urlscan.io logo urlscan.io
SecurityTrails logo

gruasmonterrey.com Open in urlscan Pro
169.62.170.103  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Effective URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Submission: On August 12 via api from LU — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 27 HTTP transactions. The main IP is 169.62.170.103, located in United States and belongs to SOFTLAYER, US. The main domain is gruasmonterrey.com.
TLS certificate: Issued by R10 on July 26th 2024. Valid for: 3 months.
This is the only time gruasmonterrey.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2620:0:890::100 54113 (FASTLY)
8 2606:2800:11f... 15133 (EDGECAST)
1 40.126.7.35 8075 (MICROSOFT...)
1 40.126.28.18 8075 (MICROSOFT...)
12 169.62.170.103 36351 (SOFTLAYER)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... ()
27 8
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
dseprotect.web.app
8    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    40.126.7.35 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    40.126.28.18 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
12    169.62.170.103 (United States)

ASN36351 (SOFTLAYER, US)
PTR: mail.dal-cp01.bioxnet.com
gruasmonterrey.com
2    2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:400d:c01::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:400d:c01::64 (None, )

ASN- ()
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 gruasmonterrey.com
gruasmonterrey.com
193 KB
8 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 2274
190 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
99 KB
2 live.com
login.live.com — Cisco Umbrella Rank: 37
1 google-analytics.com
www.google-analytics.com
1 gstatic.com
fonts.gstatic.com
1 web.app
dseprotect.web.app
9 KB
27 7
Domain Requested by
12 gruasmonterrey.com dseprotect.web.app
gruasmonterrey.com
8 aadcdn.msftauth.net dseprotect.web.app
2 www.googletagmanager.com gruasmonterrey.com
2 login.live.com dseprotect.web.app
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com gruasmonterrey.com
1 dseprotect.web.app
27 7

This site contains links to these domains. Also see Links.

Domain
es-la.facebook.com
twitter.com
wa.me
bioxnet.com
Subject Issuer Validity Valid
web.app
WR4		 2024-07-26 -
2024-10-24		 3 months crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-17 -
2025-05-17		 a year crt.sh
www.gruasmonterrey.com
R10		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Frame ID: B5E71F8AD7349271EFE396ED4E20CA9C
Requests: 26 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: E30AAC6F5D8ED46C319B73EF06A97ADB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Página no encontrada - Grúas Monterrey

Page URL History Show full URLs

  1. http://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1 HTTP 307
    https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1 Page URL
  2. https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

8
IPs

1
Countries

492 kB
Transfer

1875 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1 HTTP 307
    https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1 Page URL
  2. https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1 HTTP 307
  • https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
dseprotect.web.app/
Redirect Chain
  • http://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
  • https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7af06d4b2367e2c37be1882b9fd7086fe4ec502d5d0c52872fe3074326c719f4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
gzip
content-length
9125
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 00:56:31 GMT
etag
"2962a0087de51fc934a5a046d74306bae602a87eab9c7b8fe83d5893103b37ad"
last-modified
Fri, 29 Jul 2022 08:59:13 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lax-kwhp1940142-LAX
x-timer
S1723424191.430411,VS0,VE194

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Non-Authoritative-Reason
HSTS
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7A9E) /
Resource Hash
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer
https://dseprotect.web.app/
Origin
https://dseprotect.web.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:31 GMT
content-encoding
gzip
content-md5
0O2H9juGYL0zkzcYWr0NIg==
age
12058412
x-cache
HIT
content-length
19877
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 21:42:58 GMT
server
ECAcc (laa/7A9E)
etag
0x8D982C8F03AF4D4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7fe2ab04-801e-006f-2fa6-7e911b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		459 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7BC9) /
Resource Hash
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d

Request headers

Referer
https://dseprotect.web.app/
Origin
https://dseprotect.web.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:31 GMT
content-encoding
gzip
content-md5
e+GEpArZIh9idGnWSOj0zg==
age
12058412
x-cache
HIT
content-length
128665
x-ms-lease-status
unlocked
last-modified
Thu, 04 Nov 2021 21:02:14 GMT
server
ECAcc (laa/7BC9)
etag
0x8D99FD6608B3F3E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bc5b4206-901e-005a-1da6-7e3700000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7BB6) /
Resource Hash
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69

Request headers

Referer
https://dseprotect.web.app/
Origin
https://dseprotect.web.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:31 GMT
content-encoding
gzip
content-md5
GYbSFdLE8Xb9pCzSg7cJ6A==
age
12058412
x-cache
HIT
content-length
12608
x-ms-lease-status
unlocked
last-modified
Tue, 19 Oct 2021 04:06:56 GMT
server
ECAcc (laa/7BB6)
etag
0x8D992B5E417004E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
57f0c7b1-601e-0025-78a6-7e4c1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneDs_472fa3a12b65cf387ccd.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7BFD) /
Resource Hash
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6

Request headers

Referer
https://dseprotect.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:31 GMT
content-encoding
gzip
content-md5
xAmVJ4UrtXATagLD0tDXoQ==
age
12058412
x-cache
HIT
content-length
26117
x-ms-lease-status
unlocked
last-modified
Thu, 21 Oct 2021 01:02:25 GMT
server
ECAcc (laa/7BFD)
etag
0x8D9942E72241B02
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4c8f9f15-501e-007a-0aa6-7ea633000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7BF3) /
Resource Hash
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5

Request headers

Referer
https://dseprotect.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:31 GMT
content-encoding
gzip
content-md5
+lZRrDLGp8Gp/hURw2aXyQ==
age
12058412
x-cache
HIT
content-length
5386
x-ms-lease-status
unlocked
last-modified
Thu, 04 Nov 2021 21:02:05 GMT
server
ECAcc (laa/7BF3)
etag
0x8D99FD65BAB30A3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0fa407e2-301e-0050-3fa6-7e3915000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.7.35 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://dseprotect.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7A9E) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dseprotect.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:31 GMT
content-encoding
gzip
content-md5
0O2H9juGYL0zkzcYWr0NIg==
age
12058412
x-cache
HIT
content-length
19877
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 21:42:58 GMT
server
ECAcc (laa/7A9E)
etag
0x8D982C8F03AF4D4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7fe2ab04-801e-006f-2fa6-7e911b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7BB6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dseprotect.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:31 GMT
content-encoding
gzip
content-md5
GYbSFdLE8Xb9pCzSg7cJ6A==
age
12058412
x-cache
HIT
content-length
12608
x-ms-lease-status
unlocked
last-modified
Tue, 19 Oct 2021 04:06:56 GMT
server
ECAcc (laa/7BB6)
etag
0x8D992B5E417004E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
57f0c7b1-601e-0025-78a6-7e4c1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ Frame E30A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.28.18 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dseprotect.web.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=315360000
Content-Encoding
gzip
Content-Length
1399
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Aug 2024 00:56:31 GMT
Expires
Thu, 10 Aug 2034 00:56:32 GMT
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: SN1PEPF0002F179 V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
eea3f341-b741-4d91-8ad8-6b51f8106183
x-ms-route-info
C526_SN1
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (laa/7ABD) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
https://dseprotect.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 00:56:32 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
12062311
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:50 GMT
server
ECAcc (laa/7ABD)
etag
0x8D7B007297AE131
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d6ba0f5d-a01e-007d-1a9d-7e773d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request wp-blogs-header.php
gruasmonterrey.com/ 		49 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Requested by
Host: dseprotect.web.app
URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
2439dd3048f5bc4664299fbfbbf9264ec55b03be72c551fe3dad1503d7395cff

