urlscan.io logo urlscan.io
SecurityTrails logo

buyivermectin.io Open in urlscan Pro
51.75.190.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buyivermectin.io/
Effective URL: https://buyivermectin.io/
Submission: On September 28 via api from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 51.75.190.153, located in Paris, France and belongs to OVH, FR. The main domain is buyivermectin.io.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.
This is the only time buyivermectin.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 51.75.190.153 16276 (OVH)
1 35.201.118.58 15169 (GOOGLE)
3 172.67.38.97 13335 (CLOUDFLAR...)
2 104.26.6.134 13335 (CLOUDFLAR...)
6 104.26.7.134 13335 (CLOUDFLAR...)
1 104.16.19.94 13335 (CLOUDFLAR...)
3 4 104.23.133.11 13335 (CLOUDFLAR...)
3 35.190.41.132 15169 (GOOGLE)
18 8
2    51.75.190.153 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip153.ip-51-75-190.eu
buyivermectin.io
1    35.201.118.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com
form.jotform.com
3    172.67.38.97 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    104.26.6.134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn01.jotfor.ms
6    104.26.7.134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn02.jotfor.ms
cdn03.jotfor.ms
1    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    104.23.133.11 (None, )

ASN13335 (CLOUDFLARENET, US)
www.jotform.com
events.jotform.com
3    35.190.41.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com
files.jotform.com
Domain Requested by
4 cdn02.jotfor.ms form.jotform.com
cdn02.jotfor.ms
3 files.jotform.com buyivermectin.io
3 www.jotform.com 3 redirects
2 cdn03.jotfor.ms form.jotform.com
2 cdn01.jotfor.ms form.jotform.com
2 www.statcounter.com buyivermectin.io
www.statcounter.com
2 buyivermectin.io 1 redirects
1 events.jotform.com
1 c.statcounter.com www.statcounter.com
1 cdnjs.cloudflare.com form.jotform.com
1 form.jotform.com buyivermectin.io
18 11

This site contains no links.

Subject Issuer Validity Valid
buyivermectin.io
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
*.jotform.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-28 -
2022-06-28		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://buyivermectin.io/
Frame ID: 625B8A7F22F680750F035A3CE0758653
Requests: 5 HTTP requests in this frame

Frame: https://cdn01.jotfor.ms/static/formCss.css?3.3.27940
Frame ID: 4887918300471064126FF69921040EB7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buy Ivermectin Online - BuyIvermectin.io

Page URL History Show full URLs

  1. http://buyivermectin.io/ HTTP 301
    https://buyivermectin.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

11
Subdomains

8
IPs

3
Countries

323 kB
Transfer

1064 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buyivermectin.io/ HTTP 301
    https://buyivermectin.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.jotform.com/uploads/Reum/form_files/image%20(1).614e0e48408af4.05856397.jpg HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/image%20(1).614e0e48408af4.05856397.jpg
Request Chain 10
  • https://www.jotform.com/uploads/Reum/form_files/flccc.614d3008a6c972.06106385.png HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/flccc.614d3008a6c972.06106385.png
Request Chain 15
  • https://www.jotform.com/uploads/Reum/form_files/output-onlinetools%20(18).614d0885976698.58525329.png HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/output-onlinetools%20(18).614d0885976698.58525329.png

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buyivermectin.io/
Redirect Chain
  • http://buyivermectin.io/
  • https://buyivermectin.io/
934 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.75.190.153 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip153.ip-51-75-190.eu
Software
nginx / PleskLin
Resource Hash
d3cb77739776b54e145c35b5595ed8eb8ff9793b496e3be88edeef42b0527d5a

Request headers

:method
GET
:authority
buyivermectin.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 28 Sep 2021 03:07:51 GMT
content-type
text/html
x-accel-version
0.01
last-modified
Fri, 24 Sep 2021 20:16:18 GMT
etag
W/"3a6-5ccc36b8bd15a"
x-powered-by
PleskLin
content-encoding
br

Redirect headers

Server
nginx
Date
Tue, 28 Sep 2021 03:07:51 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://buyivermectin.io/
212635437266256
form.jotform.com/jsform/ 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.jotform.com/jsform/212635437266256
Requested by
Host: buyivermectin.io
URL: https://buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
CacheX v2.1 /
Resource Hash
2a6e248e5b89b308a72e126e8248955e288b299b9d506d0a575cb5b656e3a578

