Report - medies.care/

Report Overview

Submitted URL
medies.care/
IP
85.214.51.223
ASN
#6724 Strato AG
Submitted
2023-02-22 06:03:28
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	5.6 kB	216.58.211.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.4 kB	77 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	76 kB	34.120.237.76
medies.care	unknown	2022-03-30T09:17:28Z	2023-03-13T06:03:17Z	343 B	352 B	85.214.51.223
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.medies.care	unknown	2022-03-30T17:35:06Z	2023-03-06T00:03:19Z	11 kB	1.1 MB	85.214.51.223
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.33.119.27
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.148.90.97
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	425 B	630 B	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-22	medium	medies.care/	Phishing
2023-02-22	medium	www.medies.care/	Phishing
2023-02-22	medium	www.medies.care/js/modernizr-custom.js	Phishing
2023-02-22	medium	www.medies.care/img/furniture/furniture-3.webp	Phishing
2023-02-22	medium	www.medies.care/img/furniture/furniture-2.webp	Phishing
2023-02-22	medium	www.medies.care/js/main.js	Phishing
2023-02-22	medium	www.medies.care/img/furniture/furniture-1.webp	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	www.medies.care/js/modernizr-custom.js	3.4 kB	2023-03-07	2024-03-20
Pretty URL www.medies.care/js/modernizr-custom.js IP 85.214.51.223 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-03-20 16:25:03 Times Seen338 Hash 925b1cfb3ff415d8a781c0a026a8f096 c7b3e086a5789ca2f8df8ea8b11148c23a5c785a 0db8807e1b34fff0005dfd2ee5e01e4467aa208a9e63f3291eeed6c2f1c47de9 Loading...

	www.medies.care/	41 B	2023-03-07	2024-04-18
Pretty URL www.medies.care/ IP 85.214.51.223 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-18 15:45:55 Times Seen7134 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 13:08:42 Times Seen36960094 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12	2024-01-28
Pretty Observations First Seen2023-03-12 12:17:15 Last Seen2024-01-28 13:22:54 Times Seen21116 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (63)

URL IP Response Size

medies.care/

85.214.51.223

301 Moved Permanently

162 B

URL HTTP/1.1
medies.care/
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 22 Feb 2023 06:03:17 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.medies.care/

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9576
Expires: Wed, 22 Feb 2023 08:42:53 GMT
Date: Wed, 22 Feb 2023 06:03:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10159
Expires: Wed, 22 Feb 2023 08:52:36 GMT
Date: Wed, 22 Feb 2023 06:03:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c926acb3daeb63b5374bdc352bbb679
167a2af5a3c8d1ec6d16c8f7ef1e063ce14ed481
e0bbf50d7d572d0b16ba4be51b190c4776777ecb572db9b25574b66d8e56ce36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0BBF50D7D572D0B16BA4BE51B190C4776777ECB572DB9B25574B66D8E56CE36"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6072
Expires: Wed, 22 Feb 2023 07:44:29 GMT
Date: Wed, 22 Feb 2023 06:03:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 05:53:46 GMT
content-type: application/json
age: 571
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Kon8/YiVpuVLjbdTzAwfz2geZ4404LIPcDlG0C3+959l/9iEUVw4w491Go5nQRU7GNa3hc/9dQo=
x-amz-request-id: R324S3CD75XJZ2XV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 05:23:03 GMT
age: 2414
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 06:03:17 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Feb 2023 05:20:35 GMT
age: 2562
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.medies.care/

85.214.51.223

200 OK

11 kB

URL HTTP/1.1
www.medies.care/
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
11 kB (11226 bytes)
Hash
6feb55c21a4ac5e84bf2abc28fc7a1c7
406b59f073634da90e1d91e7afc8689f195e874a
953a6ffb6c975602e48b19a3c504376835372a4d4c2c24218a56a457cb20d434

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:17 GMT
Content-Type: text/html
Content-Length: 11226
Last-Modified: Wed, 30 Mar 2022 16:07:39 GMT
Connection: keep-alive
ETag: "6244804b-2bda"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6790
Expires: Wed, 22 Feb 2023 07:56:28 GMT
Date: Wed, 22 Feb 2023 06:03:18 GMT
Connection: keep-alive

www.medies.care/vendors/flaticon/flaticon.css

85.214.51.223

200 OK

1.2 kB

URL HTTP/1.1
www.medies.care/vendors/flaticon/flaticon.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text
Size
1.2 kB (1154 bytes)
Hash
52e98ba12b82aa8ebaabcee9862520c6
937126863cd485219868e9ecfac5288421f203ca
1c2fe0ac1ea3095c21583d6bd64ee4c4a5b0fe77b7adf86e81fbb00d54fe9b5b

HTTP Headers

GET /vendors/flaticon/flaticon.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: text/css
Content-Length: 1154
Last-Modified: Wed, 30 Mar 2022 16:06:35 GMT
Connection: keep-alive
ETag: "6244800b-482"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/vendors/linericon/style.css

85.214.51.223

200 OK

7.0 kB

URL HTTP/1.1
www.medies.care/vendors/linericon/style.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (7032)
Size
7.0 kB (7033 bytes)
Hash
877b0b4222420ee83431a35f55222212
805d3933ee7e60fb1f6312dc48482d5482bff339
f1aa093bcc38b75c474b103e7c197a50f2f5e8b91d43e0f48f8b80d37f22fbaa

HTTP Headers

GET /vendors/linericon/style.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: text/css
Content-Length: 7033
Last-Modified: Wed, 30 Mar 2022 16:06:46 GMT
Connection: keep-alive
ETag: "62448016-1b79"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/js/modernizr-custom.js

85.214.51.223

200 OK

3.4 kB

URL HTTP/1.1
www.medies.care/js/modernizr-custom.js
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (3302)
Size
3.4 kB (3401 bytes)
Hash
925b1cfb3ff415d8a781c0a026a8f096
c7b3e086a5789ca2f8df8ea8b11148c23a5c785a
0db8807e1b34fff0005dfd2ee5e01e4467aa208a9e63f3291eeed6c2f1c47de9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/modernizr-custom.js HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: application/javascript
Content-Length: 3401
Last-Modified: Wed, 30 Mar 2022 16:05:57 GMT
Connection: keep-alive
ETag: "62447fe5-d49"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/css/main.css

85.214.51.223

200 OK

199 kB

URL HTTP/1.1
www.medies.care/css/main.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (65536), with no line terminators
Size
199 kB (198739 bytes)
Hash
1cd8f7254421075c0a008080c0261df5
fd3d919ea2adc8fde0f4ddd0b0be74e1ccb6ac84
34d72924701b71b032df105f336158393180e98f80fa520efaef6566cceeec6a

HTTP Headers

GET /css/main.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: text/css
Content-Length: 198739
Last-Modified: Wed, 30 Mar 2022 16:05:31 GMT
Connection: keep-alive
ETag: "62447fcb-30853"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a27ee3b3c913f55d085b5f85d622e206
2dac3b909debcd683e1f917fc633e71fe2a8d68a
544a2538b1a316f1963a28b489103723a8977ffea4e2baf22d0095001ffdc1af

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/css/main_2.css

85.214.51.223

200 OK

105 kB

URL HTTP/1.1
www.medies.care/css/main_2.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (27303)
Size
105 kB (104894 bytes)
Hash
5402be9d0d8f1b3bba4fc750c01253e0
9ac403adff4ead978183648b94d62a484cdf0789
1d8feb4fec960d5723e9cac866e52d5417f082bca5bde6e9e101cba9600e1a4b

HTTP Headers

GET /css/main_2.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: text/css
Content-Length: 104894
Last-Modified: Wed, 30 Mar 2022 16:05:31 GMT
Connection: keep-alive
ETag: "62447fcb-199be"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_3.png

