ov.pemsv13.net Open in urlscan Pro
2600:9000:223c:3800:1e:3a66:8e40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXVsYXR2ODM5Mm8wODg1YXN1dmQ1dWciLCJ1IjoiaHR0cHM6Ly...
Effective URL:
https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27
Submission: On June 14 via manual (June 14th 2023, 4:08:53 am UTC) from IN — Scanned from DE

Summary HTTP 5 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2600:9000:223c:3800:1e:3a66:8e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ov.pemsv13.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 1st 2023. Valid for: 10 months.

This is the only time ov.pemsv13.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:225... 2600:9000:225e:fc00:7:1c96:6800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:3800:1e:3a66:8e40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2

1 2600:9000:225e:fc00:7:1c96:6800:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

santaanafarma.tr.pemsv13.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3800:1e:3a66:8e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ov.pemsv13.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.pemres02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pemres01.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	pemres01.net cdn.pemres01.net	4 KB
2	pemsv13.net 1 redirects santaanafarma.tr.pemsv13.net ov.pemsv13.net	13 KB
1	pemres02.net cdn.pemres02.net	51 KB
5	3

	Domain	Requested by
3	cdn.pemres01.net	ov.pemsv13.net
1	cdn.pemres02.net	ov.pemsv13.net
1	ov.pemsv13.net
1	santaanafarma.tr.pemsv13.net	1 redirects
5	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
walink.co

Subject Issuer	Validity	Valid
pemsv13.net Amazon RSA 2048 M01	`2023-03-01` - `2023-12-27`	10 months	crt.sh
1958307774.rsc.cdn77.org R3	`2023-05-27` - `2023-08-25`	3 months	crt.sh
1018613529.rsc.cdn77.org R3	`2023-05-27` - `2023-08-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27
Frame ID: 8998390434F943223D4A4BE6FC5BC096
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Campaña VACUNACION ANTIGRIPAL: ¡Últimas unidades disponibles a precio especial!

Page URL History Show full URLs

https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXVsYXR2ODM5Mm8wODg1YXN1dmQ1dW... HTTP 302
https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Page URL

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

68 kB
Transfer

66 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Santa-Ana-Farmacia-101239259262497

Search URL Search Domain Scan URL

URL: https://www.instagram.com/santaanafarma/

Search URL Search Domain Scan URL

URL: https://walink.co/9713e3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXVsYXR2ODM5Mm8wODg1YXN1dmQ1dWciLCJ1IjoiaHR0cHM6Ly9vdi5wZW1zdjEzLm5ldC9zYW50YWFuYWZhcm1hL3NhbnRhYW5hZmFybWFfYnVsa18xMDIvd212Y2pzXzE1ZWUyNyIsImgiOiI2NTBjZTIifQ HTTP 302
https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request wmvcjs_15ee27 Show response ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/ Redirect Chain https://santaanafarma.tr.pemsv13.net/v/eyJhIjoic2FudGFhbmFmYXJtYSIsIm0iOiJtYWlsX2NsaXVsYXR2ODM5Mm8wODg1YXN1dmQ1dWciLCJ1IjoiaHR0cHM6Ly9vdi5wZW1zdjEzLm5ldC9zYW50YWFuYWZhcm1hL3NhbnRhYW5hZmFybWFfYnVsa1... https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27	13 KB 13 KB	73ms 9ms	Document text/html	2600:9000:223c:3800:1e:3a66:8e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:3800:1e:3a66:8e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `b7459b8902a0a174b5b0f1c15510cb75b3ac34bf8b044973bd19cd46e6b35d43` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 36457 content-length 12916 content-type text/html date Tue, 13 Jun 2023 18:01:12 GMT etag "cd3c090803479f36546cf6fd8bb9582c" last-modified Tue, 13 Jun 2023 18:00:35 GMT server AmazonS3 via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) x-amz-cf-id J2Ws49QcIW9OU_DDf19PgU9ByBqdF2TbvrrxGh_On2OrEjUtuRT2iw== x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront Redirect headers access-control-allow-headers Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, X-Auth-Token access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT access-control-allow-origin * access-control-max-age 3600 content-length 0 date Wed, 14 Jun 2023 04:08:48 GMT location https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 via 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront) x-amz-cf-id _zIZYzJW-dprvfWBgUGC40YwguslDPEsusVnG-4cA8b0sB5WcZax9w== x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront
GET H2	200	headercorp.jpg cdn.pemres02.net/29895/	51 KB 51 KB	378ms 277ms	Image image/jpeg	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres02.net/29895/headercorp.jpg Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `71d67d5e9a806b103fc16ee8f5a4ec96c4c735db8c21d550bfb02389a5eac5ad` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers x-77-nzt AZySIYvtjlPB x-accel-expires @1686730129 date Wed, 14 Jun 2023 04:08:49 GMT x-77-pop frankfurtDE last-modified Tue, 13 Jun 2023 14:40:46 GMT server CDN77-Turbo etag "cb60-5fe03d215e8f4" x-77-nzt-ray cf878727092e5a5d503d8964a70f6d34 x-cache MISS content-type image/jpeg x-77-cache MISS cache-control public, max-age=14400 accept-ranges bytes content-length 52064
GET H2	200	fb-2.png cdn.pemres01.net/9620/	426 B 766 B	375ms 186ms	Image image/png	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres01.net/9620/fb-2.png Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `be29d03b165714bb3bdaa01b7000306701cd8b16d1a53e086498019590c1a9fe` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 14 Jun 2023 04:08:49 GMT x-cache REVALIDATED x-77-cache HIT x-age 53336 x-accel-date 1686662392 content-length 426 x-77-nzt AZySIYvMQZHeWNAAAA x-accel-expires @1686730129 last-modified Thu, 14 Nov 2019 15:08:21 GMT server CDN77-Turbo etag "1aa-5974fda26ad2d" x-77-nzt-ray cf8787277f3ce75e503d89640f6bc939 content-type image/png cache-control public, max-age=14400 accept-ranges bytes
GET H2	200	instagram-2.png cdn.pemres01.net/9620/	1 KB 1 KB	376ms 187ms	Image image/png	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres01.net/9620/instagram-2.png Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `2ef5110f3cc978d525d486ede072f93b04c715edd5fa9fa39e4adae4c6c55a2f` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 14 Jun 2023 04:08:49 GMT x-cache REVALIDATED x-77-cache HIT x-age 53336 x-accel-date 1686662392 content-length 1036 x-77-nzt AZySIYvzisTeWNAAAA x-accel-expires @1686730129 last-modified Thu, 14 Nov 2019 15:10:16 GMT server CDN77-Turbo etag "40c-5974fe0ffbf67" x-77-nzt-ray cf8787277f3ce75e503d89648f5dcf39 content-type image/png cache-control public, max-age=14400 accept-ranges bytes
GET H2	200	what-2.png cdn.pemres01.net/9620/	1 KB 2 KB	385ms 197ms	Image image/png	2a02:6ea0:c700::18 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pemres01.net/9620/what-2.png Requested by Host: ov.pemsv13.net URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `bd3d4875cdf0013c8bee7a37b28ce712c25fbadc310dcd9bfd09023c1511f2d5` Request headers accept-language de-DE,de;q=0.9 Referer https://ov.pemsv13.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 14 Jun 2023 04:08:49 GMT x-cache REVALIDATED x-77-cache HIT x-age 53336 x-accel-date 1686662392 content-length 1269 x-77-nzt AZySIYuTJQzeWNAAAA x-accel-expires @1686730129 last-modified Thu, 14 Nov 2019 15:10:47 GMT server CDN77-Turbo etag "4f5-5974fe2d6269d" x-77-nzt-ray cf8787277f3ce75e503d8964ec9ed239 content-type image/png cache-control public, max-age=14400 accept-ranges bytes

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres02.net/29895/headercorp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/fb-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/instagram-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27 Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/what-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27(Line 146) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres02.net/29895/headercorp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27(Line 146) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/fb-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27(Line 146) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/instagram-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27(Line 146) Message: Mixed Content: The page at 'https://ov.pemsv13.net/santaanafarma/santaanafarma_bulk_102/wmvcjs_15ee27' was loaded over HTTPS, but requested an insecure element 'http://cdn.pemres01.net/9620/what-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pemres01.net
cdn.pemres02.net
ov.pemsv13.net
santaanafarma.tr.pemsv13.net
2600:9000:223c:3800:1e:3a66:8e40:93a1
2600:9000:225e:fc00:7:1c96:6800:93a1
2a02:6ea0:c700::18
2ef5110f3cc978d525d486ede072f93b04c715edd5fa9fa39e4adae4c6c55a2f
71d67d5e9a806b103fc16ee8f5a4ec96c4c735db8c21d550bfb02389a5eac5ad
b7459b8902a0a174b5b0f1c15510cb75b3ac34bf8b044973bd19cd46e6b35d43
bd3d4875cdf0013c8bee7a37b28ce712c25fbadc310dcd9bfd09023c1511f2d5
be29d03b165714bb3bdaa01b7000306701cd8b16d1a53e086498019590c1a9fe

ov.pemsv13.net Open in urlscan Pro 2600:9000:223c:3800:1e:3a66:8e40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

68 kBTransfer

66 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

ov.pemsv13.net Open in urlscan Pro
2600:9000:223c:3800:1e:3a66:8e40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

68 kB
Transfer

66 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions