Report - medicineeducation.in/is/usemreser

Report Overview

Submitted URL
medicineeducation.in/is/usemreser
IP
162.214.80.70
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-03-01 02:11:54
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	35 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	33 kB	34.120.237.76
medicineeducation.in	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	25 kB	1.4 MB	162.214.80.70
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	942 B	85 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	216.58.211.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	1.6 kB	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	12 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.216.206.159

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-01	medium	medicineeducation.in/is/usemreser	Malware
2023-03-01	medium	medicineeducation.in/js/modernizr.min.js	Malware
2023-03-01	medium	medicineeducation.in/js/popper.min.js	Malware
2023-03-01	medium	medicineeducation.in/js/jquery-migrate-3.0.0.js	Malware
2023-03-01	medium	medicineeducation.in/js/scrollup.js	Malware
2023-03-01	medium	medicineeducation.in/js/magnific-popup.min.js	Malware
2023-03-01	medium	medicineeducation.in/js/easing.js	Malware
2023-03-01	medium	medicineeducation.in/js/slicknav.min.js	Malware
2023-03-01	medium	medicineeducation.in/js/active.js	Malware
2023-03-01	medium	medicineeducation.in/js/floating-wpp.min.js	Malware
2023-03-01	medium	medicineeducation.in/js/bootstrap.min.js	Malware
2023-03-01	medium	medicineeducation.in/img/rp3.jpeg	Malware
2023-03-01	medium	medicineeducation.in/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2023-03-01	medium	medicineeducation.in/fonts/fontawesome-webfont.woff?v=4.7.0	Malware
2023-03-01	medium	medicineeducation.in/js/cubeportfolio.min.js	Malware
2023-03-01	medium	medicineeducation.in/js/jquery-fancybox.min.js	Malware
2023-03-01	medium	medicineeducation.in/whatsapp.svg	Malware
2023-03-01	medium	medicineeducation.in/js/jquery.min.js	Malware
2023-03-01	medium	medicineeducation.in/js/owl-carousel.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	medicineeducation.in/js/popper.min.js	23 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/popper.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 51911c828be13832b582b80ef5ca2826 c023667bb92e33a3ab2a9b14b7cd1880e0219007 45255199c8b05f4eb6c8147b9ccf9109c81ebd658a7a2cc44212a8fd1f89886b Loading...

	medicineeducation.in/js/easing.js	6.0 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/easing.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 6417bd81c79fc4fe3b3501a85cc8b3a5 1c39a2481308f87436058b1efa25421f164cdf2a 517e7fc808071622ee36dfd290b561d381dd3890a83340ee053827eacd1f1e19 Loading...

	medicineeducation.in/js/floating-wpp.min.js	11 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/floating-wpp.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash ee1cf939fdc7a94452da3045c26c08b8 11a8993e7780abb9c4dea6f618ad37e7fd2cd22d be4375cef92a9f416a09e90985482caa2a21ef06aa9175535640ed2212b97d11 Loading...

	medicineeducation.in/js/scrollup.js	5.8 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/scrollup.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash aac731a36156341d62ff56dc9062fcf8 e8194d67b83810dc3035070fc77d84d750b6e2fc 3893b397f91ded9325880688beadbfbcc7ba05a6078faff35a4bfddc23421ae9 Loading...

	medicineeducation.in/js/slicknav.min.js	12 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/slicknav.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 1f3d30ccd4e06a54002ccd935ce586a5 0f0b4b59b267c8e8d4f6e13f34dbf3c1ec88b2e7 9aa5b9f8d2e718788d074161b041c0b66bb4c832b59fc5a301521adb617c5d27 Loading...

	medicineeducation.in/js/active.js	9.8 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/active.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 4d758ddbc07be33eb2753e12d1b50276 fb550b5f581e2538680f4b8b7beb07ca2e4d5d4e 467b171cbd8edc63218c997402280fd556610eb7e9274132a4a316d830612da2 Loading...

	medicineeducation.in/js/jquery-fancybox.min.js	56 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/jquery-fancybox.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 5a859aef2de7f45010b5cfaa8a19fc4b 83ec5681cc353fefd51a17a75d134a0c67a7b663 1f508770c5ed675d9aa74a194f9a31ae8e9b58ded0d9c47fcee32eb8eaf7c0aa Loading...

	medicineeducation.in/js/modernizr.min.js	19 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/modernizr.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 00159de51aed6b0977a869908ff6b001 7892dc9f138f6aa09986d7479557b8c49bc64ec0 a12b7a940c5426b4d2c0c48e9a1f477b33514efaccef4a252f289d54480f12a7 Loading...

	medicineeducation.in/js/bootstrap.min.js	97 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/bootstrap.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 123b32b9816cbc56e3add84e1682056b e1e3df0024d76dcf6c8cdeaf37ba78575d033af7 c42584c8d5707b6c081fbffb4c9b59863f9a1d3c6b0a2db77ce26a79e8164301 Loading...

	medicineeducation.in/js/cubeportfolio.min.js	85 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/cubeportfolio.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash f38d8f9ff4a818ef7fb6a69ac51ba574 e6f75c3e3f3d56cebdc296b836151101b559af9e b279fc90f7844a71b812ab104b1ca3ee2b6dfcb9f4732faaa96f83d34a96a4f4 Loading...

	medicineeducation.in/js/owl-carousel.min.js	57 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/owl-carousel.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 2343f3240849022cd3b031933e7a9881 9725e5f778673bfc011b09fc9a2519d8f9cda262 f5686771f0a929f948bf0db2a74ddde31986dcacb805edd13b393f34742cf854 Loading...

	medicineeducation.in/is/usemreser	1.6 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/is/usemreser IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 6f49b2d05bc4cf6f462f539299d6722b 1053a57310291faa4815f51b44f62b88a938a7b6 3e8ef89b9b654c72056f36a7bc9a42b36faf4bf6fd73209814532d92aa722d19 Loading...

	medicineeducation.in/js/magnific-popup.min.js	24 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/magnific-popup.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 70234e12022162487e83fe7c49911314 8bd387cf3a4220f00a0f30c973de327c37d45953 355204a38570bf562af4b187ece8456f76c5bb4e0680bf9bb6a28898f6ca24ff Loading...

	medicineeducation.in/js/jquery.min.js	90 kB	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/js/jquery.min.js IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 3adfa9a9056d93b96fff606662938748 939e788a6227756fc72fef11605dd5f7f01b1133 7a6618c30415cd5304e051f01b1e5e2c8dab12bf64a81da0dff7b77f506d6883 Loading...

	medicineeducation.in/is/usemreser	589 B	2023-03-14	2023-03-14
Pretty URL medicineeducation.in/is/usemreser IP 162.214.80.70 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:53:40 Last Seen2023-03-14 14:53:40 Times Seen1 Hash 6eda407a88739ba2aeac59f4bb1881f5 ef98d4aa2a0c7adb4a9f5b8a57ad59288ff54402 d899e3fd4a84c10a56f2ade97aa331d18a803376b3fc1c435d6c531bed74b7bf Loading...

HTTP Transactions (95)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5997f91ebc2eb50daf9983503bf68d86
9e173d1ec3154a6e77b673bc1ce382a531f01965
e2293a78d786cee4e424a86f17ffc821883a5da3628136dd3064c4c82ce68d5a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2293A78D786CEE4E424A86F17FFC821883A5DA3628136DD3064C4C82CE68D5A"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Wed, 01 Mar 2023 02:47:43 GMT
Date: Wed, 01 Mar 2023 02:11:42 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b44b6d7bebf34d0393567b22a63a93fa
a1a85b268bc8073d8e4622ceb78b78a1b39af96a
4b69973af6e9c5a78d94e8661b08d9349176a515e7bfb3386b10ace4c6f1ae21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B69973AF6E9C5A78D94E8661B08D9349176A515E7BFB3386B10ACE4C6F1AE21"
Last-Modified: Tue, 28 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14238
Expires: Wed, 01 Mar 2023 06:09:00 GMT
Date: Wed, 01 Mar 2023 02:11:42 GMT
Connection: keep-alive

medicineeducation.in/is/usemreser

162.214.80.70

200 OK

11 kB

URL HTTP/1.1
medicineeducation.in/is/usemreser
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
11 kB (11244 bytes)
Hash
64075889bda28a9e1c5340c820d66d43
ffccd082e7ea108ab5ea75f1ad8d21b44a7c767e
e5fcf1265527736e4766b076be5984c94a2c9a27c43e0d13ac3c4ea1772e0a2e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /is/usemreser HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 01 Mar 2023 02:11:43 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 11244
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: HIT

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Mar 2023 01:12:49 GMT
content-type: application/json
age: 3534
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1fc53096a9ed90534f34db55765fe755
00462323483a73d48261b8e8a0981bec58ef832a
bcfb9a09fd0882661e1eddc5bde947142897dfe816d535ed2cbfb1aa34823bd7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCFB9A09FD0882661E1EDDC5BDE947142897DFE816D535ED2CBFB1AA34823BD7"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3044
Expires: Wed, 01 Mar 2023 03:02:27 GMT
Date: Wed, 01 Mar 2023 02:11:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ipaVInWuiUk2ACxdkEte2g3T+Ot+gYWGLHhFNoYrA7AgsCdMaKWQyGGAem5GSjykVWDN/IDHF1A=
x-amz-request-id: JT4W726JA7PXCWS9
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Mar 2023 01:32:27 GMT
age: 2356
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Mar 2023 02:11:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Mar 2023 02:11:43 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 36381
expires: Mon, 19 Feb 2024 02:11:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvT16U%2FcKAftwWO%2FRaJJ0Ky1sAdjS%2BXPBeCGjcaX3yKM%2FxXyJHx%2BhN%2Fm3XBh3C%2B63%2BkHvmKQOgZ58FSvc%2Ba0fKZUOOxkPZsx4Qg%2F84ap4tau9UoO1H40VM6HwuECHtzLcjm3Vm8v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a0ddef34b7db527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
075db557635793632d91c6d220714041
28fe9fa6377b2658fb1d90c6c81be80eb96874b2
9f225746c23128917d7f062d6c9db7822513922b73833d08645a78b83f137f9b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 02:11:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

997 B

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
997 B (997 bytes)
Hash
54c96da131eb096722773a74dea15806
49e884cc8ca2713a2950c0e738e7e7362eb41601
79b272933d30a70ef6a91c2d890bf7ca57da6846d6db34c97603f011b65c3344

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Mar 2023 02:11:43 GMT
date: Wed, 01 Mar 2023 02:11:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e9cb88ce4d620d596dcc5652b7958f
91479de14bcc1be89822c49f4c755d9e9879b291
e934a9bc4b7cb3691761d13b20b1035ac77604915275cffdad54137b4df5347d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E934A9BC4B7CB3691761D13B20B1035AC77604915275CFFDAD54137B4DF5347D"
Last-Modified: Mon, 27 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Wed, 01 Mar 2023 08:11:24 GMT
Date: Wed, 01 Mar 2023 02:11:43 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e9cb88ce4d620d596dcc5652b7958f
91479de14bcc1be89822c49f4c755d9e9879b291
e934a9bc4b7cb3691761d13b20b1035ac77604915275cffdad54137b4df5347d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E934A9BC4B7CB3691761D13B20B1035AC77604915275CFFDAD54137B4DF5347D"
Last-Modified: Mon, 27 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 01 Mar 2023 08:11:43 GMT
Date: Wed, 01 Mar 2023 02:11:43 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e9cb88ce4d620d596dcc5652b7958f
91479de14bcc1be89822c49f4c755d9e9879b291
e934a9bc4b7cb3691761d13b20b1035ac77604915275cffdad54137b4df5347d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E934A9BC4B7CB3691761D13B20B1035AC77604915275CFFDAD54137B4DF5347D"
Last-Modified: Mon, 27 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 01 Mar 2023 08:11:43 GMT
Date: Wed, 01 Mar 2023 02:11:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Mar 2023 02:03:35 GMT
age: 488
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86ee5ec07e3bf388c1e40f808e47ee7a
b940cd9b2d5249dc255b4606d14e7b0e3f46255d
9de4af690ed07855f0ee0f817538f23363e66954794809b13d9f037a7b2e35b5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DE4AF690ED07855F0EE0F817538F23363E66954794809B13D9F037A7B2E35B5"
Last-Modified: Tue, 28 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Wed, 01 Mar 2023 08:11:30 GMT
Date: Wed, 01 Mar 2023 02:11:43 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86ee5ec07e3bf388c1e40f808e47ee7a
b940cd9b2d5249dc255b4606d14e7b0e3f46255d
9de4af690ed07855f0ee0f817538f23363e66954794809b13d9f037a7b2e35b5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DE4AF690ED07855F0EE0F817538F23363E66954794809B13D9F037A7B2E35B5"
Last-Modified: Tue, 28 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Wed, 01 Mar 2023 08:10:47 GMT
Date: Wed, 01 Mar 2023 02:11:43 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3fdddc7cbd8ba19f4dde13325bc11ac8
5c8ea22f609187f7952c658a029d9fa9dc1c7fec
023903e256b75a839fa44d71f252cfa51f9ec26529c0a37a98cdbd6c10384365

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "023903E256B75A839FA44D71F252CFA51F9EC26529C0A37A98CDBD6C10384365"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6900
Expires: Wed, 01 Mar 2023 04:06:43 GMT
Date: Wed, 01 Mar 2023 02:11:43 GMT
Connection: keep-alive

medicineeducation.in/css/owl-carousel.min.css

162.214.80.70

200 OK

1.7 kB

URL HTTP/2
medicineeducation.in/css/owl-carousel.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.7 kB (1716 bytes)
Hash
092a5b492732794204761c841f85ec35
fae3d1c8d9b9a05f275e252afca083780857feea
693f41c209cf6d0b9348aeae2124160b8966c5daf653164407707656e0529c33

HTTP Headers

GET /css/owl-carousel.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1716
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/animate.min.css

162.214.80.70

200 OK

6.2 kB

URL HTTP/2
medicineeducation.in/css/animate.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
6.2 kB (6172 bytes)
Hash
3408c8dc37baba1d8457ffd38fef0a5c
36ec0bf8c0fa4fd3a62d4e0d0a433eb9296e2a21
96b17214b4d09951c0c90033340e7f2b71fac79ecea8d2e3fff69a5ee2f9ad09

HTTP Headers

GET /css/animate.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6172
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/reset.css

162.214.80.70

200 OK

6.6 kB

URL HTTP/2
medicineeducation.in/css/reset.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
6.6 kB (6628 bytes)
Hash
e60474d24a468d3238b2d0dd51a9e118
f3f64eb3b54463dc430636a6a6ba245e7eca3ccc
5f9eea8f4b31095b6ff15c5593be0aa03713dc94bcd85ed2cabef10624e44e2b

HTTP Headers

GET /css/reset.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6628
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/slicknav.min.css

162.214.80.70

200 OK

860 B

URL HTTP/2
medicineeducation.in/css/slicknav.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2420)
Size
860 B (860 bytes)
Hash
283fc641a7d2b860c2a949114b02657a
8f21b9f1bc18c89a4fa8b5a5515925003b5d7761
ed9466d9775da1a1fc2f5f5f11219971bb9e34f33f7c477135bb2a00ee916bc7

HTTP Headers

GET /css/slicknav.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 860
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/spaces.css

162.214.80.70

200 OK

248 B

URL HTTP/2
medicineeducation.in/css/spaces.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
248 B (248 bytes)
Hash
ec06608a142ac6801933366a975618ff
306635f209a2ef705de0a3f40d81b0c971e36147
16040eaa88806e54e32c2c1c7f1b87dbbcc106eb303d88a3539e61b0782f5e76

HTTP Headers

GET /css/spaces.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 248
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/floating-wpp.min.css

162.214.80.70

200 OK

667 B

URL HTTP/2
medicineeducation.in/css/floating-wpp.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1852)
Size
667 B (667 bytes)
Hash
e204672e31ff4219e83422d399663b0f
d3320c65e6e251d2de5f3e5c5987649c3490aa08
397fa73a2c5dceeee899b4cdb1d12fb1c9ba0ea999b4579ce2c8e6a1644103f4

HTTP Headers

GET /css/floating-wpp.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 667
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/responsive.css

162.214.80.70

200 OK

4.4 kB

URL HTTP/2
medicineeducation.in/css/responsive.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
4.4 kB (4368 bytes)
Hash
7bd37815baee41b274936fbe9eec7278
06825bff813e17d8a84caa33fe7bc4afcd899787
11829bd20cc0e149af9cbd7ac618ee45dd1589596cea3d49368625ce431146d4

HTTP Headers

GET /css/responsive.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4368
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.216.206.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.206.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J9BIw0NPVEEwn4OI7MDNSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UhNQIAImpqt+GtLzKEMZaTJvnXc=

medicineeducation.in/css/magnific-popup.min.css

162.214.80.70

200 OK

2.0 kB

URL HTTP/2
medicineeducation.in/css/magnific-popup.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (6108)
Size
2.0 kB (2018 bytes)
Hash
721ec9be1d03bfae0a5275b875c1a85a
4da86fb5c1102107dcd4834c43dbb820e101fa83
e73765ba565ba57da580bd29689b7ee26c7ccff25cf5b79bf50be9dde649b397

HTTP Headers

GET /css/magnific-popup.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2018
content-type: text/css
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/modernizr.min.js

162.214.80.70

200 OK

8.5 kB

URL HTTP/2
medicineeducation.in/js/modernizr.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (14856)
Size
8.5 kB (8477 bytes)
Hash
9a48d4a50b3602e12141c06b84d61d18
de64d483b405a8f220476da1d29e36c9073f57a7
9b42a1c7c7dd4931d90b43f0ac9dda1a26fdce7f4d2a17171c40375214af8a51

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/modernizr.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8477
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/font-awesome.css