85.214.51.223

200 OK

6.3 kB

URL HTTP/1.1
www.medies.care/img/icon_3.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
6.3 kB (6300 bytes)
Hash
4f3802a2c8e0a296e4b569e3e6ba8d46
98efcb1925a6be1b300abb07694f3ab26164e010
b945704ddc90aec09f5532c58dfcf82ca69c3b02a8c96526947a5a8f5b7955d5

HTTP Headers

GET /img/icon_3.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 6300
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-189c"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_4.png

85.214.51.223

200 OK

5.7 kB

URL HTTP/1.1
www.medies.care/img/icon_4.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5733 bytes)
Hash
5efeafce8517875c56fc467d25edc42f
a49cdc28c792c502f4f10d27e8fab4dd2fa2c752
87d135d2d274889debb8f92be190c8890ddcd17877c858b3e842e3d826b9cac8

HTTP Headers

GET /img/icon_4.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 5733
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-1665"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_5.png

85.214.51.223

200 OK

5.9 kB

URL HTTP/1.1
www.medies.care/img/icon_5.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5923 bytes)
Hash
97d41878130822f50290d82839f8f0c5
6ecdcec9d5fa77a34e33f30ae758b2e591c31a9a
d470046393435cf179fb649e5d7d1fcd68745bd30fa68ba51bde9917fb100b1c

HTTP Headers

GET /img/icon_5.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 5923
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-1723"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a27ee3b3c913f55d085b5f85d622e206
2dac3b909debcd683e1f917fc633e71fe2a8d68a
544a2538b1a316f1963a28b489103723a8977ffea4e2baf22d0095001ffdc1af

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/img/furniture/furniture-3.webp

85.214.51.223

200 OK

6.1 kB

URL HTTP/1.1
www.medies.care/img/furniture/furniture-3.webp
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x211, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.1 kB (6092 bytes)
Hash
711a15e6e7c0bd293b3d5ab0fdda4f6f
55e8377007af0f218e1ced6a9213ec396b62368c
65a84eb18c58380e58b4478e0bbe9f0142bf0f0c6e1e06ffe211c72378950d12

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/furniture/furniture-3.webp HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/webp
Content-Length: 6092
Last-Modified: Wed, 30 Mar 2022 16:06:20 GMT
Connection: keep-alive
ETag: "62447ffc-17cc"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/furniture/furniture-2.webp

85.214.51.223

200 OK

12 kB

URL HTTP/1.1
www.medies.care/img/furniture/furniture-2.webp
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x211, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12436 bytes)
Hash
3c65154910c57868b7bcc32fa9ecce50
4528af97a2378ed2c457b75963a61fd7a3c8b89e
1057a850ac4e673a8fab7d35a5c7252c0e2c08fcded21035426367d7d0177c37

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/furniture/furniture-2.webp HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/webp
Content-Length: 12436
Last-Modified: Wed, 30 Mar 2022 16:06:20 GMT
Connection: keep-alive
ETag: "62447ffc-3094"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/js/main.js

85.214.51.223

200 OK

280 kB

URL HTTP/1.1
www.medies.care/js/main.js
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (32058)
Size
280 kB (279639 bytes)
Hash
7d4191e5c052d2e6dc83803ded000789
c0aa6eebcfe0d20d866cd447cc35d49312e25aa7
75726e5e90f278eb872946ca0e30f353e468c0c54a05a0a4d0278c456007f766

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/main.js HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: application/javascript
Content-Length: 279639
Last-Modified: Wed, 30 Mar 2022 16:05:57 GMT
Connection: keep-alive
ETag: "62447fe5-44457"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_1.png

85.214.51.223

200 OK

5.3 kB

URL HTTP/1.1
www.medies.care/img/icon_1.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5319 bytes)
Hash
ba618037dc4d174d8a490595769d5030
e1c402d71b70197b961bb5044c82a2ccd72a9780
30655e4953c2640e484c7dfeffdf9bce57b47d991e04e6941b742b5f6e100eaa

HTTP Headers

GET /img/icon_1.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 5319
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-14c7"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/banner/home-banner.jpg

85.214.51.223

200 OK

182 kB

URL HTTP/1.1
www.medies.care/img/banner/home-banner.jpg
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x900, components 3\012- data
Size
182 kB (181735 bytes)
Hash
10c664ae179e60ae3a148a666262e84b
65ca870e06849224dd4798e37edec340d9d9a617
72069da7b10ced2e3118620083b9b77580c23fdcc35432ef0a14e5cd5d324c90

HTTP Headers

GET /img/banner/home-banner.jpg HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/jpeg
Content-Length: 181735
Last-Modified: Wed, 30 Mar 2022 16:06:03 GMT
Connection: keep-alive
ETag: "62447feb-2c5e7"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/notify-bg.jpg

85.214.51.223

200 OK

115 kB

URL HTTP/1.1
www.medies.care/img/notify-bg.jpg
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251Narith Thongphasuk38 - stock.adobe.com], baseline, precision 8, 1920x612, components 3\012- data
Size
115 kB (114778 bytes)
Hash
31dfd7b218eb4f3097979a3c3671965c
bf87573ff2901621072eb0b85726f4562370d695
66226396773ed5c91e8ecbb6997f5bb38bfb9c085ed3ad77bf433a752ab41f9a

HTTP Headers

GET /img/notify-bg.jpg HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/jpeg
Content-Length: 114778
Last-Modified: Wed, 30 Mar 2022 16:05:50 GMT
Connection: keep-alive
ETag: "62447fde-1c05a"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_6.png

85.214.51.223

200 OK

4.2 kB

URL HTTP/1.1
www.medies.care/img/icon_6.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4206 bytes)
Hash
0a84dd191325671f8c5b41ed4ba9fef4
53011e9c655a3eebd4e0cbe1675ff88f11c0a1c9
5258aee701153bd2855a2f9ae66281f7daa131ebafc2da19b29391c9ffb3562f

HTTP Headers

GET /img/icon_6.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 4206
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-106e"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

push.services.mozilla.com/

54.148.90.97

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.90.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +C4Y8phK+z4oUuur33kPMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yvkS1VBSzSeCJXAn8+eHoMtbeP0=

www.medies.care/img/clients-logo/c-logo-3.png

85.214.51.223

200 OK

5.7 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-3.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5745 bytes)
Hash
43a2bfec90eabe843a39eb9c6082f9b7
f18b0d7ab85f20a68390a1600e198388599463a8
fd52ecf8936af56315fa661f5cee4f2fe2340d9f1e5e2f00f089b544e5fa1761

HTTP Headers

GET /img/clients-logo/c-logo-3.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 5745
Last-Modified: Wed, 30 Mar 2022 16:06:07 GMT
Connection: keep-alive
ETag: "62447fef-1671"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/clients-logo/c-logo-2.png

85.214.51.223

200 OK

6.4 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-2.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6401 bytes)
Hash
8e37dce60ffdff92110d2da0dc5e6eb2
e6689013e06a5db7ebba58793306ea0ba5dbe03b
3ea1c4bd9a116517a93f435344bb37c5ddd7a1fb9608e59b589710410f7169a7

HTTP Headers

GET /img/clients-logo/c-logo-2.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 6401
Last-Modified: Wed, 30 Mar 2022 16:06:07 GMT
Connection: keep-alive
ETag: "62447fef-1901"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/furniture/furniture-1.webp

85.214.51.223

200 OK

14 kB

URL HTTP/1.1
www.medies.care/img/furniture/furniture-1.webp
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x211, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
14 kB (14538 bytes)
Hash
671bdd98fc6c5f6b60c086a83fc8c0be
90cf63774366d5706219966be0d5b05d85c8ec80
f58f820b237fb845f6be1efcd448794155ddad17be1e04d5da3849d8c452564f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/furniture/furniture-1.webp HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/webp
Content-Length: 14538
Last-Modified: Wed, 30 Mar 2022 16:06:19 GMT
Connection: keep-alive
ETag: "62447ffb-38ca"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2

