sop.nayarit.gob.mx Open in urlscan Pro
201.161.95.9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php
Submission: On October 25 via manual (October 25th 2023, 3:05:05 pm UTC) from IL — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 201.161.95.9, located in Mexico and belongs to Triara.com S.A. de C.V., MX. The main domain is sop.nayarit.gob.mx.
TLS certificate: Issued by R3 on October 13th 2023. Valid for: 3 months.

This is the only time sop.nayarit.gob.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Israel Post (Transporation)

Domain & IP information

	IP Address		AS Autonomous System
15	201.161.95.9 201.161.95.9		19373 (Triara.co...) (Triara.com S.A. de C.V.)
15	1

15 201.161.95.9 (Mexico)

ASN19373 (Triara.com S.A. de C.V., MX)
PTR: cust-201-161-95-9.triara.com

sop.nayarit.gob.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	nayarit.gob.mx sop.nayarit.gob.mx	110 KB
15	1

	Domain	Requested by
15	sop.nayarit.gob.mx	sop.nayarit.gob.mx
15	1

This site contains no links.

Subject Issuer	Validity	Valid
sop.nayarit.gob.mx R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php
Frame ID: FB353FB0EEBD98B68E06C5C4DE137E2B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

שירות הדואר הישראלי

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

110 kB
Transfer

184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request step.php Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/	4 KB 2 KB	1361ms 175ms	Document text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `f6dc7ad63240b8bd27ece3b5f5c454f55be3218a5b0a3a6f3b9066ff0bc066f0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 1456 Content-Type text/html; charset=UTF-8 Date Wed, 25 Oct 2023 15:04:42 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.46 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	main.css sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/	1 KB 927 B	175ms 173ms	Stylesheet text/css	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/main.css Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `592b3f903018354bf9c8466601cf513b2b4afeb8a17fc25fc1600f36d3e40c1e` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:42 GMT Content-Encoding gzip Last-Modified Sat, 23 Jul 2022 13:56:48 GMT Server Apache/2.4.46 (Ubuntu) ETag "5bb-5e4795263c800-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 592
GET H/1.1	200 OK	cora.png sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/	641 B 925 B	348ms 173ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/cora.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `bd80bbe4f601eb38a50867880a0460a940f08acbdbadfc22c38873be8be58ed6` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:42 GMT Last-Modified Sat, 23 Jul 2022 11:06:14 GMT Server Apache/2.4.46 (Ubuntu) ETag "281-5e476f0655580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 641
GET H/1.1	200 OK	post.png sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/	5 KB 6 KB	521ms 172ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/post.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `7cff082fe3676f7e02428c7d1b72b5daf671c05eb60e4e53ddd10267080111f0` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:43 GMT Last-Modified Sat, 23 Jul 2022 10:51:40 GMT Server Apache/2.4.46 (Ubuntu) ETag "153d-5e476bc4d2700" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 5437
GET H/1.1	200 OK	99.png sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/	5 KB 6 KB	533ms 178ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/99.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `32cb3c5c141802399b8c1d60bca37c971ab660f1bb22e32e7084bd4778a0a0b0` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:43 GMT Last-Modified Sat, 23 Jul 2022 11:35:36 GMT Server Apache/2.4.46 (Ubuntu) ETag "1575-5e477596b5200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5493
GET H/1.1	200 OK	t60.png sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/	57 KB 58 KB	546ms 183ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/t60.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `6dbd37899c2653b6e7ce1f32ecfd72854cf26b235e7f82e83c80397e7390791d` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:43 GMT Last-Modified Sat, 23 Jul 2022 12:19:00 GMT Server Apache/2.4.46 (Ubuntu) ETag "e546-5e477f4a13500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 58694
GET H/1.1	200 OK	jq.js Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//	87 KB 31 KB	548ms 184ms	Script application/javascript	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//jq.js Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:43 GMT Content-Encoding gzip Last-Modified Mon, 18 Jul 2022 04:32:36 GMT Server Apache/2.4.46 (Ubuntu) ETag "15d9d-5e40cdb726100-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 30905
GET H/1.1	200 OK	m.js Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//	23 KB 6 KB	372ms 183ms	Script application/javascript	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//m.js Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:43 GMT Content-Encoding gzip Last-Modified Mon, 18 Jul 2022 04:32:38 GMT Server Apache/2.4.46 (Ubuntu) ETag "5a88-5e40cdb90e580-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5877
GET H/1.1	404 Not Found	h.ttf sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/	0 0	338ms 171ms	Font text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/h.ttf Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash Request headers Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/main.css Origin https://sop.nayarit.gob.mx accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Wed, 25 Oct 2023 15:04:43 GMT Last-Modified Mon, 28 Sep 2020 19:22:54 GMT Server Apache/2.4.46 (Ubuntu) ETag "2744-5b06497d80e79" Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10052
POST H/1.1	500 Internal Server Error	spy.php Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/	0 185 B	182ms 182ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/spy.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 25 Oct 2023 15:04:43 GMT Server Apache/2.4.46 (Ubuntu) Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/	21 B 224 B	189ms 188ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `da5dc49269e8da1eb3f3c52ce65e09d8c0e7ae338775317052d34f6de3f8f7e7` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 25 Oct 2023 15:04:44 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 21 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/	21 B 224 B	180ms 180ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `b18f87f6d0d4f022712ab01afeefa3f8952a7af79ea39b4d8c03751ccefe4aab` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 25 Oct 2023 15:04:45 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 21 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/	21 B 224 B	182ms 179ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `60b6188f080b2761397501ef43754bb1490db1b4a3983383f72989f6d3bb2180` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 25 Oct 2023 15:04:46 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 21 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/	21 B 224 B	180ms 180ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `b7c98a888e638fc5362b51adf91b376af9ab57e71575e1042d35ffd05839cf05` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 25 Oct 2023 15:04:47 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 21 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/	21 B 224 B	180ms 179ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `bb7b7b5afa635cde1675e14443020ed0e42315fb6ac098ae6df8c7bb84da6030` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 25 Oct 2023 15:04:48 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=95 Content-Length 21 Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Israel Post (Transporation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| c

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/inc/h.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sop.nayarit.gob.mx/wp-admin/user/israelpost/ar/spy.php Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sop.nayarit.gob.mx
201.161.95.9
32cb3c5c141802399b8c1d60bca37c971ab660f1bb22e32e7084bd4778a0a0b0
592b3f903018354bf9c8466601cf513b2b4afeb8a17fc25fc1600f36d3e40c1e
60b6188f080b2761397501ef43754bb1490db1b4a3983383f72989f6d3bb2180
6dbd37899c2653b6e7ce1f32ecfd72854cf26b235e7f82e83c80397e7390791d
7cff082fe3676f7e02428c7d1b72b5daf671c05eb60e4e53ddd10267080111f0
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
b18f87f6d0d4f022712ab01afeefa3f8952a7af79ea39b4d8c03751ccefe4aab
b7c98a888e638fc5362b51adf91b376af9ab57e71575e1042d35ffd05839cf05
bb7b7b5afa635cde1675e14443020ed0e42315fb6ac098ae6df8c7bb84da6030
bd80bbe4f601eb38a50867880a0460a940f08acbdbadfc22c38873be8be58ed6
da5dc49269e8da1eb3f3c52ce65e09d8c0e7ae338775317052d34f6de3f8f7e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f6dc7ad63240b8bd27ece3b5f5c454f55be3218a5b0a3a6f3b9066ff0bc066f0

sop.nayarit.gob.mx Open in urlscan Pro 201.161.95.9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

110 kBTransfer

184 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

sop.nayarit.gob.mx Open in urlscan Pro
201.161.95.9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

110 kB
Transfer

184 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!