limalamalaultimadefensa.com.mx Open in urlscan Pro
108.179.194.88 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://l.e.expansion.com/rts/go2.aspx?h=1472587&tp=i-1NGB-A5-b00-1YXgaC-6v-X6KL-1c-1D5I0b-lAXcqWepVc-1yosex&pi=X3ChywZXQm...
Effective URL:
https://limalamalaultimadefensa.com.mx/atop/?*=javiercastro@fcv.org
Submission Tags: falconsandbox
Submission: On August 27 via api (August 27th 2024, 12:09:31 pm UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 108.179.194.88, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is limalamalaultimadefensa.com.mx.
TLS certificate: Issued by R11 on August 22nd 2024. Valid for: 3 months.

This is the only time limalamalaultimadefensa.com.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	62.27.116.25 62.27.116.25	12312 (ECOTEL) (ECOTEL)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	108.179.194.88 108.179.194.88	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
9	3

1 62.27.116.25 (Duisburg, Germany) 1 redirects

ASN12312 (ECOTEL, DE)
PTR: rts.ccmp.eu

l.e.expansion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

xbggjsq8u9ulpix.praquas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.179.194.88 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: mco22.prodns.mx

limalamalaultimadefensa.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	limalamalaultimadefensa.com.mx limalamalaultimadefensa.com.mx	187 KB
2	praquas.com xbggjsq8u9ulpix.praquas.com	2 KB
1	expansion.com 1 redirects l.e.expansion.com	235 B
0	agrohurt.com Failed mail.agrohurt.com Failed
0	Failed function sub() { [native code] }. Failed
9	5

	Domain	Requested by
5	limalamalaultimadefensa.com.mx	limalamalaultimadefensa.com.mx
2	xbggjsq8u9ulpix.praquas.com
1	l.e.expansion.com	1 redirects
0	mail.agrohurt.com Failed
0	invalid Failed	limalamalaultimadefensa.com.mx
9	5

This site contains no links.

Subject Issuer	Validity	Valid
praquas.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
limalamalaultimadefensa.com.mx R11	`2024-08-22` - `2024-11-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://limalamalaultimadefensa.com.mx/atop/?*=javiercastro@fcv.org
Frame ID: 4DA41E0C61586A7942C6BE4AA75603E3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zimbra Web Client Sign In

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

188 kB
Transfer

250 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://l.e.expansion.com/rts/go2.aspx?h=1472587&tp=i-1NGB-A5-b00-1YXgaC-6v-X6KL-1c-1D5I0b-lAXcqWepVc-1yosex&pi=X3ChywZXQmNE8VeceGHlfotAef21gDzbhSQg1vZMQMU&x=xBgGjSq8u9UlpIX.praquas.com%2Fabs%2Frp%2FxBgGjSq8u9UlpIX%2FamF2aWVyY2FzdHJvQGZjdi5vcmc%3D HTTP 302
https://xbggjsq8u9ulpix.praquas.com/abs/rp/xBgGjSq8u9UlpIX/amF2aWVyY2FzdHJvQGZjdi5vcmc=

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	amF2aWVyY2FzdHJvQGZjdi5vcmc= Show response xbggjsq8u9ulpix.praquas.com/abs/rp/xBgGjSq8u9UlpIX/ Redirect Chain https://l.e.expansion.com/rts/go2.aspx?h=1472587&tp=i-1NGB-A5-b00-1YXgaC-6v-X6KL-1c-1D5I0b-lAXcqWepVc-1yosex&pi=X3ChywZXQmNE8VeceGHlfotAef21gDzbhSQg1vZMQMU&x=xBgGjSq8u9UlpIX.praquas.com%2Fabs%2Frp%... https://xbggjsq8u9ulpix.praquas.com/abs/rp/xBgGjSq8u9UlpIX/amF2aWVyY2FzdHJvQGZjdi5vcmc=	0 528 B	147ms 83ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xbggjsq8u9ulpix.praquas.com/abs/rp/xBgGjSq8u9UlpIX/amF2aWVyY2FzdHJvQGZjdi5vcmc= Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b9bf3df685b03b8-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 12:09:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} refresh 0;url=https://limalamalaultimadefensa.com.mx/atop/?=javiercastro@fcv.org report-to* {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mlinR1aMjJtv4xhQ2dZu%2FnSaNsTpF0gFlCZd75v2r%2FD7I7fxD9aCqYL5lRnqdIfhsRxR8Nu41OpPPQLBhFMKtK3jc6QSXFyFhGIetycxucav24CXS1gvtMTajnGv1sbekX6YKCGH4SntuHP7HM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 Redirect headers Cache-Control private Content-Type text/html Date Tue, 27 Aug 2024 12:09:25 GMT Location https://xBgGjSq8u9UlpIX.praquas.com/abs/rp/xBgGjSq8u9UlpIX/amF2aWVyY2FzdHJvQGZjdi5vcmc= Transfer-Encoding chunked
GET H2	200	Primary Request / Show response limalamalaultimadefensa.com.mx/atop/	25 KB 7 KB	1059ms 184ms	Document text/html	108.179.194.88 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://limalamalaultimadefensa.com.mx/atop/?=javiercastro@fcv.org Protocol* H2 Security TLS 1.3, , AES_256_GCM Server 108.179.194.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS mco22.prodns.mx Software Apache / Resource Hash `acdcc4c99f86bcd99f8f67963af30b4795592feab38e8a23db7489419b36f039` Request headers Referer https://xbggjsq8u9ulpix.praquas.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-encoding gzip content-length 6989 content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 12:09:26 GMT server Apache vary Accept-Encoding
GET H3	200	favicon.ico xbggjsq8u9ulpix.praquas.com/	1 KB 1 KB	83ms 83ms	Other image/x-icon	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xbggjsq8u9ulpix.praquas.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://xbggjsq8u9ulpix.praquas.com/abs/rp/xBgGjSq8u9UlpIX/amF2aWVyY2FzdHJvQGZjdi5vcmc= User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 12:09:25 GMT content-encoding br cf-cache-status MISS last-modified Mon, 12 Aug 2024 08:18:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"47e-61f7822459e30" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2nPvqD9OxoLlrlmpnyUAuTDb3bvVaFRbGVuHjliRvcMSyoBtvdmDJi5psPxpaX9tVjXw0pmqBS7sZCSYEBALopbqfZ3CAxtE%2FhBmvZe59m85iqcyKQTdALMuV5YDCQRYRhh6axprjoXn9Fj88o%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8b9bf3e0293303b8-FRA alt-svc h3=":443"; ma=86400
GET H2	200	common,login,zhtml,skin.css limalamalaultimadefensa.com.mx/atop/index_files/	64 KB 19 KB	154ms 150ms	Stylesheet text/css	108.179.194.88 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://limalamalaultimadefensa.com.mx/atop/index_files/common,login,zhtml,skin.css Requested by Host: limalamalaultimadefensa.com.mx URL: https://limalamalaultimadefensa.com.mx/atop/?=javiercastro@fcv.org Protocol* H2 Security TLS 1.3, , AES_256_GCM Server 108.179.194.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS mco22.prodns.mx Software Apache / Resource Hash `b18c2f0129cc478b3aff2cfafd2c30df51b3c9696b64b8bc5a75dd6e45355f5c` Request headers Referer https://limalamalaultimadefensa.com.mx/atop/?=javiercastro@fcv.org User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 12:09:26 GMT content-encoding gzip last-modified Mon, 16 Aug 2021 04:45:52 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css
GET		/ invalid/	0 0

GET H2	200	new-back-ground-image.png limalamalaultimadefensa.com.mx/atop/img/	138 KB 138 KB	234ms 234ms	Image image/png	108.179.194.88 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://limalamalaultimadefensa.com.mx/atop/img/new-back-ground-image.png Requested by Host: limalamalaultimadefensa.com.mx URL: https://limalamalaultimadefensa.com.mx/atop/index_files/common,login,zhtml,skin.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.194.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS mco22.prodns.mx Software Apache / Resource Hash `18b729cd6f3dd2b5657c1680e1388b825dc2c2d1e732e03478006714ac7ebc2d` Request headers Referer https://limalamalaultimadefensa.com.mx/atop/index_files/common,login,zhtml,skin.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 12:09:27 GMT last-modified Mon, 16 Aug 2021 04:40:40 GMT server Apache accept-ranges bytes content-length 141674 content-type image/png
GET H2	200	LoginBanner.png limalamalaultimadefensa.com.mx/atop/img/	17 KB 17 KB	229ms 229ms	Image image/png	108.179.194.88 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://limalamalaultimadefensa.com.mx/atop/img/LoginBanner.png Requested by Host: limalamalaultimadefensa.com.mx URL: https://limalamalaultimadefensa.com.mx/atop/index_files/common,login,zhtml,skin.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.194.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS mco22.prodns.mx Software Apache / Resource Hash `cd9f7ba4d4b05e9fa1bbf57d12b039f7d1e61328bb1d76d3deef4c216e5ec0c5` Request headers Referer https://limalamalaultimadefensa.com.mx/atop/index_files/common,login,zhtml,skin.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 12:09:27 GMT last-modified Mon, 16 Aug 2021 04:40:40 GMT server Apache accept-ranges bytes content-length 17558 content-type image/png
GET H2	200	questionMark.png limalamalaultimadefensa.com.mx/atop/img/	5 KB 5 KB	228ms 227ms	Image image/png	108.179.194.88 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://limalamalaultimadefensa.com.mx/atop/img/questionMark.png Requested by Host: limalamalaultimadefensa.com.mx URL: https://limalamalaultimadefensa.com.mx/atop/index_files/common,login,zhtml,skin.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.194.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS mco22.prodns.mx Software Apache / Resource Hash `395b89ffffb5b6ea44d2933531396f8d2ae8ff84bae554a1c245d0777af59034` Request headers Referer https://limalamalaultimadefensa.com.mx/atop/index_files/common,login,zhtml,skin.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 12:09:27 GMT last-modified Mon, 16 Aug 2021 04:40:40 GMT server Apache accept-ranges bytes content-length 5359 content-type image/png
GET		favicon.ico mail.agrohurt.com/img/logo/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: mail.agrohurt.com
URL: https://mail.agrohurt.com/img/logo/favicon.ico

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

invalid
l.e.expansion.com
limalamalaultimadefensa.com.mx
mail.agrohurt.com
xbggjsq8u9ulpix.praquas.com
invalid
mail.agrohurt.com
108.179.194.88
188.114.97.3
62.27.116.25
18b729cd6f3dd2b5657c1680e1388b825dc2c2d1e732e03478006714ac7ebc2d
395b89ffffb5b6ea44d2933531396f8d2ae8ff84bae554a1c245d0777af59034
acdcc4c99f86bcd99f8f67963af30b4795592feab38e8a23db7489419b36f039
b18c2f0129cc478b3aff2cfafd2c30df51b3c9696b64b8bc5a75dd6e45355f5c
cd9f7ba4d4b05e9fa1bbf57d12b039f7d1e61328bb1d76d3deef4c216e5ec0c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

limalamalaultimadefensa.com.mx Open in urlscan Pro 108.179.194.88 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

78 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

3 Countries

188 kBTransfer

250 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

limalamalaultimadefensa.com.mx Open in urlscan Pro
108.179.194.88 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

188 kB
Transfer

250 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions