sop.nayarit.gob.mx Open in urlscan Pro
201.161.95.9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/ipostt
Effective URL:
https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php
Submission: On August 19 via manual (August 19th 2023, 5:58:48 pm UTC) from IL — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 201.161.95.9, located in Mexico and belongs to Triara.com S.A. de C.V., MX. The main domain is sop.nayarit.gob.mx.
TLS certificate: Issued by R3 on August 14th 2023. Valid for: 3 months.

This is the only time sop.nayarit.gob.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Israel Post (Transporation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:8b41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	201.161.95.9 201.161.95.9	19373 (Triara.co...) (Triara.com S.A. de C.V.)
14	2

1 2606:4700:10::6814:8b41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 201.161.95.9 (Mexico)

ASN19373 (Triara.com S.A. de C.V., MX)
PTR: cust-201-161-95-9.triara.com

sop.nayarit.gob.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nayarit.gob.mx sop.nayarit.gob.mx	110 KB
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 18012	554 B
14	2

	Domain	Requested by
13	sop.nayarit.gob.mx	sop.nayarit.gob.mx
1	tinyurl.com	1 redirects
14	2

This site contains no links.

Subject Issuer	Validity	Valid
sop.nayarit.gob.mx R3	`2023-08-14` - `2023-11-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php
Frame ID: E694738267C07CABFFF557517EABF074
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

שירות הדואר הישראלי

Page URL History Show full URLs

https://tinyurl.com/ipostt HTTP 301
https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

110 kB
Transfer

184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/ipostt HTTP 301
https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request step.php Show response sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/ Redirect Chain https://tinyurl.com/ipostt https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php	4 KB 2 KB	1622ms 184ms	Document text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `983d2a9a4c846ee66315184165719df6b8acd37f956ac14e64510eba3c45b779` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 1458 Content-Type text/html; charset=UTF-8 Date Sat, 19 Aug 2023 17:50:08 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.46 (Ubuntu) Vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, public, s-max-age=900, stale-if-error: 86400 cf-cache-status DYNAMIC cf-ray 7f94493fcbf8bb56-FRA content-type text/html; charset=UTF-8 date Sat, 19 Aug 2023 17:58:42 GMT location https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php referrer-policy unsafe-url server cloudflare x-content-type-options nosniff x-tinyurl-redirect eyJpdiI6Im5yN1JXVmJJZHNpKzE1ZnFMZnFrTFE9PSIsInZhbHVlIjoiYzhob3RYWWJDdlZoNjdXdnE0ajArY2pTYU5QUngxTzBSMU9rRURRK2x4TjAwdDloeHdlK3BPSC91RXFEaVF6RUVzUXFhT3Jza3IxUlVNSVZ6YzgrZnc9PSIsIm1hYyI6IjY4MTJkOTRjNmQ3Y2ZlNmI0NTI4ZTk4MTAyODQ2NDk2YWM3Yjc4MjUxODM0ZDg2NDUxZTU3ZTAzZDNkNDFhMmIiLCJ0YWciOiIifQ== x-xss-protection 1; mode=block
GET H/1.1	200 OK	main.css sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/	1 KB 927 B	180ms 180ms	Stylesheet text/css	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/main.css Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `592b3f903018354bf9c8466601cf513b2b4afeb8a17fc25fc1600f36d3e40c1e` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:08 GMT Content-Encoding gzip Last-Modified Sat, 23 Jul 2022 05:56:48 GMT Server Apache/2.4.46 (Ubuntu) ETag "5bb-5e4729dc6a800-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 592
GET H/1.1	200 OK	cora.png sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/	641 B 926 B	555ms 186ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/cora.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `bd80bbe4f601eb38a50867880a0460a940f08acbdbadfc22c38873be8be58ed6` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:09 GMT Last-Modified Sat, 23 Jul 2022 03:06:14 GMT Server Apache/2.4.46 (Ubuntu) ETag "281-5e4703bc83580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 641
GET H/1.1	200 OK	post.png sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/	5 KB 6 KB	555ms 185ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/post.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `7cff082fe3676f7e02428c7d1b72b5daf671c05eb60e4e53ddd10267080111f0` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:09 GMT Last-Modified Sat, 23 Jul 2022 02:51:40 GMT Server Apache/2.4.46 (Ubuntu) ETag "153d-5e47007b00700" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5437
GET H/1.1	200 OK	99.png sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/	5 KB 6 KB	561ms 183ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/99.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `32cb3c5c141802399b8c1d60bca37c971ab660f1bb22e32e7084bd4778a0a0b0` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:09 GMT Last-Modified Sat, 23 Jul 2022 03:35:36 GMT Server Apache/2.4.46 (Ubuntu) ETag "1575-5e470a4ce3200" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5493
GET H/1.1	200 OK	t60.png sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/	57 KB 58 KB	537ms 182ms	Image image/png	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Show image Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/t60.png Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `6dbd37899c2653b6e7ce1f32ecfd72854cf26b235e7f82e83c80397e7390791d` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:09 GMT Last-Modified Sat, 23 Jul 2022 04:19:00 GMT Server Apache/2.4.46 (Ubuntu) ETag "e546-5e47140041500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 58694
GET H/1.1	200 OK	jq.js Show response sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//	87 KB 31 KB	375ms 195ms	Script application/javascript	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//jq.js Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:08 GMT Content-Encoding gzip Last-Modified Sun, 17 Jul 2022 20:32:36 GMT Server Apache/2.4.46 (Ubuntu) ETag "15d9d-5e40626d54100-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 30905
GET H/1.1	200 OK	m.js Show response sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//	23 KB 6 KB	529ms 178ms	Script application/javascript	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//m.js Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8` Request headers accept-language de-DE,de;q=0.9 Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:08 GMT Content-Encoding gzip Last-Modified Sun, 17 Jul 2022 20:32:38 GMT Server Apache/2.4.46 (Ubuntu) ETag "5a88-5e40626f3c580-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5877
GET H/1.1	404 Not Found	h.ttf sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/	0 0	344ms 177ms	Font text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/h.ttf Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash Request headers Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/main.css Origin https://sop.nayarit.gob.mx accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 17:50:08 GMT Last-Modified Mon, 28 Sep 2020 19:22:54 GMT Server Apache/2.4.46 (Ubuntu) ETag "2744-5b06497d80e79" Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10052
POST H/1.1	500 Internal Server Error	spy.php Show response sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/	0 185 B	183ms 183ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/spy.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sat, 19 Aug 2023 17:50:09 GMT Server Apache/2.4.46 (Ubuntu) Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/	21 B 224 B	182ms 181ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `1f7830bfae8025ed671493fddb450146268b8176290f343ee30bfcdc893d34fe` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sat, 19 Aug 2023 17:50:10 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 21 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/	21 B 224 B	178ms 178ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `05de1456fad8a839516d9846f6c98072c165573ea02193b2498042fd8d1c4661` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sat, 19 Aug 2023 17:50:11 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 21 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	date.php Show response sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/	21 B 224 B	182ms 182ms	XHR text/html	201.161.95.9 Triara.com S.A. d...
General Check archive.org Show headers Download Go to Full URL https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/date.php Requested by Host: sop.nayarit.gob.mx URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc//jq.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 201.161.95.9 , Mexico, ASN19373 (Triara.com S.A. de C.V., MX), Reverse DNS cust-201-161-95-9.triara.com Software Apache/2.4.46 (Ubuntu) / Resource Hash `1b887e6ca045e1bba039b6e5d2b511eec6050fc250ced82f0c1135e2cb7bc175` Request headers Accept / Referer https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/step.php X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sat, 19 Aug 2023 17:50:12 GMT Server Apache/2.4.46 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 21 Content-Type text/html; charset=UTF-8
POST		date.php sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sop.nayarit.gob.mx
URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/date.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Israel Post (Transporation)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery number| c

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/inc/h.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sop.nayarit.gob.mx/wp-content/plugins/redirectcod/ar/spy.php Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sop.nayarit.gob.mx
tinyurl.com
sop.nayarit.gob.mx
201.161.95.9
2606:4700:10::6814:8b41
05de1456fad8a839516d9846f6c98072c165573ea02193b2498042fd8d1c4661
1b887e6ca045e1bba039b6e5d2b511eec6050fc250ced82f0c1135e2cb7bc175
1f7830bfae8025ed671493fddb450146268b8176290f343ee30bfcdc893d34fe
32cb3c5c141802399b8c1d60bca37c971ab660f1bb22e32e7084bd4778a0a0b0
592b3f903018354bf9c8466601cf513b2b4afeb8a17fc25fc1600f36d3e40c1e
6dbd37899c2653b6e7ce1f32ecfd72854cf26b235e7f82e83c80397e7390791d
7cff082fe3676f7e02428c7d1b72b5daf671c05eb60e4e53ddd10267080111f0
983d2a9a4c846ee66315184165719df6b8acd37f956ac14e64510eba3c45b779
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
bd80bbe4f601eb38a50867880a0460a940f08acbdbadfc22c38873be8be58ed6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

sop.nayarit.gob.mx Open in urlscan Pro 201.161.95.9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

110 kBTransfer

184 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

sop.nayarit.gob.mx Open in urlscan Pro
201.161.95.9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

110 kB
Transfer

184 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!