Request headers

Referer
https://dseprotect.web.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
13415
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 00:56:32 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://gruasmonterrey.com/wp-json/>; rel="https://api.w.org/"
server
Apache
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		294 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D894NBNNHQ
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3416e9e662e1be43d5542bf09dde54cbcfd472e1ccf71b0b0927ab51462ab85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gruasmonterrey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101130
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 00:56:35 GMT
style.min.css
gruasmonterrey.com/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:34 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 08:58:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14835
expires
Tue, 12 Aug 2025 00:56:34 GMT
style_20396a2d1695fa8f77ad3bad477ccc52c657b19f.css
gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style-block/ 		28 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style-block/style_20396a2d1695fa8f77ad3bad477ccc52c657b19f.css?ver=6.6.1
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
22a47ecf01769174568f33c82e50330370bde5faba74a69b5fcfa2b851cf7419

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:34 GMT
content-encoding
gzip
last-modified
Mon, 12 Aug 2024 00:12:32 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3736
expires
Tue, 12 Aug 2025 00:56:34 GMT
style_9c5f766dc7825826c99ec7b06e8b5cc601c51acc.css
gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style/ 		148 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style/style_9c5f766dc7825826c99ec7b06e8b5cc601c51acc.css?ver=6.6.1
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
a91a9a6ed5247ab9d17398ef3d8e79d53c274c5d90d9d5cdf592dddbd2cf414d

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 20:32:04 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
22951
expires
Tue, 12 Aug 2025 00:56:34 GMT
jquery.min.js
gruasmonterrey.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:34 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 22:07:56 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
30368
expires
Tue, 12 Aug 2025 00:56:34 GMT
jquery-migrate.min.js
gruasmonterrey.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:34 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 22:11:25 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4872
expires
Tue, 12 Aug 2025 00:56:34 GMT
logo-2-300x90.png
gruasmonterrey.com/wp-content/uploads/2022/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gruasmonterrey.com/wp-content/uploads/2022/10/logo-2-300x90.png
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
a827a283cccb36b47ead691caab36f8275275ea59f6b6f7332862f527dd101ca

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:34 GMT
last-modified
Mon, 17 Oct 2022 17:26:54 GMT
server
Apache
vary
Accept-Encoding,Accept
content-type
image/png
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
6848
expires
Tue, 10 Dec 2024 00:56:34 GMT
img-whatsapp.png.webp
gruasmonterrey.com/wp-content/webp-express/webp-images/themes/gruasmonterrey22/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gruasmonterrey.com/wp-content/webp-express/webp-images/themes/gruasmonterrey22/assets/images/img-whatsapp.png.webp
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
6228b8216188ede1e8709cdcc817474a7fde6d8e5db619a247a86d47abc747ec

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:35 GMT
last-modified
Thu, 13 Oct 2022 20:16:44 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=10368000
accept-ranges
bytes
content-length
2422
expires
Tue, 10 Dec 2024 00:56:35 GMT
plugins.js
gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/js/ 		151 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/js/plugins.js?ver=1.01
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
d0ba5d1f02d20d7409f3e31d26863580ffe12764b352c8a942debca91382d4af

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 16:43:16 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
42975
expires
Tue, 12 Aug 2025 00:56:34 GMT
functions.js
gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/js/functions.js?ver=1.05
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
04a5b2d81f152a14c2dae459577088fec6e086b66d08b9255e28a2a7914010c5

Request headers

Referer
https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:35 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 16:43:15 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6364
expires
Tue, 12 Aug 2025 00:56:35 GMT
gtm.js
www.googletagmanager.com/ 		176 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6WR3KGZ
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gruasmonterrey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94107
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 00:56:35 GMT
no-found.png
gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/images/no-found.png
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style/style_9c5f766dc7825826c99ec7b06e8b5cc601c51acc.css?ver=6.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
039b2787e945e99ac0499265f832622fbff3cdde0a056a0627e9471a23c926e5

Request headers

Referer
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style/style_9c5f766dc7825826c99ec7b06e8b5cc601c51acc.css?ver=6.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:35 GMT
last-modified
Thu, 13 Oct 2022 20:16:45 GMT
server
Apache
vary
Accept,Accept-Encoding
content-type
image/webp
cache-control
max-age=10368000
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
2402
expires
Tue, 10 Dec 2024 00:56:35 GMT
bg-footer.jpg
gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/images/bg-footer.jpg
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style/style_9c5f766dc7825826c99ec7b06e8b5cc601c51acc.css?ver=6.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.62.170.103 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mail.dal-cp01.bioxnet.com
Software
Apache /
Resource Hash
7e4eef3d4fd6a36b66c03335640e9c13add512bcbf18a608ef39329e00482d57

Request headers

Referer
https://gruasmonterrey.com/wp-content/themes/gruasmonterrey22/assets/css/style/style_9c5f766dc7825826c99ec7b06e8b5cc601c51acc.css?ver=6.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 00:56:35 GMT
last-modified
Thu, 13 Oct 2022 20:16:42 GMT
server
Apache
vary
Accept,Accept-Encoding
content-type
image/webp
cache-control
max-age=10368000
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
content-length
45530
expires
Tue, 10 Dec 2024 00:56:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v34/ 		7 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: gruasmonterrey.com
URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gruasmonterrey.com/
Origin
https://gruasmonterrey.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 02:30:30 GMT
x-content-type-options
nosniff
age
512765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39372
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 02:30:30 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D894NBNNHQ&gtm=45je4880v895595113za200&_p=1723424194905&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1910028307.1723424196&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723424195&sct=1&seg=0&dl=https%3A%2F%2Fgruasmonterrey.com%2Fwp-blogs-header.php%3Furl%3Dhttps%3A%2F%2Fdseprotect.web.app%2FzhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1&dr=https%3A%2F%2Fdseprotect.web.app%2F&dt=P%C3%A1gina%20no%20encontrada%20-%20Gr%C3%BAas%20Monterrey&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3043
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D894NBNNHQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::64 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://gruasmonterrey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 00:56:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gruasmonterrey.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| gtag function| jQuery function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| site object| html5 object| Modernizr function| yepnope function| Waypoint object| siteFunctions object| traslatetext function| pressed object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1723424192&co=1
.login.live.com/ Name: uaid
Value: aed197e8759149e7bda7a38136759dcd
.gruasmonterrey.com/ Name: _ga
Value: GA1.1.1910028307.1723424196
.gruasmonterrey.com/ Name: _ga_D894NBNNHQ
Value: GS1.1.1723424195.1.0.1723424195.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gruasmonterrey.com/wp-blogs-header.php?url=https://dseprotect.web.app/zhihH05ngd0TR3waH0507xriH05tintH05d0TR3wH05nZ1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
dseprotect.web.app
fonts.gstatic.com
gruasmonterrey.com
login.live.com
www.google-analytics.com
www.googletagmanager.com
169.62.170.103
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2607:f8b0:400d:c01::5e
2607:f8b0:400d:c01::64
2607:f8b0:400d:c09::61
2620:0:890::100
40.126.28.18
40.126.7.35
039b2787e945e99ac0499265f832622fbff3cdde0a056a0627e9471a23c926e5
04a5b2d81f152a14c2dae459577088fec6e086b66d08b9255e28a2a7914010c5
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
22a47ecf01769174568f33c82e50330370bde5faba74a69b5fcfa2b851cf7419
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
2439dd3048f5bc4664299fbfbbf9264ec55b03be72c551fe3dad1503d7395cff
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
6228b8216188ede1e8709cdcc817474a7fde6d8e5db619a247a86d47abc747ec
7af06d4b2367e2c37be1882b9fd7086fe4ec502d5d0c52872fe3074326c719f4
7e4eef3d4fd6a36b66c03335640e9c13add512bcbf18a608ef39329e00482d57
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11
a3416e9e662e1be43d5542bf09dde54cbcfd472e1ccf71b0b0927ab51462ab85
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69
a827a283cccb36b47ead691caab36f8275275ea59f6b6f7332862f527dd101ca
a91a9a6ed5247ab9d17398ef3d8e79d53c274c5d90d9d5cdf592dddbd2cf414d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
d0ba5d1f02d20d7409f3e31d26863580ffe12764b352c8a942debca91382d4af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855