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:51 GMT
content-encoding
gzip
cache-hit
1
server
CacheX v2.1
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:01 GMT
counter.js
www.statcounter.com/counter/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: buyivermectin.io
URL: https://buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b96ebcd88975441922975f3ff294f65099b87f48367b9513a2b05472dfb621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 09:31:44 GMT
server
cloudflare
age
19013
etag
W/"61163c00-99a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6959c3907a9e215d-DUS
expires
Tue, 28 Sep 2021 09:50:58 GMT
formCss.css
cdn01.jotfor.ms/static/ Frame 4887 		66 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/static/formCss.css?3.3.27940
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984931326ae3d3bc9c29791ce5b9d53f9dfb75a227903b8f4c406642471a66f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6959c39219a440e3-LHR
date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Mon, 27 Sep 2021 16:38:28 GMT
server
cloudflare
etag
W/"6151f384-10767"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tD1O4sptXYxIR%2FL9QhqTZpRyc03l93IlK1qNUTUCdjmgOhz3Bgoi3yMud4WFT3R4H1s3KvtvMIBaB6mNJP0hJTbvyRotXEa4X0iVVhO6PFCVdG1EH5YTZBihdSvD%2FkPfJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 01 Jan 1970 00:00:01 GMT
nova.css
cdn02.jotfor.ms/css/styles/ Frame 4887 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.27940
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c3f597b3248a21fcfc4e20c520b20e2ae03c827bf5d15392abefa44cfb982f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37655
content-encoding
br
last-modified
Wed, 07 Jul 2021 07:55:32 GMT
server
cloudflare
etag
W/"60e55df4-7dca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHsX%2BoCfgPl9t3sFAIYYzV8Nzj3wwx4JCTXsi%2BuP3phSTIgjNKlT1di16ureV5qf7wBEK13ZvBDHhiCPbobDQKxBROqpldFVeZV7%2BvpSUIWYCF51RhtvXHUXaaZWAkhNrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000, public
cf-ray
6959c39228350672-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
566a91c2977cdfcd478b4567.css
cdn03.jotfor.ms/themes/CSS/ Frame 4887 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?themeRevisionID=5f6c4c83346ec05354558fe8
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding
br
pragma
no-cache
last-modified
Thu, 24 Sep 2020 07:36:35 GMT
server
cloudflare
etag
W/"cbc5f2f3554f28da655f17836110d89a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd5xa5KzWOH2W00p3SludTW6P0KGFihQ5ZWj9n0exhLmGGFIwLIeo9PiHyxFUuELDLiAU16AlKYNSWF2NcPmobqFfswZme4re%2FhhziSyz9XSfgDY7XBujHdZlz9Mt%2FdgwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6959c3921acb65cb-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
payment_feature.css
cdn01.jotfor.ms/css/styles/payment/ Frame 4887 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/css/styles/payment/payment_feature.css?3.3.27940
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbfe016bc82f68a5d7c0646201c46ee424475bb679608f99a9b38c336b4520d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37655
content-encoding
br
last-modified
Tue, 06 Jul 2021 12:40:16 GMT
server
cloudflare
etag
W/"60e44f30-91a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0VIcjtAue8apninFbMB2KqVOHMjyDktLjuGg1FXrVANXdhNBj7jn09qOJPHAnpN53%2BkbrVe71PSbLYQCzGrgloIEYMww1DdYlOflF45a05ou1UgAA9iHEflGLrZbs5zDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000, public
cf-ray
6959c39219a640e3-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
prototype.forms.js
cdn02.jotfor.ms/static/ Frame 4887 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/static/prototype.forms.js
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a767bbec1a4ac999a027520af58a654b74e2e54f6af0960b46384f00b550481

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6959c39228360672-LHR
date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Mon, 27 Sep 2021 16:38:28 GMT
server
cloudflare
etag
W/"6151f384-1f947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSi3h8oqXAgGdoddKjH4VRXg7uSm8gG%2FCa0lS%2B1kViDxIEYu1yDbFnAFi1JTyv%2BjB2fWxr5asol%2F52eFIVtDQEFOnv0fzRXth083aXAOaOvZ7%2BGSd4Y0LsnzR%2FhYvYtV8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
no-cache, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 01 Jan 1970 00:00:01 GMT
jotform.forms.js
cdn03.jotfor.ms/static/ Frame 4887 		522 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/static/jotform.forms.js?3.3.27940
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da8b5fc7baa5e1e56efe6123ac712f3aa35ea72ba31124cda52b3623dd14280

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6959c3921acd65cb-LHR
date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Mon, 27 Sep 2021 16:38:28 GMT
server
cloudflare
etag
W/"6151f384-8292e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N85NLsvtZ%2FHoF9LhwYCnZ%2FL8v%2F8YAqqgjEULpatC306o8vwhy%2FKFaJYkc9udlQvnGqxsR5x3jBf7YLcf090xIyem%2Bkt2ttgIDyWybjNsIKNkXiaCGKmMUgrPq47eQ3wBNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
no-cache, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 01 Jan 1970 00:00:01 GMT
punycode.js
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 4887 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
469036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4177
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fac-394e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6GENxyRf6tvCLm9GvJyfOT7Cmv%2BR4Kfkm82KUrGWf88qOA9fDDxaFtbkTKK9c15e3EDDoBxJWXZRlRPUgr6qCe9Tbztu59CtVCYmTMlnp54RkozKeALMrmw5ZMPSNNhhw3%2FUrd2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6959c391ee752151-DUS
expires
Sun, 18 Sep 2022 03:07:51 GMT
image%20(1).614e0e48408af4.05856397.jpg
files.jotform.com/jufs/Reum/form_files/ Frame 4887
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/image%20(1).614e0e48408af4.05856397.jpg
  • https://files.jotform.com/jufs/Reum/form_files/image%20(1).614e0e48408af4.05856397.jpg
40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/image%20(1).614e0e48408af4.05856397.jpg
Requested by
Host: buyivermectin.io
URL: https://buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
21a1c9cc15cf2bfc98668214cd929c3f05634a91f5c52cefe2d954686ac5025a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
content-disposition
attachment; filename="image (1).614e0e48408af4.05856397.jpg"
alt-svc
clear
content-type
application/octet-stream

Redirect headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 28 Sep 2021 03:07:52 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/image%20(1).614e0e48408af4.05856397.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6959c3920c803b97-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
flccc.614d3008a6c972.06106385.png
files.jotform.com/jufs/Reum/form_files/ Frame 4887
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/flccc.614d3008a6c972.06106385.png
  • https://files.jotform.com/jufs/Reum/form_files/flccc.614d3008a6c972.06106385.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/flccc.614d3008a6c972.06106385.png
Requested by
Host: buyivermectin.io
URL: https://buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f7acb922cf69b8d130198cacea2838a1d2e60202eb637369a383287bce025ae1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
content-disposition
attachment; filename="flccc.614d3008a6c972.06106385.png"
alt-svc
clear
content-type
application/octet-stream

Redirect headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 28 Sep 2021 03:07:52 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/flccc.614d3008a6c972.06106385.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6959c3920c813b97-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
t.php
c.statcounter.com/ 		192 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12631192&u1=3A1858D2A1014F404C08800749646E54&java=1&security=3ea09c29&sc_snum=1&sess=508215&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//buyivermectin.io/&t=Buy%20Ivermectin%20Online%20-%20BuyIvermectin.io&invisible=1&sc_rum_e_s=420&sc_rum_e_e=425&sc_rum_f_s=0&sc_rum_f_e=229&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b77528c4ef55a916a6cc5e602616a79d1e7f7455030352edd6fa6360cf8338a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6959c391dc06215d-DUS
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://buyivermectin.io
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
control_appointment.css
cdn02.jotfor.ms/form-resources/dist/styles/ Frame 4887 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/form-resources/dist/styles/control_appointment.css
Requested by
Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/css/styles/nova.css?3.3.27940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932d7c2c5ee1bf28465874a487f8a78fe3afb63c03368d90f1c3cd4c48adf674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.27940
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
last-modified
Mon, 27 Sep 2021 13:29:41 GMT
server
cloudflare
etag
W/"6151c745-44b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyV1JrKfNcNg0G6eu7BVjpIUt6C%2Bom5X1W0WF5TYcAdf8qcZCOms7lU1Vr6x5TqZ%2B4%2Fw1uMa%2F%2BVoumVuoOaG%2BdSvT6GqftITP2PW%2FEZQE3a1T%2B%2F65yZstdX3LyoR22DLIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, public
cf-ray
6959c39248470672-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
control_inline.css
cdn02.jotfor.ms/form-resources/dist/styles/ Frame 4887 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/form-resources/dist/styles/control_inline.css
Requested by
Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/css/styles/nova.css?3.3.27940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667d63caae20cc231c73a06a886880b4efc7c511baa29d95d855fcb851896026

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.27940
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
last-modified
Mon, 27 Sep 2021 13:29:41 GMT
server
cloudflare
etag
W/"6151c745-745b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=py3A1sBpgBs3h9yC%2FHv4mHTdvtk3ckPeXpd8ZyB0w%2Fook0%2FK1k%2F1O3U%2BNZhE56vh84hMY0v5bQq2LyGzfGQBk3RNeKR2Xaf0uwO1rsjzv5GazoPwb7tLOLEnhks3eA0YTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, public
cf-ray
6959c39248480672-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
recorder.js
www.statcounter.com/counter/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/recorder.js
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3939d69a5af07e24c694a24e77c68848e69b94727503f33724c686f14f7262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:07:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jul 2021 08:43:59 GMT
server
cloudflare
age
22355
etag
W/"60e6bacf-d903"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6959c392aca8215d-DUS
expires
Tue, 28 Sep 2021 08:55:17 GMT
output-onlinetools%20(18).614d0885976698.58525329.png
files.jotform.com/jufs/Reum/form_files/ Frame 4887
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/output-onlinetools%20(18).614d0885976698.58525329.png
  • https://files.jotform.com/jufs/Reum/form_files/output-onlinetools%20(18).614d0885976698.58525329.png
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/output-onlinetools%20(18).614d0885976698.58525329.png
Requested by
Host: buyivermectin.io
URL: https://buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
370d6808c648febf4b0c5449fa26c73cf240aecbadbec854f3d5af1b25acdb8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
content-disposition
attachment; filename="output-onlinetools (18).614d0885976698.58525329.png"
alt-svc
clear
content-type
application/octet-stream

Redirect headers

date
Tue, 28 Sep 2021 03:07:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 28 Sep 2021 03:07:52 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/output-onlinetools%20(18).614d0885976698.58525329.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6959c3935d8b3b97-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
events.jotform.com/jsform/212635437266256/ Frame 4887 		0
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.jotform.com/jsform/212635437266256/?ref=&res=1600x1200&eventID=1632798473219_212635437266256_Id6mQyK&loc=https%253A%252F%252Fbuyivermectin.io%252F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.133.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 03:07:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Mon, 27 Sep 2021 23:07:53 GMT
server
cloudflare
access-control-allow-headers
origin, content-type, accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6959c399ba153b97-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 1 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| qsProxy function| FrameBuilder object| i212635437266256 function| handleIFrameMessage function| isPermitted number| sc_project number| sc_invisible string| sc_security function| _statcounter

7 Cookies

Domain/Path Name / Value
.buyivermectin.io/ Name: sc_is_visitor_unique
Value: rx12631192.1632798472.3A1858D2A1014F404C08800749646E54.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12631192.1632798472.0
.statcounter.com/ Name: is_visitor_unique
Value: 1632798472177296950
.jotform.com/ Name: userReferer
Value: https%3A%2F%2Fbuyivermectin.io%2F
.jotform.com/ Name: theme
Value: tile-black
.jotform.com/ Name: JOTFORM_SESSION
Value: duuas34krbkkqsk2mufu26duv7
.jotform.com/ Name: guest
Value: guest_2319d5a0442a5d6f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buyivermectin.io
c.statcounter.com
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
events.jotform.com
files.jotform.com
form.jotform.com
www.jotform.com
www.statcounter.com
104.16.19.94
104.23.133.11
104.26.6.134
104.26.7.134
172.67.38.97
35.190.41.132
35.201.118.58
51.75.190.153
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73
21a1c9cc15cf2bfc98668214cd929c3f05634a91f5c52cefe2d954686ac5025a
2a6e248e5b89b308a72e126e8248955e288b299b9d506d0a575cb5b656e3a578
2a767bbec1a4ac999a027520af58a654b74e2e54f6af0960b46384f00b550481
33c3f597b3248a21fcfc4e20c520b20e2ae03c827bf5d15392abefa44cfb982f
370d6808c648febf4b0c5449fa26c73cf240aecbadbec854f3d5af1b25acdb8c
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
4b77528c4ef55a916a6cc5e602616a79d1e7f7455030352edd6fa6360cf8338a
5da8b5fc7baa5e1e56efe6123ac712f3aa35ea72ba31124cda52b3623dd14280
667d63caae20cc231c73a06a886880b4efc7c511baa29d95d855fcb851896026
8a3939d69a5af07e24c694a24e77c68848e69b94727503f33724c686f14f7262
932d7c2c5ee1bf28465874a487f8a78fe3afb63c03368d90f1c3cd4c48adf674
984931326ae3d3bc9c29791ce5b9d53f9dfb75a227903b8f4c406642471a66f8
d3cb77739776b54e145c35b5595ed8eb8ff9793b496e3be88edeef42b0527d5a
d6b96ebcd88975441922975f3ff294f65099b87f48367b9513a2b05472dfb621
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7acb922cf69b8d130198cacea2838a1d2e60202eb637369a383287bce025ae1
fcbfe016bc82f68a5d7c0646201c46ee424475bb679608f99a9b38c336b4520d