ov.pemsv13.net Open in urlscan Pro
2600:9000:248c:2400:1e:3a66:8e40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXViM3FuM3ZkbGYwNzM2bWh3NGk2a28iLCJ1IjoiaHR0cHM6Ly...
Effective URL:
https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8
Submission: On June 20 via manual (June 20th 2023, 9:08:25 pm UTC) from BR — Scanned from DE

Summary HTTP 5 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2600:9000:248c:2400:1e:3a66:8e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ov.pemsv13.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 1st 2023. Valid for: 10 months.

This is the only time ov.pemsv13.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:225... 2600:9000:225e:cc00:7:1c96:6800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:248... 2600:9000:248c:2400:1e:3a66:8e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
5	3

1 2600:9000:225e:cc00:7:1c96:6800:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

santaanafarma.tr.pemsv13.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:248c:2400:1e:3a66:8e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ov.pemsv13.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.pemres02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.pemres01.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	pemres01.net cdn.pemres01.net	3 KB
2	pemsv13.net 1 redirects santaanafarma.tr.pemsv13.net ov.pemsv13.net	13 KB
1	pemres02.net cdn.pemres02.net	13 KB
5	3

	Domain	Requested by
3	cdn.pemres01.net	ov.pemsv13.net
1	cdn.pemres02.net	ov.pemsv13.net
1	ov.pemsv13.net
1	santaanafarma.tr.pemsv13.net	1 redirects
5	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
walink.co

Subject Issuer	Validity	Valid
pemsv13.net Amazon RSA 2048 M01	`2023-03-01` - `2023-12-27`	10 months	crt.sh
1958307774.rsc.cdn77.org R3	`2023-05-27` - `2023-08-25`	3 months	crt.sh
1018613529.rsc.cdn77.org R3	`2023-05-27` - `2023-08-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8
Frame ID: FB6EE6340FF4BFC160381F7B57AD7A2B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Últimas Unidades CAMPAÑA VACUNACION ANTIGRIPAL! 🤧

Page URL History Show full URLs

https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXViM3FuM3ZkbGYwNzM2bWh3NGk2a2... HTTP 302
https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Page URL

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

29 kB
Transfer

27 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Santa-Ana-Farmacia-101239259262497

Search URL Search Domain Scan URL

URL: https://www.instagram.com/santaanafarma/

Search URL Search Domain Scan URL

URL: https://walink.co/9713e3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXViM3FuM3ZkbGYwNzM2bWh3NGk2a28iLCJ1IjoiaHR0cHM6Ly9vdi5wZW1zdjEzLm5ldC9zYW50YWFuYWZhcm1hL3NhbnRhYW5hZmFybWFfYnVsa18xMDEvbGRzYWFqXzQ3YjZmOCIsImgiOiJhODUyMjgifQ HTTP 302
https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ldsaaj_47b6f8 Show response ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ Redirect Chain https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXViM3FuM3ZkbGYwNzM2bWh3NGk2a28iLCJ1IjoiaHR0cHM6Ly9vdi5wZW1zdjEzLm5ldC9zYW50YWFuYWZhcm1hL3NhbnRhYW5hZmFybWFfYnVsa1... https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8	12 KB 12 KB	561ms 429ms	Document text/html	2600:9000:248c:2400:1e:3a66:8e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:248c:2400:1e:3a66:8e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `35d892b28812ca7dce1cf9c6d202224ca0cd41411422636932fcd8a2bdd5115b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 12142 content-type text/html date Tue, 20 Jun 2023 21:08:20 GMT etag "9985318930447ea65912ebffbf6733ef" last-modified Tue, 13 Jun 2023 13:15:18 GMT server AmazonS3 via 1.1 b238d3f6f579ec0d467edb5df6f43bbe.cloudfront.net (CloudFront) x-amz-cf-id 5HLDgsErDeJq0ad8kSHQRli2CAoPrUq4EtiUVWVPZTTCCvNLK2H8dw== x-amz-cf-pop MXP64-P1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront Redirect headers access-control-allow-headers Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, X-Auth-Token access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT access-control-allow-origin * access-control-max-age 3600 content-length 0 date Tue, 20 Jun 2023 21:08:19 GMT location https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 via 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront) x-amz-cf-id Do_oGWyH_k7LbImhIuf3bUBwKdpHv4CvXibiHGLYvg4YOLes-XIa8g== x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront
GET H2	200	recurso-44x.png cdn.pemres02.net/29895/	13 KB 13 KB	247ms 201ms	Image image/png	2a02:6ea0:c700::17 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres02.net/29895/recurso-44x.png Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `c086c34fd4d9d65131a4f7a3f2e74e69084331a870e5644e63a55ca2da2b486f` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-nzt AZySIYjbakSh x-77-pop frankfurtDE date Tue, 20 Jun 2023 21:08:20 GMT last-modified Fri, 06 Jan 2023 19:20:06 GMT server CDN77-Turbo etag "33d0-5f19d4e2019a5" x-77-nzt-ray f6587a1dadd51a414315926481161b36 x-cache MISS content-type image/png x-77-cache MISS cache-control public, max-age=14400 accept-ranges bytes content-length 13264
GET H2	200	fb-2.png cdn.pemres01.net/9620/	426 B 700 B	264ms 195ms	Image image/png	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres01.net/9620/fb-2.png Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `be29d03b165714bb3bdaa01b7000306701cd8b16d1a53e086498019590c1a9fe` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-nzt AZySIYuJThah x-77-pop frankfurtDE date Tue, 20 Jun 2023 21:08:20 GMT last-modified Thu, 14 Nov 2019 15:08:21 GMT server CDN77-Turbo etag "1aa-5974fda26ad2d" x-77-nzt-ray cf878727125fab974315926493dc7137 x-cache MISS content-type image/png x-77-cache MISS cache-control public, max-age=14400 accept-ranges bytes content-length 426
GET H2	200	instagram-2.png cdn.pemres01.net/9620/	1 KB 1 KB	262ms 194ms	Image image/png	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres01.net/9620/instagram-2.png Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `2ef5110f3cc978d525d486ede072f93b04c715edd5fa9fa39e4adae4c6c55a2f` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-nzt AZySIYuJ02Kh x-77-pop frankfurtDE date Tue, 20 Jun 2023 21:08:20 GMT last-modified Thu, 14 Nov 2019 15:10:16 GMT server CDN77-Turbo etag "40c-5974fe0ffbf67" x-77-nzt-ray cf878727125fab9743159264053a7737 x-cache MISS content-type image/png x-77-cache MISS cache-control public, max-age=14400 accept-ranges bytes content-length 1036
GET H2	200	what-2.png cdn.pemres01.net/9620/	1 KB 2 KB	251ms 184ms	Image image/png	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres01.net/9620/what-2.png Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `bd3d4875cdf0013c8bee7a37b28ce712c25fbadc310dcd9bfd09023c1511f2d5` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-nzt AZySIYteXZah x-77-pop frankfurtDE date Tue, 20 Jun 2023 21:08:20 GMT last-modified Thu, 14 Nov 2019 15:10:47 GMT server CDN77-Turbo etag "4f5-5974fe2d6269d" x-77-nzt-ray cf878727125fab97431592640fd57a37 x-cache MISS content-type image/png x-77-cache MISS cache-control public, max-age=14400 accept-ranges bytes content-length 1269

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres02.net/29895/recurso-44x.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/fb-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/instagram-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/what-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8(Line 143) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres02.net/29895/recurso-44x.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8(Line 143) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/fb-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8(Line 143) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/instagram-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8(Line 143) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_101/ldsaaj_47b6f8' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/what-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pemres01.net
cdn.pemres02.net
ov.pemsv13.net
santaanafarma.tr.pemsv13.net
2600:9000:225e:cc00:7:1c96:6800:93a1
2600:9000:248c:2400:1e:3a66:8e40:93a1
2a02:6ea0:c700::17
2a02:6ea0:c700::18
2ef5110f3cc978d525d486ede072f93b04c715edd5fa9fa39e4adae4c6c55a2f
35d892b28812ca7dce1cf9c6d202224ca0cd41411422636932fcd8a2bdd5115b
bd3d4875cdf0013c8bee7a37b28ce712c25fbadc310dcd9bfd09023c1511f2d5
be29d03b165714bb3bdaa01b7000306701cd8b16d1a53e086498019590c1a9fe
c086c34fd4d9d65131a4f7a3f2e74e69084331a870e5644e63a55ca2da2b486f

ov.pemsv13.net Open in urlscan Pro 2600:9000:248c:2400:1e:3a66:8e40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

29 kBTransfer

27 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

ov.pemsv13.net Open in urlscan Pro
2600:9000:248c:2400:1e:3a66:8e40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

29 kB
Transfer

27 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions