Submitted URL: http://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%3d%e5%a3%af%e9%99%bd...
Effective URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Submission: On August 15 via api from US — Scanned from US

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3035::6815:5f91, located in United States and belongs to CLOUDFLARENET, US. The main domain is viagra9.ibmdv.com.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time viagra9.ibmdv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 119.28.2.17 132203 (TENCENT-N...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42::347 54113 (FASTLY)
2 183.240.98.228 56040 (CMNET-GUA...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
12 4
Apex Domain
Subdomains
Transfer
8 ibmdv.com
viagra9.ibmdv.com
70 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8226
12 KB
2 picsum.photos
picsum.photos — Cisco Umbrella Rank: 92800
fastly.picsum.photos — Cisco Umbrella Rank: 140874
49 KB
1 99aa.shop
99aa.shop
1 zhenghe.biz
www.zhenghe.biz
401 B
12 5
Domain Requested by
8 viagra9.ibmdv.com viagra9.ibmdv.com
2 hm.baidu.com viagra9.ibmdv.com
1 99aa.shop viagra9.ibmdv.com
1 fastly.picsum.photos viagra9.ibmdv.com
1 picsum.photos 1 redirects
1 www.zhenghe.biz 1 redirects
12 6
Subject Issuer Validity Valid
ibmdv.com
WE1
2024-07-02 -
2024-09-30
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2024-07-08 -
2025-08-09
a year crt.sh
99aa.shop
WE1
2024-07-03 -
2024-10-01
3 months crt.sh

This page contains 2 frames:

Primary Page: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Frame ID: BEF8C0681CEA6D5FC91E9E94BC1A6DD7
Requests: 11 HTTP requests in this frame

Frame: https://99aa.shop/
Frame ID: 04C235CA902E4574F12AF4AA1F582737
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

壯陽 ptt

Page URL History Show full URLs

  1. http://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%... HTTP 307
    https://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%... HTTP 307
    http://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%... HTTP 302
    https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

12
Requests

92 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

131 kB
Transfer

379 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%3d%e5%a3%af%e9%99%bd+ptt HTTP 307
    https://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%3d%e5%a3%af%e9%99%bd+ptt HTTP 307
    http://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%3d%e5%a3%af%e9%99%bd+ptt HTTP 302
    https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://picsum.photos/800/600?random=1924368462 HTTP 302
  • https://fastly.picsum.photos/id/529/800/600.jpg?hmac=ie0xGHU03IjtopfaRKdziIoAThqO0dz86Dvn5Jlv7QU

