gobmx.icu
Open in
urlscan Pro
2606:4700:3034::ac43:ba7a
Malicious Activity!
Public Scan
Effective URL: http://gobmx.icu/
Submission: On August 28 via manual from MX — Scanned from DE
Summary
This is the only time gobmx.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: MX Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:20:... 2606:4700:20::6819:ea35 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 2606:4700:303... 2606:4700:3034::ac43:ba7a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
gobmx.icu
gobmx.icu |
2 MB |
1 |
is.gd
1 redirects
is.gd — Cisco Umbrella Rank: 95269 |
125 B |
29 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://gobmx.icu/
Frame ID: 4E5E4E1FE1D6EFEE69CB822D51071356
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
El portal único del gobierno. | gob.mxPage URL History Show full URLs
-
https://is.gd/gUjHzX
HTTP 301
http://gobmx.icu/ Page URL
Detected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
60 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: meridian finally Registroquickly boo paraassail vacunación
Search URL Search Domain Scan URL
Title: down Informaciónmarinate sobrebitterly body COVID-19
Search URL Search Domain Scan URL
Title: thankfully stadium Comunicacionessear glum yupright whereas cuddly transportes
Search URL Search Domain Scan URL
Title: and Economía
Search URL Search Domain Scan URL
Title: tax Educación
Search URL Search Domain Scan URL
Title: whoever mechanically demarcate Energía
Search URL Search Domain Scan URL
Title: psst or Identidad,blouse pasaportesnaffle overwork yfailing pfft submissive migración
Search URL Search Domain Scan URL
Title: behavior spurn innocently Impuestosuh-huh ysince contribuciones
Search URL Search Domain Scan URL
Title: throb joyously Medioprovided or exempt Ambiente
Search URL Search Domain Scan URL
Title: narrow following Programastorn sociales
Search URL Search Domain Scan URL
Title: opposite tensely duh Salud
Search URL Search Domain Scan URL
Title: sweetly Seguridad,removal legalidadstaid pfft yinwardly shyly drone justicia
Search URL Search Domain Scan URL
Title: viciously monthly gran Serviciosfrom geez financieros
Search URL Search Domain Scan URL
Title: preference osprey hence Territorioblood ywobbly gee mid vivienda
Search URL Search Domain Scan URL
Title: dissent Trabajo
Search URL Search Domain Scan URL
Title: hence duh out Turismo
Search URL Search Domain Scan URL
Title: think sand Otros
Search URL Search Domain Scan URL
Title: except Agricultura
Search URL Search Domain Scan URL
Title: serialise whoa swan Bienestar
Search URL Search Domain Scan URL
Title: trousers Comunicacionespetty shady vacantly yconcerning whoever pancreas Transportes
Search URL Search Domain Scan URL
Title: consequently knobby wallpaper Cultura
Search URL Search Domain Scan URL
Title: supposing outside Defensareappear brr Nacional
Search URL Search Domain Scan URL
Title: ick carp vice Desarrollobad anti periodical Agrario
Search URL Search Domain Scan URL
Title: ambitious split Economía
Search URL Search Domain Scan URL
Title: lanky even Educaciónloftily enumerate Pública
Search URL Search Domain Scan URL
Title: willing writhe Energía
Search URL Search Domain Scan URL
Title: pennant Funciónsince Pública
Search URL Search Domain Scan URL
Title: save polite melody Gobernación
Search URL Search Domain Scan URL
Title: untried Hacienda
Search URL Search Domain Scan URL
Title: stale withstand Marina
Search URL Search Domain Scan URL
Title: fancy kindhearted plan Mediophew yippee aw Ambiente
Search URL Search Domain Scan URL
Title: well-lit wherever stark Presidencia
Search URL Search Domain Scan URL
Title: sedately Relacionesbeautifully oof whether Exteriores
Search URL Search Domain Scan URL
Title: pension shocking poorly Salud
Search URL Search Domain Scan URL
Title: vaguely before and Trabajo
Search URL Search Domain Scan URL
Title: till notwithstanding bribery Turismo
Search URL Search Domain Scan URL
Title: binge Verclear or más
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: adrenaline CURP
Search URL Search Domain Scan URL
Title: along ride Actaastride study dekissingly nacimiento
Search URL Search Domain Scan URL
Title: temptress Recibosoftly deacidic luz
Search URL Search Domain Scan URL
Title: huzzah oh Pasaporte
Search URL Search Domain Scan URL
Title: um green how Cédulatangle tunnel now profesional
Search URL Search Domain Scan URL
Title: whoa voluntarily versus Preciolovingly flu willingness deinside woot gasolina
Search URL Search Domain Scan URL
Title: enquiry unto which Participa
Search URL Search Domain Scan URL
Title: youthfully Publicacionesthan Oficiales
Search URL Search Domain Scan URL
Title: scheme Marcovulgarise dissipate Jurídico
Search URL Search Domain Scan URL
Title: crank Plataformawhich even cautiously Nacionalbesides until larder denervously Transparencia
Search URL Search Domain Scan URL
Title: Leer más
Search URL Search Domain Scan URL
Title: miserly jaunty Portalalongside when youthfully deconventional searchingly datosmar abiertos
Search URL Search Domain Scan URL
Title: since Declaraciónwoefully carabao deinquisitively accesibilidad
Search URL Search Domain Scan URL
Title: heavily nearly energetically Avisothankfully plaintive godparent desidetrack till privacidadmastoid index integral
Search URL Search Domain Scan URL
Title: depress gender Avisodeliberately dethan ha variable privacidadwhereas angelic simplificado
Search URL Search Domain Scan URL
Title: hopelessly yowza Términospfft untrue thankfully ynot aha solidly condiciones
Search URL Search Domain Scan URL
Title: gently incompatible date Políticamockingly dedeep indeed whereas seguridad
Search URL Search Domain Scan URL
Title: boohoo Mapasnoopy because delbusk excepting elegantly sitio
Search URL Search Domain Scan URL
Title: Denuncia contra servidores públicos
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://is.gd/gUjHzX
HTTP 301
http://gobmx.icu/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
gobmx.icu/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-bdc9457c.js
gobmx.icu/assets/ |
6 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-b59dbd03.css
gobmx.icu/assets/ |
767 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
gobmx.icu/socket.io/ |
118 B 788 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Layout-6ed321a1.js
gobmx.icu/assets/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_plugin-vue_export-helper-c27b6911.js
gobmx.icu/assets/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Layout-369ad04d.css
gobmx.icu/assets/ |
43 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HomePage-3a268f3e.js
gobmx.icu/assets/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HomePage-c955018d.css
gobmx.icu/assets/ |
323 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
gobmx.icu/socket.io/ |
2 B 671 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
gobmx.icu/socket.io/ |
41 B 659 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
gobmx.icu/socket.io/ |
162 B 822 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
gobmx.icu/socket.io/ |
2 B 671 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
gobmx.icu/socket.io/ |
98 B 753 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
gobmx.icu/socket.io/ |
2 B 673 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
save-data
gobmx.icu/api/ |
736 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get-app-settings
gobmx.icu/api/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
99.svg
gobmx.icu/layout/images/ |
94 KB 28 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
100.png
gobmx.icu/layout/images/ |
355 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
123.png
gobmx.icu/layout/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
124.png
gobmx.icu/layout/images/ |
373 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
125.png
gobmx.icu/layout/images/ |
580 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get-next-domain
gobmx.icu/api/ |
0 701 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
can-active
gobmx.icu/api/ |
112 B 854 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get-settings
gobmx.icu/api/ |
128 B 868 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
logger
gobmx.icu/api/ |
0 612 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
138 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
139 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1-054738ec.svg
gobmx.icu/assets/ |
37 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0-7eeb99e9.woff2
gobmx.icu/assets/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
save-data
gobmx.icu/api/ |
724 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: MX Government (Government)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| IMask boolean| __VUE__ boolean| __vite_is_modern_browser object| __darcula_config0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gobmx.icu
is.gd
2606:4700:20::6819:ea35
2606:4700:3034::ac43:ba7a
054738ec7d89d77ef5cfbeaf156abbd925cf8819ee0104554fe318ac0709ce70
167fba43e7dbcbfbb0f441e8e3af4a36795321b0e9714cdc6624b5ddf686570e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d0e1273984b75fcf980abbfb746d76e781289544f95bd6c776a75cd9ba16c37
3284ea5af6bec55b3f44cae390748746fd93bf7d5d4226cc94e724d463b48caa
3383da948d673bab3636127152d3d8d5212d85bc553537f01554b2a829c17936
369ad04d6f2bd33bad14cc2f431945c5b407e5ec9536543968d4ecf17c848164
51c054846bbfff650b43281fbebb236d78336f8713a134543dccd3a748c74ca9
5daeab2169d51752b075bf169d0622584d7746e4c188d6d66c1027557bfb4cc9
6af090ac7fda8b6c97fa4417fadbf36333934998e5271ac524af4fcf4461281f
728cabdd9d29f807df010b119b9c0c7559de73a42ee444e09b6d6b59b29bea8a
7403a5575d45e5055afd3ed625a0a6f9f490e07a3bfaf6e3750ce9754f04cec6
753ed3938be4352b673ab93c2b0e9877002e7f5d0ea34c6157b040ec61fa678f
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
872caeedfc2bca5d0fff9123b697ec7c7f435733a12579134d2091004a3674e3
8f1ebf4ed710e132a9265e93974d1e437046b7611e61f6935eaccd3f6b87edf6
9ec6dfbdbe32940416de1598778c33db10b8939fb00b5b5fddcd30e81ab42f5c
b59dbd0303bf5398679f90fafa5df094b2f1bd691840eee12a2bd33b4c5f882b
c72fa59d7c1dd715fdc97ca288a7ca25cdeb6cf94e33f97dc3c6ae94170d584c
c955018dfe3e5865bf1d1167b43dee6fbf2487acd7545575367143e0a3347800
d940884a445c5af7ea53c4f6339691a06602086610ce39cb336a852fccac12a7
db9c7d9a966ab97800912f490a098c01809d0408560fd0a1bdafe1cf0a2c2e66
dc6eee7eea0030ad7d6c98a3397a6de006e95cfc71c387cb2e7f2fb6e4a8e002
ddea71b09b46ed686e7ffe2168aa05ee94d798444dcd857a9f659a7703dcbfe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4435f686e692e6ef48894bb54cb367406ed9d64f7dc72001766e29972475090
f0d3e3ec47f65af40cebc8c7954e62bbc51bd2938b034dc910f07f6258deba67
fdbe243705b9fbecbd55727bd02fdc592b864cdc21d8be3ca994420831a4bfb2