162.214.80.70

200 OK

7.3 kB

URL HTTP/2
medicineeducation.in/css/font-awesome.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
troff or preprocessor input, ASCII text, with very long lines (374)
Size
7.3 kB (7334 bytes)
Hash
6a6554ec1dcfe9588cd8f2835f8c219d
3b5daf371dbc23919615c194c8248e1a097caa4f
3a13ec759996ee7084feea64ef53c8d88a31ea2cee7078261aef0fd4b1ae01f4

HTTP Headers

GET /css/font-awesome.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7334
content-type: text/css
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/jquery.fancybox.min.css

162.214.80.70

200 OK

4.4 kB

URL HTTP/2
medicineeducation.in/css/jquery.fancybox.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (13705), with no line terminators
Size
4.4 kB (4402 bytes)
Hash
d573533694dc2554cbfe0a0fe548361f
4c509492a6aada459068959f48ff6a1f84a6d838
81ec2639a84d13de929ff97eb0d1ab54342d30620356ec29a00a1dcf23f9e80e

HTTP Headers

GET /css/jquery.fancybox.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4402
content-type: text/css
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/logo.png

162.214.80.70

200 OK

13 kB

URL HTTP/2
medicineeducation.in/img/logo.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 190 x 95, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12982 bytes)
Hash
ae505d226d8cf065a89616416ae1728d
616449e160bb583fca3475dd5fa3fd5593d3daf9
275c84d7ebe6cabc7dd1cdd967db156ababa34ac9b2dceec839aa5b7ba842a07

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:23 GMT
accept-ranges: bytes
content-length: 12982
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/popper.min.js

162.214.80.70

200 OK

9.6 kB

URL HTTP/2
medicineeducation.in/js/popper.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (19063)
Size
9.6 kB (9594 bytes)
Hash
5af00b504a0f51c4b5ab6d77ff3fe955
853534d3ce92da09ca35d5da717ce6421923d430
05c02c37b8f7783f1752cbf75a23105adfea3e29a4d1cb124b8b3d63a63b1439

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/popper.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9594
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 02:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 02:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 04:05:31 GMT
expires: Tue, 27 Feb 2024 04:05:31 GMT
cache-control: public, max-age=31536000
age: 165973
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 02:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 02:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

medicineeducation.in/js/jquery-migrate-3.0.0.js

162.214.80.70

200 OK

4.3 kB

URL HTTP/2
medicineeducation.in/js/jquery-migrate-3.0.0.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (7008)
Size
4.3 kB (4287 bytes)
Hash
5bf5dbe5ed9d85dadb8f7e1cf70ffbcb
145f795b150e466ea8f89df0a4e177e54e2a5dd9
a2d63d711f943e886bef6a5644c5e935b9bd7263c48a38bd6a2331a5f37f4610

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/jquery-migrate-3.0.0.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4287
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Feb 2023 09:41:15 GMT
expires: Wed, 28 Feb 2024 09:41:15 GMT
cache-control: public, max-age=31536000
age: 59429
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

medicineeducation.in/img/ki.jpg

162.214.80.70

200 OK

9.3 kB

URL HTTP/2
medicineeducation.in/img/ki.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
9.3 kB (9302 bytes)
Hash
564381589c9203d7b1f7db601976ea06
9b1d1aa9d501a4175e617a5562b3a08e97e889c2
31d7e72a86e771e9f6558c7bc6c4581bc697b3a8d5fd53d5cd774cb3d0563a7f

HTTP Headers

GET /img/ki.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:22 GMT
accept-ranges: bytes
content-length: 9302
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Feb 2023 02:42:38 GMT
expires: Wed, 28 Feb 2024 02:42:38 GMT
cache-control: public, max-age=31536000
age: 84546
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

medicineeducation.in/js/scrollup.js

162.214.80.70

200 OK

2.3 kB

URL HTTP/2
medicineeducation.in/js/scrollup.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (1872)
Size
2.3 kB (2331 bytes)
Hash
f8ee34083f5fafe5bf72a63aabae752d
72107f0b40caee8c21cb9b1129fad565c38dd9d1
196b5ef45e745dbca904f58df4798ac7fbdc9301a49dadb67acf156ea94728f2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/scrollup.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2331
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 14:34:21 GMT
expires: Fri, 23 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 473843
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

medicineeducation.in/js/magnific-popup.min.js

162.214.80.70

200 OK

11 kB

URL HTTP/2
medicineeducation.in/js/magnific-popup.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (20114)
Size
11 kB (10614 bytes)
Hash
9c586254eb5b9dbdfdeb5a7df2e20367
5605ac1e4f4fc31060f7c5ca0087f0a822cca328
450b668339ac559ae2da65beb32a5a36ad5b6e801290c412394e14ce5e6dd87c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/magnific-popup.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10614
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/easing.js

162.214.80.70

200 OK

2.1 kB

URL HTTP/2
medicineeducation.in/js/easing.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2302)
Size
2.1 kB (2121 bytes)
Hash
b719f0d009adb568b64adb5f137fdd8d
8f73d1b776b08a1e8df761677adb0ed324d1b6f6
d50d0b4121d11bd42b7480df5a9fe0e556c450c25ae42cc01550af49847ee86a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/easing.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2121
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/slicknav.min.js

162.214.80.70

200 OK

4.3 kB

URL HTTP/2
medicineeducation.in/js/slicknav.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (8338)
Size
4.3 kB (4335 bytes)
Hash
838e809a6f202f473ddd61a8193bc590
1e190958d07f0301e1a684930636b81675ce7905
20afde471ea92ab120391cd4ec3b16302fc2d62edcd8af5faeaca70a61d34dae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/slicknav.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4335
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/active.js

162.214.80.70

200 OK

2.8 kB

URL HTTP/2
medicineeducation.in/js/active.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
2.8 kB (2815 bytes)
Hash
caf8670cfe823423ab4ed0b614dc35d2
712f7c7b6fe12e25604e2e6dc7ceca6203c25bbb
ba5d5fe475cfd7b3e207fed8aee0fa0dcf858667f41c7a90bec3c7547a7acab6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/active.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2815
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/floating-wpp.min.js

162.214.80.70

200 OK

5.4 kB

URL HTTP/2
medicineeducation.in/js/floating-wpp.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (7473)
Size
5.4 kB (5394 bytes)
Hash
6f66dff4e3d7c51c2d203ded21e18a0f
30c3c97ee73411e9fac50e87ce21df1003c7dff4
885200179f66d149af03ca6b5c54d312f431073e73a6c056b133a4d5d7ab750f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/floating-wpp.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5394
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/kle.png

162.214.80.70

200 OK

16 kB

URL HTTP/2
medicineeducation.in/img/kle.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced\012- data
Size
16 kB (15675 bytes)
Hash
fe65cfd44bf2ded0181a840e022ee26b
5be1dc41b159785ac224e3b04f081c67d9920f92
36029635c54c94ec7675dd3d7d57e0fc3f9baa6adbb9f3368bab8b0dfe60f19a

HTTP Headers

GET /img/kle.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:22 GMT
accept-ranges: bytes
content-length: 15675
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 02:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

medicineeducation.in/js/bootstrap.min.js

162.214.80.70

200 OK

38 kB

URL HTTP/2
medicineeducation.in/js/bootstrap.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (509)
Size
38 kB (37989 bytes)
Hash
46cff6c6e8888286d109f0f4f835c27c
23e8c604b92e53c6f1238ee2632d695f8c07820f
1be0a4d93b8258af683ed8ed99b33dea80e744d04fd5ca55eb0a44fc7a1fe679

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/process2.png

162.214.80.70

200 OK

6.4 kB

URL HTTP/2
medicineeducation.in/img/process2.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6350 bytes)
Hash
de92431e4439f46708970cba7f208974
fc41570f293e0ce3a03d63ba8f63d1f25162778f
123243febdf741c2219c79b3ac966fc97ff19f5b299d359c5964311e1c3ec35a

HTTP Headers

GET /img/process2.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:34 GMT
accept-ranges: bytes
content-length: 6350
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/saveetha-institute-logo.jpg

162.214.80.70

200 OK

11 kB

URL HTTP/2
medicineeducation.in/img/saveetha-institute-logo.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, progressive, precision 8, 200x200, components 3\012- data
Size
11 kB (10590 bytes)
Hash
1bc7f47976b81867a65644316f1ebcf4
f7c29900f6b30fd4e655e3bc2152af7943f83663
a5fda2d83ba5d21b0da34bad88c47e2913b02c829eb56a9d8c78a459b83bcdf2

HTTP Headers

GET /img/saveetha-institute-logo.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:41 GMT
accept-ranges: bytes
content-length: 10590
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/lefooterlogo.png

162.214.80.70

200 OK

11 kB

URL HTTP/2
medicineeducation.in/img/lefooterlogo.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10652 bytes)
Hash
de4cd2fba13b96d5285b1dc423507c51
6bfc717116022b1af3ebe08961600979f2802d3b
230fb96de1ca5ffe05e0d721fd15876ddd9301621fcb74660d415b12bb91e733

HTTP Headers

GET /img/lefooterlogo.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:23 GMT
accept-ranges: bytes
content-length: 10652
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/download-3.jpg

162.214.80.70

200 OK

5.3 kB

URL HTTP/2
medicineeducation.in/img/download-3.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Size
5.3 kB (5281 bytes)
Hash
d0e42887e27bcbacc8bac3541352ce1e
6a670a1d888043500cdf02e18c190759526cd3ca
4286084c50660be0a3ef1b9c501e97215c8b3e142e7870fe7e3889a3a181ad9f

HTTP Headers

GET /img/download-3.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:18 GMT
accept-ranges: bytes
content-length: 5281
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/pp1.jpg

162.214.80.70

200 OK

2.7 kB

URL HTTP/2
medicineeducation.in/img/pp1.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
2.7 kB (2669 bytes)
Hash
fdfb699940dde59847fe42cf1ea34d13
520391b13706c5ae3aab423280acd9c59617adbe
23ca9e51ecb2035054b24da662d533b8dbb70c143e0c0b80c5e835ad7be1ad64

HTTP Headers

GET /img/pp1.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:32 GMT
accept-ranges: bytes
content-length: 2669
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/new-sriher-icon-logo-removebg-preview-150x150.png

162.214.80.70

200 OK

14 kB

URL HTTP/2
medicineeducation.in/img/new-sriher-icon-logo-removebg-preview-150x150.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13504 bytes)
Hash
808dfcf94aeba68e80b2838697f42ec1
9e5e6276da17efe1a055cd727fa57ddf450714f4
65197df2ef23330ef0d0ebd91f098419568e61b256ec361e1279a2d45f3122c8

HTTP Headers

GET /img/new-sriher-icon-logo-removebg-preview-150x150.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:29 GMT
accept-ranges: bytes
content-length: 13504
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/rp2.png

162.214.80.70

200 OK

16 kB

URL HTTP/2
medicineeducation.in/img/rp2.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15801 bytes)
Hash
5124508b2116c5507ce819027f1c4b0b
fd1dba8d09c632be346af649fee8ce5cbc421650
39fb4416ee181cbcfd4d1d1beefdd3e3ff2eeb1e2b7c56126634edf70ce053e0

HTTP Headers

GET /img/rp2.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:39 GMT
accept-ranges: bytes
content-length: 15801
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/Vydehi_Logo_1-removebg-preview-183x183.png

162.214.80.70

200 OK

8.2 kB

URL HTTP/2
medicineeducation.in/img/Vydehi_Logo_1-removebg-preview-183x183.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 183 x 183, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8191 bytes)
Hash
9746cfb8a78d119d75be6eb0e8d6c411
a4cabdb0aec2171bbf701f503ed76466ecf12004
fd319abcd0fbf2bc76ab63ea86b6f15d2e731c849f1433f2f1cd14abf2f3edb9

HTTP Headers

GET /img/Vydehi_Logo_1-removebg-preview-183x183.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:47 GMT
accept-ranges: bytes
content-length: 8191
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/rp3.jpeg