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
viagra9.ibmdv.com/
Redirect Chain
  • http://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%3d%e5%a3%af%e9%99%bd+ptt
  • https://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%3d%e5%a3%af%e9%99%bd+ptt
  • http://www.zhenghe.biz/urlredirect.php?go=https%3a%2f%2fviagra9.ibmdv.com%2findex.php%3ff%3d11%26s%3d%e5%a3%af%e9%99%bd+ptt
  • https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
55 KB
19 KB
Document
General
Full URL
https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe8f8a1f38a51e6d92d6307c63726380e6f472cbd63a60e2e74b295cb036295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b37950b5eaac333-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 15 Aug 2024 07:48:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJXicqZ1r6XYH3WKCmjAjkatN%2Fe4orBJDTqbHyP5JhauTEi2wRFJvM3lUi4VHg%2BwcFt0TaYJ%2BEi4GMk%2Bnw7IfkgbE8%2BnOY4qpvvqyUxRynrU%2FuY7uYiNpS0MObQFvhh9djV%2BjXjpN%2BTY9J8%2F7SbMtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Connection
close
Content-Type
text/html
Date
Thu, 15 Aug 2024 07:48:23 GMT
Location
https://viagra9.ibmdv.com/index.php?f=11&s=壯陽 ptt
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.2.17 ASP.NET
bootstrap.min.css
viagra9.ibmdv.com/fsh_static/bootstrap/css/
124 KB
23 KB
Stylesheet
General
Full URL
https://viagra9.ibmdv.com/fsh_static/bootstrap/css/bootstrap.min.css
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 07:48:26 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 30 May 2018 16:11:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5b0ecd1e-1f16f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Q7gIc7GrqJcHAs6ywUjG%2BfG3O3fYBs2uWrm628ylrw83bXbv6hMbRrOttP61hAFU9u1RoIMOHV6ol9kyXgqqvttZubimCddH4vqh1LcdXhoxHhG0egLa0EXCcRQ19BBRRlEkNyn4bXERi5N%2Bpctvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8b37950dcfa7c333-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 15 Aug 2024 19:48:26 GMT
styles.css
viagra9.ibmdv.com/fsh_static/css/
104 KB
19 KB
Stylesheet
General
Full URL
https://viagra9.ibmdv.com/fsh_static/css/styles.css?s
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773df69dce71363db7bcd7ad15d54c6c970308155545591eb1963c0df64d9bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 07:48:26 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 14 Jan 2019 18:46:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c3cd90a-19f91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FNNL9kWXf9WdBRmh5EkTyZBVcKxeg%2F1s3NcaYBPSeXqjtA2AUOAAiPBxItlFnbmGjR7n6OMBW0phi1tlpiAsJFRw4rDbebpZdBwFq%2FIln2HVftofBM2prAg96jUtrbIcpBbAxwMMNyleiTdWURnQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8b37950dcfa8c333-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 15 Aug 2024 19:48:26 GMT
color-1.css
viagra9.ibmdv.com/fsh_static/css/
1 KB
946 B
Stylesheet
General
Full URL
https://viagra9.ibmdv.com/fsh_static/css/color-1.css
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8023602fbc0ff1fdb9ac90d157502f958e5221f07eff576fb6d0b5f6ffdf34e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 07:48:26 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 14 Jan 2019 18:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c3cd5b0-582"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3c7Yge6%2FzaElEQRc4gaSEkaU75H%2B4vYfiFXHMQo4HrJhiBIsQ9I90qaRG%2FsBsovf0ZSdpFjsmN0CSD3uw3OlTHB1R8YxfH64wloHCkl8xH9a%2B9HQjCYf3ytPB%2F1S0O0YiaLVHnPHPQ6DqSi9OIGKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8b37950dcfa9c333-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 15 Aug 2024 19:48:26 GMT
js.js
viagra9.ibmdv.com/
0
331 B
Script
General
Full URL
https://viagra9.ibmdv.com/js.js
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 07:48:26 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Wed, 15 May 2024 03:15:20 GMT
server
cloudflare
etag
"664428c8-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWGsM%2FCdq2bGxMPZkQejBBoFShhS8F%2Fdz010qeefYg9s1%2B0EYmjWcOTCSz3GFUmOZ%2FHM6iguw9DozS7mXlHexDaJbvQldQs8SAzidItUXCQengqBCeNtezeHV8B5ZPvjTMKM6moJKYAWhBkJhbWx3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
8b37950dcfaac333-EWR
expires
Thu, 15 Aug 2024 19:48:26 GMT
600.jpg
fastly.picsum.photos/id/529/800/
Redirect Chain
  • https://picsum.photos/800/600?random=1924368462
  • https://fastly.picsum.photos/id/529/800/600.jpg?hmac=ie0xGHU03IjtopfaRKdziIoAThqO0dz86Dvn5Jlv7QU
48 KB
49 KB
Image
General
Full URL
https://fastly.picsum.photos/id/529/800/600.jpg?hmac=ie0xGHU03IjtopfaRKdziIoAThqO0dz86Dvn5Jlv7QU
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a39cbbe9eb83cd236d3fa79ce60513b1a851f1e7e8e00b22b91e6497b4a5778d

Request headers

Referer
https://viagra9.ibmdv.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

picsum-id
529
date
Thu, 15 Aug 2024 07:48:27 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-disposition
inline; filename="529-800x600.jpg"
content-length
49599
x-served-by
cache-ewr-kewr1740064-EWR
server
nginx
x-timer
S1723708107.715349,VS0,VE671
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0

Redirect headers

date
Thu, 15 Aug 2024 07:48:26 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VArttTwkI6smpwfD796BEZpMWc4N7XlxbXlUdl2vL7w2Vem62kIr62uGl5G1ZUGxdi4B%2FZ%2BGCV7LRFhZomOG%2F1ZekTjtPIuYLTc7HAqp1bYuKIC%2FSpirwynY9hoeZptms%2BVVt0WIwMBRoJk%3D"}],"group":"cf-nel","max_age":604800}
location
https://fastly.picsum.photos/id/529/800/600.jpg?hmac=ie0xGHU03IjtopfaRKdziIoAThqO0dz86Dvn5Jlv7QU
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
8b37950e4e98c342-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
iframe-resizer.parent.js
viagra9.ibmdv.com/js/
15 KB
7 KB
Script
General
Full URL
https://viagra9.ibmdv.com/js/iframe-resizer.parent.js
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b9b591671d04ecf4911c2768befcc95f01a5f304646ece7c7e63ceb28a8af3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 07:48:26 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 04 Jul 2024 22:36:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668723d4-3dc9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKWejPw1Xt6HtdVBNr1eg0XuKzF0lhdfBcngQ6SpUk%2B1Kx%2FtlhXkFPVwuezdb%2FI0gUy192f6Zm8nDeYZJYKPi8ydFbrRbE0Va3Q3yA4RHNHZJwV1gnO%2BRTA5GzbtjsBG6mnBzxSiNejgMk%2B%2BJxCghA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8b37950dcfacc333-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 15 Aug 2024 19:48:26 GMT
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?5dc7c50123b9a635d2187250338c812f
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
774f99f8bc33966466904d525fa30d3015ab63d78744a7bea6f896fd5e1b33fb
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://viagra9.ibmdv.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 07:48:27 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
ab7d4192c982313c189cc942e74e03fe
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11290
/
99aa.shop/ Frame 04C2
0
0
Document
General
Full URL
https://99aa.shop/
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://viagra9.ibmdv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b379512ee0280da-EWR
content-encoding
br
content-type
text/html
date
Thu, 15 Aug 2024 07:48:26 GMT
last-modified
Sat, 27 Jul 2024 08:03:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WQ4ceVRgBdJ%2FIyh2%2BR%2BFEPR4Z%2FA1eo2ofiGzIM%2FtnPnRoTMiDXpwyadhRQpGpW3f%2BqjXHqDdQBgjrE35z6ErdiBB1kJE4V9vg9D%2BL8%2BNSQm5JiaFZgw5KmAs4it5ja%2Fse01rTzK3yI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
home-banner-3.png
viagra9.ibmdv.com/fsh_static/img/
548 B
548 B
Image
General
Full URL
https://viagra9.ibmdv.com/fsh_static/img/home-banner-3.png
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/fsh_static/css/styles.css?s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://viagra9.ibmdv.com/fsh_static/css/styles.css?s
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 07:48:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fu9%2BrHY1Mzn7dpvjE%2FZKlSaNtTDlXKrkX7INTSrOvy6691HqNNQaJB%2BvvyLwIlKhcDFu%2BfDBTneQJ8Lu%2BPlLX60FoOr%2F63W2iBCsHH9BbZW2hXAvlxpT6sy4kGcNeOZHSj4KW5aE1mceKNZRE1LQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b37950ffba78c87-EWR
alt-svc
h3=":443"; ma=86400
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=13F12D6C9CACFA81&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=869249849&si=5dc7c50123b9a635d2187250338c812f&v=1.3.2&lv=1&sn=6537&r=0&ww=1600&u=https%3A%2F%2Fviagra9.ibmdv.com%2Findex.php%3Ff%3D11%26s%3D%25E5%25A3%25AF%25E9%2599%25BD%2520ptt&tt=%E5%A3%AF%E9%99%BD%20ptt
Requested by
Host: viagra9.ibmdv.com
URL: https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://viagra9.ibmdv.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Aug 2024 07:48:27 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
viagra9.ibmdv.com/
548 B
574 B
Other
General
Full URL
https://viagra9.ibmdv.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://viagra9.ibmdv.com/index.php?f=11&s=%E5%A3%AF%E9%99%BD%20ptt
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 07:48:28 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVM6aKaAXM8n7n3quYaLPf3lP8OsKP%2FyhO%2BKVXvijK7Zevr7xvyVp0jt%2B8yK2GGU2aOdLo1B%2FkXhkAzeTv6UFNayjYlzI5es4rgNg6Ny0vyEtMeSQocGRnB3XjjSlD%2FR44HmWbP25D9upxcY5iGljA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b37951a09638c87-EWR
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _hmt function| iframeResize function| iFrameResize function| iframeParentListener object| BaiduSuggestion function| show object| params function| clearInput object| baidu boolean| _bdhm_loaded_5dc7c50123b9a635d2187250338c812f

4 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 13F12D6C9CACFA81
.viagra9.ibmdv.com/ Name: Hm_lvt_5dc7c50123b9a635d2187250338c812f
Value: 1723708107
.viagra9.ibmdv.com/ Name: Hm_lpvt_5dc7c50123b9a635d2187250338c812f
Value: 1723708107
.viagra9.ibmdv.com/ Name: HMACCOUNT
Value: 13F12D6C9CACFA81

3 Console Messages

Source Level URL
Text
security warning URL: https://viagra9.ibmdv.com/js/iframe-resizer.parent.js(Line 19)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://99aa.shop') does not match the recipient window's origin ('https://viagra9.ibmdv.com').
network error URL: https://viagra9.ibmdv.com/fsh_static/img/home-banner-3.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://viagra9.ibmdv.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000