imduyv.gob.mx Open in urlscan Pro
68.65.121.216  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cutt.us/kaG4O Page URL
2. http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	kaG4O Show response cutt.us/	3 KB 2 KB	168ms 32ms	Document text/html	69.61.26.122 GLOBALCOMPASS
General Check archive.org Show headers Download Go to Full URL https://cutt.us/kaG4O Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.61.26.122 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US), Reverse DNS Software Hotcores.com / Resource Hash 588c61a23f00676877ebe19391294d510c0ebe0e3416926c5fc50ec15a3ba049 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; Charset=UTF-8;charset=UTF-8 Date Sun, 16 Apr 2023 15:13:30 GMT I-AM Beta Pragma no-cache Server Hotcores.com Strict-Transport-Security max-age=31536000; includeSubdomains; Transfer-Encoding chunked Vary Accept-Encoding X-Robots-Tag noindex, nofollow
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	77 KB 25 KB	93ms 49ms	Script text/javascript	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cutt.us URL: https://cutt.us/kaG4O Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 095b00a947e39ff2eaf6388fa4b4a47f4e4294f62f1763efc181c5e48b7ad327 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25609 x-xss-protection 0 server cafe etag 99 / 19463 / m202304110101 / config-hash: 11787412583201714567 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 16 Apr 2023 15:19:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	38ms 20ms	Script application/javascript	2607:f8b0:4006:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Requested by Host: cutt.us URL: https://cutt.us/kaG4O Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 597c432575e9111ce5768a8f6daad60a3af9f496adc2ad221752bf251210fdba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44616 x-xss-protection 0 last-modified Sun, 16 Apr 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 16 Apr 2023 15:19:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	23ms 5ms	Script text/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 16 Apr 2023 14:05:12 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4429 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Sun, 16 Apr 2023 16:05:12 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 200 B	19ms 18ms	XHR text/plain	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1475727368&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FkaG4O&ul=en-us&de=UTF-8&dt=kaG4O&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=380829716&gjid=603377861&cid=474053843.1681658341&tid=UA-31510493-1&_gid=1334041979.1681658341&_r=1&gtm=457e34c0&jsscut=1&z=1749620932 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cutt.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 16 Apr 2023 15:19:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutt.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/	400 KB 124 KB	43ms 5ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 17:34:02 GMT content-encoding br x-content-type-options nosniff age 78299 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126862 x-xss-protection 0 server cafe etag 16869941564567738629 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sun, 14 Apr 2024 17:34:02 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	29 B 574 B	58ms 21ms	XHR application/json	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32 x-xss-protection 0 expires Sun, 16 Apr 2023 15:19:01 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	44ms 26ms	Script application/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cutt.us Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	651 B 694 B	48ms 47ms	XHR text/plain	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4140328526186641&correlator=1045743073155119&eid=31072019%2C31073833%2C31073865&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=1933368604&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681658341488&lmt=1681658341&dlt=1681658341280&idt=181&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutt.us%2FkaG4O&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=474053843.1681658341&ga_sid=1681658341&ga_hid=1475727368&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 58273c51f55c256d3415aa428c3d6b5c4d50bd95ffd0aaa0870a1e9b845ceb3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 328 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutt.us cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5C2	6 KB 3 KB	58ms 20ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 16 Apr 2023 15:19:01 GMT expires Mon, 15 Apr 2024 15:19:01 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	Primary Request / Show response imduyv.gob.mx/~wp-lms.php/	587 B 680 B	159ms 74ms	Document text/html	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ Requested by Host: cutt.us URL: https://cutt.us/kaG4O Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / PHP/7.0.33 Resource Hash 88861ad753f942c86dff23c369d0ba16b1f8b7b1459f1a22a9cfb60c35c08665 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-length 408 content-type text/html; charset=UTF-8 date Sun, 16 Apr 2023 15:19:01 GMT keep-alive timeout=5, max=100 server LiteSpeed vary Accept-Encoding x-powered-by PHP/7.0.33 x-turbo-charged-by LiteSpeed
GET H2	200	sodar pagead2.googlesyndication.com/getconfig/	15 KB 12 KB	78ms 40ms	XHR application/json	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304110101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11596 x-xss-protection 0
GET H2	200	sodar2.js tpc.googlesyndication.com/sodar/	17 KB 7 KB	30ms 29ms	Script text/javascript	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cutt.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 16 Apr 2023 15:19:01 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6171	13 KB 5 KB	6ms 5ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 183381 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 14 Apr 2023 12:22:40 GMT expires Sat, 13 Apr 2024 12:22:40 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe www.google.com/recaptcha/api2/ Frame 7E7A	0 0	41ms 24ms	Document text/html	2607:f8b0:4006:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-EOjgFLZQvv-wW1lSblqNmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cutt.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-EOjgFLZQvv-wW1lSblqNmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 16 Apr 2023 15:19:01 GMT expires Sun, 16 Apr 2023 15:19:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js pagead2.googlesyndication.com/bg/ Frame 6171	36 KB 14 KB	16ms 4ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Thu, 13 Apr 2023 22:20:01 GMT content-encoding br x-content-type-options nosniff age 233940 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14294 x-xss-protection 0 last-modified Tue, 11 Apr 2023 10:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Apr 2024 22:20:01 GMT
GET H2	404	AJz0j8 cutlinks.ca/	0 0	574ms 447ms	Script text/html	190.115.26.9 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://cutlinks.ca/AJz0j8 Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.26.9 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS Software ddos-guard / Resource Hash Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; date Sun, 16 Apr 2023 15:19:02 GMT server ddos-guard content-length 0 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	index.php Show response imduyv.gob.mx/js-bFmqHuH//mobile_blue/ Frame A339	4 KB 2 KB	74ms 73ms	Document text/html	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / PHP/7.0.33 Resource Hash f1adf3bd41013e705b1257dd8478addbdc83bc1a4b1087212bcff296dbe316e1 Request headers Referer http://imduyv.gob.mx/~wp-lms.php/?url=Ly9tb2JpbGVfYmx1ZS9pbmRleC5waHA/JmFtcDtpPUZKRVZQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-length 1745 content-type text/html; charset=UTF-8 date Sun, 16 Apr 2023 15:19:01 GMT keep-alive timeout=5, max=100 server LiteSpeed vary Accept-Encoding x-powered-by PHP/7.0.33 x-turbo-charged-by LiteSpeed
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A339	30 KB 7 KB	26ms 14ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://imduyv.gob.mx/ Origin http://imduyv.gob.mx accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 951 age 30770 cdn-cachedat 04/05/2023 17:52:16 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"269550530cc127b6aa5a35925a7de6ce" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid d1d401219d7e7417e59a989f99e415ca timing-allow-origin * cdn-requestcountrycode FR cdn-status 200 cf-ray 7b8d677cadd64231-EWR cdn-requestpullsuccess True
GET H/1.1	200 OK	style.css imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame A339	1 KB 775 B	74ms 73ms	Stylesheet text/css	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/style.css Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / Resource Hash 1d309e54873d9219eec4ca63af38fdd3885de42b10aae999cf1a6bf83aa812c2 Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding gzip last-modified Sat, 12 Dec 2020 21:10:20 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 398 expires Sun, 23 Apr 2023 15:19:01 GMT
GET H/1.1	200 OK	recaptcha__en.js Show response imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame A339	343 KB 153 KB	72ms 72ms	Script application/javascript	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/recaptcha__en.js Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / Resource Hash 84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6 Request headers Referer http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Origin http://imduyv.gob.mx accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding gzip last-modified Sat, 12 Dec 2020 21:10:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 155793 expires Sun, 23 Apr 2023 15:19:01 GMT
GET H/1.1	200 OK	api.js Show response imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame A339	884 B 981 B	143ms 72ms	Script application/javascript	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/api.js Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / Resource Hash 5733efc9c2f38b7b1a2fd21a763803c14e7286a6264cb85dd117754da6680c34 Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:01 GMT content-encoding gzip last-modified Sat, 12 Dec 2020 21:10:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 590 expires Sun, 23 Apr 2023 15:19:01 GMT
GET H2	404	recaptcha__en.js www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ Frame A339	0 0	162ms 142ms	Script text/html	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://imduyv.gob.mx/ Origin http://imduyv.gob.mx accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:02 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1621 x-xss-protection 0
GET H/1.1	200 OK	anchor.htm Show response imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame 0643	21 KB 11 KB	71ms 70ms	Document text/html	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / Resource Hash edcd4c49fcb8bf04f1d999fb31c1285eeb6c5939657482019564220ae5f85c84 Request headers Referer http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 10828 content-type text/html date Sun, 16 Apr 2023 15:19:02 GMT keep-alive timeout=5, max=100 last-modified Sat, 12 Dec 2020 21:10:20 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A339	75 KB 76 KB	11ms 11ms	Font font/woff2	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Origin http://imduyv.gob.mx accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1072 age 30771 cdn-cachedat 12/25/2022 15:12:21 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid d59c3b79eec6320799a5b43ea952bfde accept-ranges bytes timing-allow-origin * cdn-requestcountrycode FR cdn-status 200 cf-ray 7b8d677d8ea64231-EWR cdn-requestpullsuccess True
GET H/1.1	200 OK	styles__ltr.css imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor_data/ Frame 0643	50 KB 27 KB	75ms 74ms	Stylesheet text/css	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor_data/styles__ltr.css Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / Resource Hash 9f7c3261df3df9aae8b6c8e4433a7ba73cedd3a1c17880764b6728a0f52980c5 Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:02 GMT content-encoding gzip last-modified Sat, 12 Dec 2020 21:10:20 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 26848 expires Sun, 23 Apr 2023 15:19:02 GMT
GET H/1.1	200 OK	recaptcha__en.js Show response imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/ Frame 0643	343 KB 153 KB	143ms 72ms	Script application/javascript	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/recaptcha__en.js Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / Resource Hash 84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6 Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:02 GMT content-encoding gzip last-modified Sat, 12 Dec 2020 21:10:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 155793 expires Sun, 23 Apr 2023 15:19:02 GMT
GET H/1.1	200 OK	x4dl7Lk5ENOB7Pbvmb3t7sJ-hPoGBwvfellrHtOoe40.js Show response imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor_data/ Frame 0643	14 KB 7 KB	150ms 75ms	Script application/javascript	68.65.121.216 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor_data/x4dl7Lk5ENOB7Pbvmb3t7sJ-hPoGBwvfellrHtOoe40.js Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm Protocol HTTP/1.1 Server 68.65.121.216 Saint Petersburg, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium41-4.web-hosting.com Software LiteSpeed / Resource Hash c78765ecb93910d381ecf6ef99bdedeec27e84fa06070bdf7a596b1ed3a87b8d Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 15:19:02 GMT content-encoding gzip last-modified Sat, 12 Dec 2020 21:10:20 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 6540 expires Sun, 23 Apr 2023 15:19:02 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 0C01	47 KB 26 KB	57ms 56ms	Document text/html	2607:f8b0:4006:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LecguUUAAAAAGcZhPKHMpRYIjyzHiOBcDt2in0X&co=aHR0cDovL2ltZHV5di5nb2IubXg6ODA.&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=invisible&cb=v5qg4ddkmsyo Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4e711ba755b21dcac232b0349a31fbc826640ee21f32162234954a272a9efca1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ARIOmHscA6m-nKtENlPz7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://imduyv.gob.mx/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 26476 content-security-policy script-src 'report-sample' 'nonce-ARIOmHscA6m-nKtENlPz7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 16 Apr 2023 15:19:02 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	404	styles__ltr.css www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ Frame 0C01	0 0	123ms 110ms	Stylesheet text/html	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LecguUUAAAAAGcZhPKHMpRYIjyzHiOBcDt2in0X&co=aHR0cDovL2ltZHV5di5nb2IubXg6ODA.&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=invisible&cb=v5qg4ddkmsyo Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers
GET H3	404	recaptcha__en.js www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ Frame 0C01	0 0	257ms 245ms	Script text/html	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LecguUUAAAAAGcZhPKHMpRYIjyzHiOBcDt2in0X&co=aHR0cDovL2ltZHV5di5nb2IubXg6ODA.&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=invisible&cb=v5qg4ddkmsyo Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers
GET H/1.1	200 OK	x4dl7Lk5ENOB7Pbvmb3t7sJ-hPoGBwvfellrHtOoe40.js Show response www.google.com/js/bg/ Frame 0643	14 KB 7 KB	26ms 18ms	Script text/javascript	2607:f8b0:4006:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.google.com/js/bg/x4dl7Lk5ENOB7Pbvmb3t7sJ-hPoGBwvfellrHtOoe40.js Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/recaptcha__en.js Protocol HTTP/1.1 Server 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c78765ecb93910d381ecf6ef99bdedeec27e84fa06070bdf7a596b1ed3a87b8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 06:02:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff Age 33375 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs Cross-Origin-Resource-Policy cross-origin Content-Length 6068 X-XSS-Protection 0 Last-Modified Fri, 09 Oct 2020 16:26:02 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="botguard-scs" Vary Accept-Encoding Report-To {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} Content-Type text/javascript Cache-Control public, max-age=31536000 Accept-Ranges bytes Expires Mon, 15 Apr 2024 06:02:47 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 0643	2 KB 2 KB	5ms 5ms	Image image/png	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: imduyv.gob.mx URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/Facebook%20Login_files/anchor_data/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer http://imduyv.gob.mx/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 05:39:05 GMT x-content-type-options nosniff age 34797 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sun, 23 Apr 2023 05:39:05 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cutt.us/	1970-01-20 20:43:38	Name: _ga Value: GA1.2.474053843.1681658341
			.cutt.us/	1970-01-20 11:09:04	Name: _gid Value: GA1.2.1334041979.1681658341
			.cutt.us/	1970-01-20 11:07:38	Name: _gat_gtag_UA_31510493_1 Value: 1
			.doubleclick.net/	1970-01-20 11:07:39	Name: test_cookie Value: CheckForPermission
			.cutt.us/	1970-01-20 20:29:14	Name: __gads Value: ID=eb8a00b4a807d0d6:T=1681658341:S=ALNI_MbLVRltueSFrEaK3kcH0WAuo2tcpA
			.cutt.us/	1970-01-20 20:29:14	Name: __gpi Value: UID=00000be300bf73b6:T=1681658341:RT=1681658341:S=ALNI_MbgVM8z9wbkVGOXqtrnP71R5HO5vw

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP(Line 40) Message: Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
network	error	URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: http://imduyv.gob.mx/js-bFmqHuH//mobile_blue/index.php?&i=FJEVP Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://cutlinks.ca/AJz0j8 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4ee504b109637d9825958404e940c5a6.safeframe.googlesyndication.com
adservice.google.com
cutlinks.ca
cutt.us
imduyv.gob.mx
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
190.115.26.9
2606:4700::6812:acf
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
68.65.121.216
69.61.26.122
095b00a947e39ff2eaf6388fa4b4a47f4e4294f62f1763efc181c5e48b7ad327
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d309e54873d9219eec4ca63af38fdd3885de42b10aae999cf1a6bf83aa812c2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e711ba755b21dcac232b0349a31fbc826640ee21f32162234954a272a9efca1
5733efc9c2f38b7b1a2fd21a763803c14e7286a6264cb85dd117754da6680c34
58273c51f55c256d3415aa428c3d6b5c4d50bd95ffd0aaa0870a1e9b845ceb3a
588c61a23f00676877ebe19391294d510c0ebe0e3416926c5fc50ec15a3ba049
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597c432575e9111ce5768a8f6daad60a3af9f496adc2ad221752bf251210fdba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6
88861ad753f942c86dff23c369d0ba16b1f8b7b1459f1a22a9cfb60c35c08665
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
9f7c3261df3df9aae8b6c8e4433a7ba73cedd3a1c17880764b6728a0f52980c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c78765ecb93910d381ecf6ef99bdedeec27e84fa06070bdf7a596b1ed3a87b8d
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
edcd4c49fcb8bf04f1d999fb31c1285eeb6c5939657482019564220ae5f85c84
f1adf3bd41013e705b1257dd8478addbdc83bc1a4b1087212bcff296dbe316e1