.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
4 68.65.121.216 22612 (NAMECHEAP...)
1 190.115.26.9 262254 (DDOS-GUAR...)
5 2
Apex Domain
Subdomains		 Transfer
4 imduyv.gob.mx
imduyv.gob.mx
26 KB
2 surl.li
surl.li — Cisco Umbrella Rank: 612152
2 KB
1 lbz.bz
lbz.bz
199 B
5 3
Domain Requested by
4 imduyv.gob.mx imduyv.gob.mx
2 surl.li 2 redirects
1 lbz.bz imduyv.gob.mx
5 3

This site contains no links.

Subject Issuer Validity Valid
lbz.bz
R3		 2023-04-01 -
2023-06-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
Frame ID: 5F859D7E98B6438A463C5862D2ED6B6C
Requests: 2 HTTP requests in this frame

Frame: http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//?&i=MK9J7
Frame ID: C74BAEF5F8DAFF13C67EBEAD6574549D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login into.......

Page URL History Show full URLs

  1. http://surl.li/fzdlk HTTP 301
    https://surl.li/fzdlk HTTP 301
    http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3 Page URL

Page Statistics

5
Requests

20 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

26 kB
Transfer

25 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://surl.li/fzdlk HTTP 301
    https://surl.li/fzdlk HTTP 301
    http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
imduyv.gob.mx/~wp-og.php/
Redirect Chain
  • http://surl.li/fzdlk
  • https://surl.li/fzdlk
  • http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
579 B
678 B 		Document
General
Check archive.org
Download Go to
Full URL
http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed / PHP/7.0.33
Resource Hash
cda95120bf09430afb1c826a7f5b65393489d3e10410c1102eb7a6febf224a91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
406
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 15:15:54 GMT
keep-alive
timeout=5, max=100
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.0.33
x-turbo-charged-by
LiteSpeed

Redirect headers

access-control-allow-headers
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b11ca48896567de-MIA
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 15:15:54 GMT
location
http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwKSzY7bppnmshaHMYpT2anU06oh9Q9tnILvaS97XVf7rDe%2F7G6mRqvhQhFXSlXVCR1%2BqoIztgL7xK3EXxuvx1sg7fsAV3z53RrFMJAhbl9zDhViE%2FMo6xQA4nVWgmqzXa587GwX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.3
aYT0j6
lbz.bz/ 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lbz.bz/aYT0j6
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.26.9 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://imduyv.gob.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Sat, 01 Apr 2023 15:15:56 GMT
server
ddos-guard
content-length
0
content-type
text/html; charset=UTF-8
/
imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en// Frame C74B 		1 KB
965 B 		Document
General
Check archive.org
Download Go to
Full URL
http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//?&i=MK9J7
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed / PHP/7.0.33
Resource Hash
c778c592db54d095cab21fe91a424cff2f459c9fe4bd27ee95e91f996cf4649b

Request headers

Referer
http://imduyv.gob.mx/~wp-og.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPU1LOUo3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
693
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 15:15:55 GMT
keep-alive
timeout=5, max=100
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.0.33
x-turbo-charged-by
LiteSpeed
header.PNG
imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en// Frame C74B 		787 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//header.PNG
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//?&i=MK9J7
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f5f94c086a3a61adf9d74034be68a6aea87bb3b6929c91c29b2c37e7274d2b0c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//?&i=MK9J7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:15:55 GMT
last-modified
Sat, 12 Dec 2020 21:10:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
keep-alive
timeout=5, max=100
content-length
787
expires
Sat, 08 Apr 2023 15:15:55 GMT
br.png
imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en// Frame C74B 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//br.png
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//?&i=MK9J7
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
53fde1ed55d0f9d6e784cd6e88017a30b51760d521b26852700cfb665bcdd1c5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://imduyv.gob.mx/js-IJskRTb/NEWF/MustLogin-en//?&i=MK9J7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 15:15:56 GMT
last-modified
Sat, 12 Dec 2020 21:10:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
keep-alive
timeout=5, max=100
content-length
23306
expires
Sat, 08 Apr 2023 15:15:56 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

2 Cookies

Domain/Path Name / Value
surl.li/ Name: XSRF-TOKEN
Value: eyJpdiI6IlJKZDNRNkI3YzVxa0pGbjR5bkNBc0E9PSIsInZhbHVlIjoiV3djYWZ4WWVEc3V0SHJJdUZ3WlhWbFU3QUkrWGFmekZsaVR5Rlp2RUY2QTA2VXF0ak5NM3R4b1lEcDFMdkVmazVpbzZoWlRVeFIvcGhxeFlzS3IvRXVwbitGSlFWdWdlOG5Dc015U2o3NnNqekdIbFgzVFczL0RITW01MEwxR2wiLCJtYWMiOiI5MTA3ZDFiYjVjMGQzNDMxZjg4ZDYwNTRhMGVjOTA5ZDQ2ZmZlMGM4Zjg5OWY4ODUzOWY1NzM3NDA2MzcwNzYxIiwidGFnIjoiIn0%3D
surl.li/ Name: surli_application_session
Value: eyJpdiI6Ijh6QWZUN0JnNlV6ZTdvSEd3NzlyMVE9PSIsInZhbHVlIjoiLzgzQkNhc3lzSlpWcmxtMUI4aUEwN3UyYjJPWm1MSlBWNEExckxhTHpjazl6aTZDbFgvWXJBUGJVaXZRcFQzdy8wR3RxVVdIWWxLb1lhR3JDSWYya0VCOThHbjBsMG03NFY4OVBRdTZoaTJRVXlHTnIrdWNPZlFrTVFadjhCaDkiLCJtYWMiOiI1ODA3ZDU0ZTVmNDhhNDI5YzU3ZDU4NWVmODM4YmJmNmExYzQ3ZmE5NmUwNmViNWQ1YjgzNWMxYTIzODNjMWM5IiwidGFnIjoiIn0%3D