162.214.80.70

200 OK

3.5 kB

URL HTTP/2
medicineeducation.in/img/rp3.jpeg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Size
3.5 kB (3524 bytes)
Hash
af8a0c3b7f2ba87eb7f3d30e26f0c033
dc0a4fbe4098b2e1ea576ee19d58294ecdecf6a7
eaf2dd3129802f2b5b5c1879c737a449ef085c5c309310a6182b9c343e99ceae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /img/rp3.jpeg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Mar 2023 02:11:45 GMT
server: nginx/1.21.6
content-type: image/jpeg
content-length: 3524
last-modified: Tue, 08 Mar 2022 17:04:40 GMT
x-server-cache: true
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

medicineeducation.in/img/mgm.png

162.214.80.70

200 OK

29 kB

URL HTTP/2
medicineeducation.in/img/mgm.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28668 bytes)
Hash
06896015193131f0451abf691e810935
760ed5ad2613ede62aeef512f4e061ba561249a5
01efd1ae89eb22a641e4dc5bb7079f32ab8227e79f063e947ccda54e6f24c6c2

HTTP Headers

GET /img/mgm.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:28 GMT
accept-ranges: bytes
content-length: 28668
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/process3.png

162.214.80.70

200 OK

20 kB

URL HTTP/2
medicineeducation.in/img/process3.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20080 bytes)
Hash
8300002b0bd7e0d2b869a3786b58b615
dfa8e50a8f9d3a3b1478c0a6262427270d1015b6
2bffcb44256aed5701b0f6aaafcbb8569247a70d470c99513662e44a0832ddc0

HTTP Headers

GET /img/process3.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:36 GMT
accept-ranges: bytes
content-length: 20080
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/mysoreplace-image-1-e1600328139955.jpg

162.214.80.70

200 OK

26 kB

URL HTTP/2
medicineeducation.in/img/mysoreplace-image-1-e1600328139955.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 351x230, components 3\012- data
Size
26 kB (25593 bytes)
Hash
a9d6f1b0c3b5dcba19734e0fcea073e8
1fe9fe3f668e0d69188fe0c29eac98d435b82394
27af0170c1f4e9792d96983866311d2a27aa7fe5d898d89d830867484cf4188f

HTTP Headers

GET /img/mysoreplace-image-1-e1600328139955.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 17:18:57 GMT
accept-ranges: bytes
content-length: 25593
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/madurai-temple-picture-id614963888-696x435-1.jpg

162.214.80.70

200 OK

26 kB

URL HTTP/2
medicineeducation.in/img/madurai-temple-picture-id614963888-696x435-1.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 350x230, components 3\012- data
Size
26 kB (25733 bytes)
Hash
312abe2e5cb57447655b2700092c6222
c4f88fe522dba29bc6b9d9c3b502c3680f339094
8770745381949bcd623e6f36fbba32b7e350ceda64a3e8a23550e2d9b5a0097a

HTTP Headers

GET /img/madurai-temple-picture-id614963888-696x435-1.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 17:19:01 GMT
accept-ranges: bytes
content-length: 25733
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/rp1.png

162.214.80.70

200 OK

23 kB

URL HTTP/2
medicineeducation.in/img/rp1.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (22971 bytes)
Hash
fe7a0a704959804983e49f6b3fbe7dec
566e3550853a63e531a2ed2646691d0f1bd1c09a
2fa430c4b3d9ced3c040d0dda072bd0375b1a0f1b560ab93c26494cd7a6c3be0

HTTP Headers

GET /img/rp1.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:37 GMT
accept-ranges: bytes
content-length: 22971
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/N-K-P-Salve-Institute-of-Medical-Sciences-Research-CenterNagpur-150x150.png

162.214.80.70

200 OK

28 kB

URL HTTP/2
medicineeducation.in/img/N-K-P-Salve-Institute-of-Medical-Sciences-Research-CenterNagpur-150x150.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28061 bytes)
Hash
a288b112c72ad11a36517276d958e7c1
e1b9c4edbcf40cd6fa45a1c7dc13299b98cfeda6
a563f31f32d4da30d9ac4e296fc3c592fb0478fb0554e8ddaa31ed358dc82491

HTTP Headers

GET /img/N-K-P-Salve-Institute-of-Medical-Sciences-Research-CenterNagpur-150x150.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:28 GMT
accept-ranges: bytes
content-length: 28061
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/MAPIMS_logo-removebg-preview-150x150.png

162.214.80.70

200 OK

47 kB

URL HTTP/2
medicineeducation.in/img/MAPIMS_logo-removebg-preview-150x150.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
47 kB (46886 bytes)
Hash
eb30ce678063615ab1993ac2967b824b
c2e106973614f67636506ba4c33b950168b4bcfa
37957e782ffd2f189e887f16be298b984ad71b7b910619af3355c548610837ca

HTTP Headers

GET /img/MAPIMS_logo-removebg-preview-150x150.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:26 GMT
accept-ranges: bytes
content-length: 46886
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/Hyderabad-dsc03577-2.jpg

162.214.80.70

200 OK

42 kB

URL HTTP/2
medicineeducation.in/img/Hyderabad-dsc03577-2.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 496x328, components 3\012- data
Size
42 kB (42095 bytes)
Hash
dbe8a3318ad18e0950a676ff5fec76b7
28b2f291151b33348abea74728f9eaff30ede102
6a78f153d8c76e2511bf71b683c5d15a55a14f4e86eb3e2c2d56ecc52181569a

HTTP Headers

GET /img/Hyderabad-dsc03577-2.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 17:18:51 GMT
accept-ranges: bytes
content-length: 42095
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/TajMahalcover.jpg

162.214.80.70

200 OK

67 kB

URL HTTP/2
medicineeducation.in/img/TajMahalcover.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 700x460, components 3\012- data
Size
67 kB (66674 bytes)
Hash
08f7b595e0755953a3cddb19b528922e
98f82d728a3b0f2ad5a09e6b67196f4c66b35f92
028cda7c6328c92df0f534586014eadc41e7564825e6583f207e84b264d5bfdb

HTTP Headers

GET /img/TajMahalcover.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 17:18:48 GMT
accept-ranges: bytes
content-length: 66674
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/maharashtra_1030_20190404091854.jpg

162.214.80.70

200 OK

92 kB

URL HTTP/2
medicineeducation.in/img/maharashtra_1030_20190404091854.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 751x501, components 3\012- data
Size
92 kB (92024 bytes)
Hash
8e4d43ce0410a6371ce40c2a4fd588c7
6b0866e4ac80da02f2a3bd3006e99e0c35f54aed
65a117183f4790de0eac1c0b5765e86e10b50d087c7c3d6060f0af8dbc8fdadf

HTTP Headers

GET /img/maharashtra_1030_20190404091854.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 17:18:50 GMT
accept-ranges: bytes
content-length: 92024
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/kerala-handy-travel-guide-700x460-1.jpg

162.214.80.70

200 OK

93 kB

URL HTTP/2
medicineeducation.in/img/kerala-handy-travel-guide-700x460-1.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x460, components 3\012- data
Size
93 kB (92717 bytes)
Hash
5d89254601fc5826820ec4ca39670d7c
4525b82d554133c22413cee5d59574c2803d0cf0
cffffcaaf8880f4abd33e7826486cd22d65bf29f48422cac160f4c66fa270e7f

HTTP Headers

GET /img/kerala-handy-travel-guide-700x460-1.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 17:19:01 GMT
accept-ranges: bytes
content-length: 92717
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/aboutus.jpg

162.214.80.70

200 OK

104 kB

URL HTTP/2
medicineeducation.in/img/aboutus.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 382x386, components 3\012- data
Size
104 kB (104357 bytes)
Hash
4168b59fc00b18a3dc41d21d1019a43d
a70d3a3edbfac0d808a237187d843350ca04d89e
9e5489bbb31d3e8ceef0ab551170402896a8c5a0236cc77f76d447626bfb6bf9

HTTP Headers

GET /img/aboutus.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:10 GMT
accept-ranges: bytes
content-length: 104357
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/aboutus-bg.jpg

162.214.80.70

200 OK

27 kB

URL HTTP/2
medicineeducation.in/img/aboutus-bg.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 354x374, components 3\012- data
Size
27 kB (26971 bytes)
Hash
579cd204ea788b357dbaf7074d01561d
409f4944534ebcf0eddefffea14c3ec99bd27573
8c704a18b3a2d8b7a7e2f047d05082bcbd17b4bf138497c913e7da73596425c8

HTTP Headers

GET /img/aboutus-bg.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medicineeducation.in/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:09 GMT
accept-ranges: bytes
content-length: 26971
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/slider.jpg

162.214.80.70

200 OK

94 kB

URL HTTP/2
medicineeducation.in/img/slider.jpg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1728x1152, components 3\012- data
Size
94 kB (94253 bytes)
Hash
b5a2124a7a1aafc28858c250372e7ae8
d2aec7eaa3a3448db20ce858a540c92d5dd30a7e
9a53db3828ba51152d021a16b074e02a3aeb33b4e0855688fe86c3daf4eae7db

HTTP Headers

GET /img/slider.jpg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:44 GMT
accept-ranges: bytes
content-length: 94253
content-type: image/jpeg
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/fonts/fontawesome-webfont.woff2?v=4.7.0

162.214.80.70

200 OK

77 kB

URL HTTP/2
medicineeducation.in/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://medicineeducation.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:56 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/fav-icon.png

162.214.80.70

200 OK

8.0 kB

URL HTTP/2
medicineeducation.in/img/fav-icon.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 170 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (7996 bytes)
Hash
b325971bf2c6cff68141e854c136c209
a3cbf3bf98d3025d3f67e567e3cd1479510177a2
b30978f0bd340f9744ecf4cd3c22709bb7d1d020c6fb489605689224620c790c

HTTP Headers

GET /img/fav-icon.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:19 GMT
accept-ranges: bytes
content-length: 7996
content-type: image/png
date: Wed, 01 Mar 2023 02:11:45 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11499
Expires: Wed, 01 Mar 2023 05:23:24 GMT
Date: Wed, 01 Mar 2023 02:11:45 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11499
Expires: Wed, 01 Mar 2023 05:23:24 GMT
Date: Wed, 01 Mar 2023 02:11:45 GMT
Connection: keep-alive

medicineeducation.in/fonts/fontawesome-webfont.woff?v=4.7.0

162.214.80.70

200 OK

98 kB

URL HTTP/2
medicineeducation.in/fonts/fontawesome-webfont.woff?v=4.7.0
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Size
98 kB (98024 bytes)
Hash
fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://medicineeducation.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:55 GMT
accept-ranges: bytes
content-length: 98024
content-type: font/woff
date: Wed, 01 Mar 2023 02:11:45 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11499
Expires: Wed, 01 Mar 2023 05:23:24 GMT
Date: Wed, 01 Mar 2023 02:11:45 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11499
Expires: Wed, 01 Mar 2023 05:23:24 GMT
Date: Wed, 01 Mar 2023 02:11:45 GMT
Connection: keep-alive

medicineeducation.in/js/cubeportfolio.min.js

162.214.80.70

200 OK

36 kB

URL HTTP/2
medicineeducation.in/js/cubeportfolio.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
36 kB (35707 bytes)
Hash
b8cafc2a2632f8cad46b6ad90f71d53f
ed4e0081f0a409b9d09cb9cea9923ee490dc363c
00357ad94043e285a3205c13ba0b71083e4110f8c9e6132c5c50cf49dbf95f96

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/cubeportfolio.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10391 bytes)
Hash
3874c3a95ebd4b7fe922878cf7d818ac
d2f74c496308d92082e9499ebde79b65226c63ee
53ca673869045cde8b0c7ad37ecae0583f60545215b86d3197cffd93323a177a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10391
x-amzn-requestid: 3b126435-0e9d-4688-84d3-dedea6fc024f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BEbroFO8oAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fe7316-630925bc14685ec8593eb2ee;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IxeAET6uxzcr1cUTdoUPp6Vc6vvFMDMTQRU3eftq36GS02eKiy13Eg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 21:38:44 GMT
age: 16381
etag: "d2f74c496308d92082e9499ebde79b65226c63ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7613bb6-fad8-4a15-a520-e65e62df9d85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3601 bytes)
Hash
d7ec4eb3b34b866ae1182da3969a3490
8490fb1c9d3401552b78e090e8f3c58e73652e1a
791fe1c82ef40592f5360e67fba5f0fadef4d39d7677d4f4938a0cf920d46465

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7613bb6-fad8-4a15-a520-e65e62df9d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3601
x-amzn-requestid: 1584ca96-9fb7-466d-b5ca-c0b77cdf0fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBO8AE9VIAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd2b7f-2b09af7c664124ad6228ed6f;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 22:15:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: if0voVZBRNBp_Brmfdv9_mSJ9IN8EJl20Op32c83lfoDWzVOqLgkGA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 15:13:48 GMT
age: 39477
etag: "8490fb1c9d3401552b78e090e8f3c58e73652e1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

medicineeducation.in/js/jquery-fancybox.min.js

162.214.80.70

200 OK

30 kB

URL HTTP/2
medicineeducation.in/js/jquery-fancybox.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
30 kB (30517 bytes)
Hash
0ac44cf45dd55206cbfb6fdbde2e91a5
ce8bf7b64f15fd1169c68d15079d9bfa392e61a7
6d07b8dbd3cd0667b94e8b3aef05829fbb96b3fdff6e7c1614a2d870b7d894b8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/jquery-fancybox.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9644 bytes)
Hash
e9c53b037c590cde3ec26668342bb79c
18176b39b2888a4843a551dcf544e6ff42071635
77580642879580aab11f6c95763029fa58ed25f6cafb1fcee71facc573cf3cd7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9644
x-amzn-requestid: 8bc468d2-5ab6-46dc-a4c3-f3243d455400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A36FeEMyoAMF2zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f97089-1d978335370496ab14681c79;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 02:20:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FwdH1r4EZ3C5VuH0WEJXgFDJQTWci-3YFCcezK_eko19JYIcKTCGXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 03:47:04 GMT
age: 80681
etag: "18176b39b2888a4843a551dcf544e6ff42071635"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b4bf4e-f145-4c9e-abad-1756e89c765f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4866 bytes)
Hash
2eedbee19ad8b7fe24b5c3cda8d92825
1eaffe902658900d684f44e4c68234075f65cb87
e0c5964a97e0c292958c7ae074d6384bac147d13fb8daf900d2097b46092205c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b4bf4e-f145-4c9e-abad-1756e89c765f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4866
x-amzn-requestid: 31a47ad4-8fad-4775-b4d6-bdebe4b2cad1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BCPNsGvKoAMF9tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd9257-57f9393a4cfbedbb3cc3ac3e;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 05:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vOn3KLLGRgUecNwC9a0jr_-Z4WnjZgbGLLZESE-2cCu0PMRFCBbOxA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 15:46:10 GMT
age: 37535
etag: "1eaffe902658900d684f44e4c68234075f65cb87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

medicineeducation.in/whatsapp.svg

162.214.80.70

200 OK

2.6 kB

URL HTTP/2
medicineeducation.in/whatsapp.svg
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2587), with no line terminators
Size
2.6 kB (2587 bytes)
Hash
f7f35fd9962a175a24edfac979e57c9e
961a26e67ce70bac1910bf212f6c0b138e398c0c
e1da470a09fd878b305d5faf419bffe5184c5f388004a967e8b318a42698cff8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /whatsapp.svg HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 16:53:25 GMT
accept-ranges: bytes
content-length: 2587
content-type: image/svg+xml
date: Wed, 01 Mar 2023 02:11:45 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/fonts/fontawesome-webfont.ttf?v=4.7.0

162.214.80.70

200 OK

166 kB

URL HTTP/2
medicineeducation.in/fonts/fontawesome-webfont.ttf?v=4.7.0
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size
166 kB (165548 bytes)
Hash
b06871f281fee6b241d60582ae9369b9
13b1eab65a983c7a73bc7997c479d66943f7c6cb
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

HTTP Headers

GET /fonts/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://medicineeducation.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Mar 2023 02:11:46 GMT
server: nginx/1.21.6
content-type: font/ttf
content-length: 165548
last-modified: Tue, 08 Mar 2022 17:04:54 GMT
accept-ranges: bytes
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.25.14

200 OK

77 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://medicineeducation.in
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Mar 2023 02:11:45 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2944635
expires: Mon, 19 Feb 2024 02:11:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNR2WAx8OAR36sc1fiWzLdNHT%2FaHyA0ZFE%2BrRsPwCp0Zbx0AKtid3dUmNEDgiyvcM5K%2BNlkf4Ss18ekFbsmuVT4mIrrdZFBPMci40b3RmEvlq%2BA%2FiFnjwTxW%2BjJe%2BYYy0Xed7Pvh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a0ddf01c8bdb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

medicineeducation.in/css/bootstrap.min.css

162.214.80.70

200 OK

0 B

URL HTTP/2
medicineeducation.in/css/bootstrap.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/css/cubeportfolio.min.css

162.214.80.70

200 OK

0 B

URL HTTP/2
medicineeducation.in/css/cubeportfolio.min.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/cubeportfolio.min.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/img/process1.png

162.214.80.70

200 OK

0 B

URL HTTP/2
medicineeducation.in/img/process1.png
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/process1.png HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:04:33 GMT
accept-ranges: bytes
content-length: 3785
content-type: image/png
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/jquery.min.js

162.214.80.70

200 OK

0 B

URL HTTP/2
medicineeducation.in/js/jquery.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/style.css

162.214.80.70

200 OK

0 B

URL HTTP/2
medicineeducation.in/style.css
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /style.css HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 16:53:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Wed, 01 Mar 2023 02:11:43 GMT
server: Apache
X-Firefox-Spdy: h2

medicineeducation.in/js/owl-carousel.min.js

162.214.80.70

200 OK

0 B

URL HTTP/2
medicineeducation.in/js/owl-carousel.min.js
IP
162.214.80.70:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/owl-carousel.min.js HTTP/1.1
Host: medicineeducation.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medicineeducation.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 08 Mar 2022 17:03:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 01 Mar 2023 02:11:44 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML