mymedshoplive.com Open in urlscan Pro
194.62.6.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ferrerpardo.com.br/medico/xanax/8456xufijov
Effective URL:
https://mymedshoplive.com/search?q=xanax
Submission: On July 20 via manual (July 20th 2023, 9:09:25 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 194.62.6.209, located in Netherlands and belongs to SKYLINK, NL. The main domain is mymedshoplive.com.
TLS certificate: Issued by R3 on June 4th 2023. Valid for: 3 months.

This is the only time mymedshoplive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	187.45.193.157 187.45.193.157	27715 (Locaweb S...) (Locaweb Servicos de Internet SA)
9	194.62.6.209 194.62.6.209	44592 (SKYLINK) (SKYLINK)
11	2

2 187.45.193.157 (Brazil)

ASN27715 (Locaweb Servicos de Internet SA, BR)
PTR: hm2502.locaweb.com.br

www.ferrerpardo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 194.62.6.209 (Netherlands)

ASN44592 (SKYLINK, NL)

mymedshoplive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mymedshoplive.com mymedshoplive.com	97 KB
2	ferrerpardo.com.br www.ferrerpardo.com.br	2 KB
11	2

	Domain	Requested by
9	mymedshoplive.com	www.ferrerpardo.com.br mymedshoplive.com
2	www.ferrerpardo.com.br
11	2

This site contains no links.

Subject Issuer	Validity	Valid
mymedshoplive.com R3	`2023-06-04` - `2023-09-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mymedshoplive.com/search?q=xanax
Frame ID: 310C01895A3FA31A1C94F702D2F9CFDF
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verify you are human

Page URL History Show full URLs

http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Page URL
http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Page URL
https://mymedshoplive.com/search?q=xanax Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

100 kB
Transfer

325 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Page URL
http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Page URL
https://mymedshoplive.com/search?q=xanax Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	8456xufijov Show response www.ferrerpardo.com.br/medico/xanax/	910 B 1 KB	2076ms 1216ms	Document text/html	187.45.193.157 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Full URL http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Protocol HTTP/1.1 Server 187.45.193.157 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm2502.locaweb.com.br Software Apache / Resource Hash `03a5ec83c3a81ccc61e12bb0e024a56bb3ce97014de88ff331ce011a0d751b57` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Type text/html Date Thu, 20 Jul 2023 09:09:18 GMT Server Apache Transfer-Encoding chunked
POST H/1.1	200 OK	8456xufijov www.ferrerpardo.com.br/medico/xanax/	689 B 1 KB	3218ms 3217ms	Document text/html	187.45.193.157 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Full URL http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Protocol HTTP/1.1 Server 187.45.193.157 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm2502.locaweb.com.br Software Apache / Resource Hash Request headers Content-Type application/x-www-form-urlencoded Origin http://www.ferrerpardo.com.br Referer http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Type text/html; charset=utf-8 Date Thu, 20 Jul 2023 09:09:19 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache Transfer-Encoding chunked
GET H2	404	Primary Request search Show response mymedshoplive.com/	460 B 795 B	826ms 565ms	Document text/html	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://mymedshoplive.com/search?q=xanax Requested by Host: www.ferrerpardo.com.br URL: http://www.ferrerpardo.com.br/medico/xanax/8456xufijov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `cccb60e1e01b8973f7e6a8068ce7e2e9df48d29faddf71d7ee9be63f6b28bb5a` Request headers Referer http://www.ferrerpardo.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 20 Jul 2023 09:09:23 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx/1.22.1 vary Accept-Encoding
GET H2	200	f8RK.js Show response mymedshoplive.com/assets/js/afadcd1c01BsJ7ObIrUthfFMJ/	1 KB 713 B	60ms 60ms	Script text/javascript	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://mymedshoplive.com/assets/js/afadcd1c01BsJ7ObIrUthfFMJ/f8RK.js Requested by Host: mymedshoplive.com URL: https://mymedshoplive.com/search?q=xanax Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `56958632c9473385e1cefce11cddd48fe7a434c94329fc1030b419301f65e8fb` Request headers accept-language de-DE,de;q=0.9 Referer https://mymedshoplive.com/search?q=xanax User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Thu, 20 Jul 2023 09:09:23 GMT content-encoding gzip server nginx/1.22.1 vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	jquery.js Show response mymedshoplive.com/assets/350f5471/	286 KB 85 KB	28ms 27ms	Script application/javascript	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://mymedshoplive.com/assets/350f5471/jquery.js Requested by Host: mymedshoplive.com URL: https://mymedshoplive.com/assets/js/afadcd1c01BsJ7ObIrUthfFMJ/f8RK.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1` Request headers accept-language de-DE,de;q=0.9 Referer https://mymedshoplive.com/search?q=xanax User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 09:09:23 GMT content-encoding gzip last-modified Sat, 10 Jun 2023 18:43:49 GMT server nginx/1.22.1 etag W/"6484c465-4766a" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	hna4z9V.js Show response mymedshoplive.com/assets/js/ceb3d61c11BsJ7ObIrUthfFMJ/	2 KB 1 KB	60ms 59ms	Script text/javascript	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://mymedshoplive.com/assets/js/ceb3d61c11BsJ7ObIrUthfFMJ/hna4z9V.js Requested by Host: mymedshoplive.com URL: https://mymedshoplive.com/assets/js/afadcd1c01BsJ7ObIrUthfFMJ/f8RK.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `327ec544b5c76e9be956a8ad5f02c7019044752f4839fef6516b975dd3cc1415` Request headers accept-language de-DE,de;q=0.9 Referer https://mymedshoplive.com/search?q=xanax User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Thu, 20 Jul 2023 09:09:23 GMT content-encoding gzip server nginx/1.22.1 vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	YvhZ7hrk.js Show response mymedshoplive.com/assets/js/c012f81X21BsJ7ObIrUthfFMJ/	15 KB 5 KB	56ms 56ms	Script text/javascript	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://mymedshoplive.com/assets/js/c012f81X21BsJ7ObIrUthfFMJ/YvhZ7hrk.js Requested by Host: mymedshoplive.com URL: https://mymedshoplive.com/assets/js/ceb3d61c11BsJ7ObIrUthfFMJ/hna4z9V.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `5f8624ac950a11e5f6cd96365fa5d6bcaf32357cd35212e8ffdb5d12f871f583` Request headers Referer https://mymedshoplive.com/search?q=xanax Origin https://mymedshoplive.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Thu, 20 Jul 2023 09:09:23 GMT content-encoding gzip server nginx/1.22.1 vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	page_loading.svg mymedshoplive.com/images/loaders/	1 KB 461 B	12ms 11ms	Image image/svg+xml	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Show image Full URL https://mymedshoplive.com/images/loaders/page_loading.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `62ca7656caa403837df930feb462c07968faaf68d9c4d0808f4a329d076a0bf4` Request headers accept-language de-DE,de;q=0.9 Referer https://mymedshoplive.com/search?q=xanax User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 09:09:23 GMT content-encoding gzip last-modified Thu, 23 Mar 2023 10:04:56 GMT server nginx/1.22.1 etag W/"641c2448-59c" vary Accept-Encoding content-type image/svg+xml
POST H2	200	refresh Show response mymedshoplive.com/api/orders/39b4aaXc01BsJ7ObIrUthfFMJ/cart/	16 KB 3 KB	364ms 364ms	XHR text/html	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Full URL https://mymedshoplive.com/api/orders/39b4aaXc01BsJ7ObIrUthfFMJ/cart/refresh Requested by Host: mymedshoplive.com URL: https://mymedshoplive.com/assets/350f5471/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `7e215dbb10b729514ee8f1d0e4db0d44c9996f647352504e3f054669d7cdbeb1` Request headers Accept / Referer https://mymedshoplive.com/search?q=xanax X-Requested-With XMLHttpRequest X-CSRF-Token oYNsS0ng6bBPJD0cBDGIeIFZf6KgofdutLx3NLAl6cw8a7ceW6JcAz8iKuzWzp098vfjz04Ghvm7smvMCo2yp0u2uB2iu7m5cKY_Xj-Hc1vKxAh_e3fAVc7NOzouoYzEOhQFeWdUyhO3NzaT9-ugCuvVIQbHTK2tezL_X2nhGHN2YFCuubv3cJTC1YEqNOq71Mgnrkjb0f0818Fq-PrY_CrJCjhL8RIMr49GLy0m_Wg= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Thu, 20 Jul 2023 09:09:24 GMT content-encoding gzip server nginx/1.22.1 vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	page_loading.svg mymedshoplive.com/images/loaders/	1 KB 461 B	12ms 11ms	Image image/svg+xml	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Show image Full URL https://mymedshoplive.com/images/loaders/page_loading.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `62ca7656caa403837df930feb462c07968faaf68d9c4d0808f4a329d076a0bf4` Request headers accept-language de-DE,de;q=0.9 Referer https://mymedshoplive.com/search?q=xanax User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 09:09:24 GMT content-encoding gzip last-modified Thu, 23 Mar 2023 10:04:56 GMT server nginx/1.22.1 etag W/"641c2448-59c" vary Accept-Encoding content-type image/svg+xml
GET H2	200	shield.svg mymedshoplive.com/images/loaders/	697 B 580 B	12ms 12ms	Image image/svg+xml	194.62.6.209 SKYLINK
General Check archive.org Show headers Download Go to Show image Full URL https://mymedshoplive.com/images/loaders/shield.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.62.6.209 , Netherlands, ASN44592 (SKYLINK, NL), Reverse DNS Software nginx/1.22.1 / Resource Hash `655f5e843d35af60f6d228f7044c1fdfddbdeb74b993509e5224d0ebf95459f6` Request headers accept-language de-DE,de;q=0.9 Referer https://mymedshoplive.com/search?q=xanax User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 20 Jul 2023 09:09:24 GMT content-encoding gzip last-modified Mon, 03 Apr 2023 13:21:09 GMT server nginx/1.22.1 etag W/"642ad2c5-2b9" vary Accept-Encoding content-type image/svg+xml

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| datePageOpenInstance function| $ function| jQuery object| pageCompleteLoading

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ferrerpardo.com.br/	1970-01-20 13:24:05	Name: visitor Value: du2
www.ferrerpardo.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: teipg25ahfpvgp6806i800hrq0
www.ferrerpardo.com.br/	1970-01-20 13:25:30	Name: _subid Value: qbgktadefbpsp9q8i
www.ferrerpardo.com.br/	1970-01-20 13:25:30	Name: 5d72a Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjg1MVwiOjE2ODk4NDQxMTR9LFwiY2FtcGFpZ25zXCI6e1wiMzVcIjoxNjg5ODQ0MTE0fSxcInRpbWVcIjoxNjg5ODQ0MTE0fSJ9.faEMh7NKZLq5t-R1IDpp3_AVKEsh_069JYRgbf86KBw
mymedshoplive.com/	1970-01-20 23:00:04	Name: session_shop Value: 7b799a700abef4633c0194f732505adf
mymedshoplive.com/	1969-12-31 23:59:59	Name: _csrf Value: abd3fb4eebef14d83b41ed2a52a96be8740ff32982634272369a35ac83e17346a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A88%3A%22oNWqgAetu08eceBk6nI1WJWd_iV2wiDaGYHA2CDpIBzBoujMf56Nd2lBozLbBVcZwaywZAaEZo5ftvaWeKNPVQ%3D%3D%22%3B%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mymedshoplive.com/search?q=xanax Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mymedshoplive.com
www.ferrerpardo.com.br
187.45.193.157
194.62.6.209
03a5ec83c3a81ccc61e12bb0e024a56bb3ce97014de88ff331ce011a0d751b57
327ec544b5c76e9be956a8ad5f02c7019044752f4839fef6516b975dd3cc1415
56958632c9473385e1cefce11cddd48fe7a434c94329fc1030b419301f65e8fb
5f8624ac950a11e5f6cd96365fa5d6bcaf32357cd35212e8ffdb5d12f871f583
62ca7656caa403837df930feb462c07968faaf68d9c4d0808f4a329d076a0bf4
655f5e843d35af60f6d228f7044c1fdfddbdeb74b993509e5224d0ebf95459f6
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1
7e215dbb10b729514ee8f1d0e4db0d44c9996f647352504e3f054669d7cdbeb1
cccb60e1e01b8973f7e6a8068ce7e2e9df48d29faddf71d7ee9be63f6b28bb5a

mymedshoplive.com Open in urlscan Pro 194.62.6.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

100 kBTransfer

325 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

mymedshoplive.com Open in urlscan Pro
194.62.6.209 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

100 kB
Transfer

325 kB
Size

6
Cookies

11 HTTP transactions
0 data transactions