urlscan.io logo urlscan.io
SecurityTrails logo

imduyv.gob.mx Open in urlscan Pro
68.65.121.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://surl.li/fxqoa
Effective URL: http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
Submission: On March 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 68.65.121.216, located in New Kensington, United States and belongs to NAMECHEAP-NET, US. The main domain is imduyv.gob.mx.
This is the only time imduyv.gob.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 68.65.121.216 22612 (NAMECHEAP...)
1 190.115.26.9 262254 (DDOS-GUAR...)
5 2
Apex Domain
Subdomains		 Transfer
4 imduyv.gob.mx
imduyv.gob.mx
26 KB
1 lbz.bz
lbz.bz
199 B
1 surl.li
surl.li — Cisco Umbrella Rank: 612152
1 KB
5 3
Domain Requested by
4 imduyv.gob.mx imduyv.gob.mx
1 lbz.bz imduyv.gob.mx
1 surl.li 1 redirects
5 3

This site contains no links.

Subject Issuer Validity Valid
lbz.bz
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
Frame ID: 5CBFA2912254E7DB43236871ECC27705
Requests: 2 HTTP requests in this frame

Frame: http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//?&i=TZ0A9
Frame ID: A467FE1EB3B0EE1917A1E7073F464DDD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login into.......

Page URL History Show full URLs

  1. https://surl.li/fxqoa HTTP 301
    http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5 Page URL

Page Statistics

5
Requests

20 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

26 kB
Transfer

25 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://surl.li/fxqoa HTTP 301
    http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
imduyv.gob.mx/~wp-logs.php/
Redirect Chain
  • https://surl.li/fxqoa
  • http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
579 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed / PHP/7.0.33
Resource Hash
59c673e7388cb4446ba86e68c9dd04310c5f5c212355308f710c989ba606ac10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
405
content-type
text/html; charset=UTF-8
date
Thu, 30 Mar 2023 15:05:50 GMT
keep-alive
timeout=5, max=100
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.0.33
x-turbo-charged-by
LiteSpeed

Redirect headers

access-control-allow-headers
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b0140c6194e333c-EWR
content-type
text/html; charset=UTF-8
date
Thu, 30 Mar 2023 15:05:50 GMT
location
http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkR1LDZIpGFpMjyT3Qg3%2BBWPx31KBddsNWrnXl0aLYkidw8kAmuM6Str7XbnUwD0oJ2u7zrdS3loEG3RH%2FYn7p%2FBwlI3sUb6Ntb8Ogy6pJf6kUsRffgcl8%2FQzybadQke81g2gT2R"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.3
aYT0j6
lbz.bz/ 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lbz.bz/aYT0j6
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.26.9 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://imduyv.gob.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Thu, 30 Mar 2023 15:05:51 GMT
server
ddos-guard
content-length
0
content-type
text/html; charset=UTF-8
/
imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en// Frame A467 		1 KB
965 B 		Document
General
Check archive.org
Download Go to
Full URL
http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//?&i=TZ0A9
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed / PHP/7.0.33
Resource Hash
27326b8c4dc1a5a233d8fb0d7baffdcaa726cc6c36998fce684c00fabe24d667

Request headers

Referer
http://imduyv.gob.mx/~wp-logs.php/?url=L05FV0YvTXVzdExvZ2luLWVuLy8/JmFtcDtpPVRaMEE5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
693
content-type
text/html; charset=UTF-8
date
Thu, 30 Mar 2023 15:05:51 GMT
keep-alive
timeout=5, max=100
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.0.33
x-turbo-charged-by
LiteSpeed
header.PNG
imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en// Frame A467 		787 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//header.PNG
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//?&i=TZ0A9
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f5f94c086a3a61adf9d74034be68a6aea87bb3b6929c91c29b2c37e7274d2b0c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//?&i=TZ0A9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:05:51 GMT
last-modified
Sat, 12 Dec 2020 21:10:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
keep-alive
timeout=5, max=100
content-length
787
expires
Thu, 06 Apr 2023 15:05:51 GMT
br.png
imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en// Frame A467 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//br.png
Requested by
Host: imduyv.gob.mx
URL: http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//?&i=TZ0A9
Protocol
HTTP/1.1
Server
68.65.121.216 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium41-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
53fde1ed55d0f9d6e784cd6e88017a30b51760d521b26852700cfb665bcdd1c5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://imduyv.gob.mx/js-VeErNVE/NEWF/MustLogin-en//?&i=TZ0A9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:05:51 GMT
last-modified
Sat, 12 Dec 2020 21:10:20 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
keep-alive
timeout=5, max=100
content-length
23306
expires
Thu, 06 Apr 2023 15:05:51 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

2 Cookies

Domain/Path Name / Value
surl.li/ Name: XSRF-TOKEN
Value: eyJpdiI6IjFVTzBIdE5kUXBmV0wzNFozL0ZkbUE9PSIsInZhbHVlIjoiZWtzUFVQWjB1VHkrbnVheldIRUpKYzJTVnMzbDFCbmdremVRNnhieEU0dnJ6WUd6Q1dWdXVjUXdCV3hhUC9yZlJMcHJFSGlWT2VSa3hiT3kzM08veGlub0hqSUJCTytyQ2U0UnNUVzQrbC9seDYwenVXQndDSTN5WGwyQnRtQWEiLCJtYWMiOiJkMGM2MzFmZTRmMWQ2ZGE0Y2RlMWEzYTZjMmEwYWU1Mzc1ZTM4OTQ0N2FkZjMzNDZhNDZiY2E3Y2IwYzI1ODAyIiwidGFnIjoiIn0%3D
surl.li/ Name: surli_application_session
Value: eyJpdiI6IlZleXYyVXN1eitUeHVNdmJEc283MHc9PSIsInZhbHVlIjoiK0lrTWx1eThiRUFEaWZKQlRYWjM5SlZ3L2huay9kVHpkSWZRMEJzd0RxbGVFR0hGT0ltRTN1U0Z4bXUwNEZtRHNTSEpxdGcxdkhybE5TbUplMlg2UTJmRjlVTUtLVG81bCtGSlRRSjQyQTl2Vkw2TWU1cTc1bi9sMVFTMUxLdmUiLCJtYWMiOiJmM2RlOWIzYzk0NmM1MmJjZTdkZDE3NmE3ODViYjJmODBkZmY4ZjljYzgxYmUyNDRlMTc0YzhhODZiODgzYzkxIiwidGFnIjoiIn0%3D