142.250.74.3

200 OK

27 kB

URL HTTP/2
fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 27116, version 1.0\012- data
Size
27 kB (27116 bytes)
Hash
13c1ac7fc8f934e169620e81471a3a54
d111242b230c54204e9ec061537869f8ce20cb53
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed

HTTP Headers

GET /s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 02:08:11 GMT
expires: Sat, 17 Feb 2024 02:08:11 GMT
cache-control: public, max-age=31536000
age: 446107
last-modified: Mon, 11 Jul 2022 20:35:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2

142.250.74.3

200 OK

7.0 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7016, version 1.0\012- data
Size
7.0 kB (7016 bytes)
Hash
53f395eb854a40e978706b1082570e42
70fba5c0c3e1f5c5786e615d35a21c54b1c0a39c
713780d8b30bda5583052ea847cdcb4f2956c2ac5ff38a7e538ba8f14ad1043e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 08:39:34 GMT
expires: Sat, 17 Feb 2024 08:39:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:02 GMT
content-type: font/woff2
age: 422624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.medies.care/img/icon_2.png

85.214.51.223

200 OK

5.6 kB

URL HTTP/1.1
www.medies.care/img/icon_2.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5586 bytes)
Hash
426bd41669be86f8579a49e05975150e
503358e6b16b957d1617925604452a6e9b34a955
f3699ca32fb0ab72c394de5de74e0d1ddb141b851cdc647eef066281b6e3f97f

HTTP Headers

GET /img/icon_2.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 5586
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-15d2"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/clients-logo/c-logo-1.png

85.214.51.223

200 OK

5.0 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-1.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (4953 bytes)
Hash
61b67b2bd60ed7fa14552626e757892a
b97dd5294806f2a8465c08e1c728c3a71bf1ccd6
56e0746d8a46093ec1e68a062aa10ba5407249a04d00084bea13dec5766db661

HTTP Headers

GET /img/clients-logo/c-logo-1.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 4953
Last-Modified: Wed, 30 Mar 2022 16:06:07 GMT
Connection: keep-alive
ETag: "62447fef-1359"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.3

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Feb 2023 13:15:37 GMT
expires: Thu, 15 Feb 2024 13:15:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 578861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.medies.care/img/clients-logo/c-logo-5.png

85.214.51.223

200 OK

6.0 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-5.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (6042 bytes)
Hash
2d9ac934928ef9851d3cb267194ee893
c2f927c3092e607d027db5252bb9044b5d1ffb60
0dd302b82444081b6dc915214f019f9854a6cbf1cf375eed804846fd1ddea7e9

HTTP Headers

GET /img/clients-logo/c-logo-5.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 6042
Last-Modified: Wed, 30 Mar 2022 16:06:08 GMT
Connection: keep-alive
ETag: "62447ff0-179a"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

142.250.74.3

200 OK

7.1 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7112, version 1.0\012- data
Size
7.1 kB (7112 bytes)
Hash
28668857bef1b85c5748a482cf9b74af
7cfbc415c45b2274a5997255fbec0fb53bbe327d
daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 10:01:53 GMT
expires: Sat, 17 Feb 2024 10:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:55 GMT
content-type: font/woff2
age: 417685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/vendors/linericon/fonts/Linearicons-Free.woff2?w118d

85.214.51.223

200 OK

22 kB

URL HTTP/1.1
www.medies.care/vendors/linericon/fonts/Linearicons-Free.woff2?w118d
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
Web Open Font Format (Version 2), TrueType, length 21780, version 1.0\012- data
Size
22 kB (21780 bytes)
Hash
03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

HTTP Headers

GET /vendors/linericon/fonts/Linearicons-Free.woff2?w118d HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.medies.care/vendors/linericon/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: font/woff2
Content-Length: 21780
Last-Modified: Wed, 30 Mar 2022 16:07:01 GMT
Connection: keep-alive
ETag: "62448025-5514"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.3

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Feb 2023 07:51:59 GMT
expires: Thu, 15 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 598279
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.medies.care/img/clients-logo/c-logo-4.png

85.214.51.223

200 OK

8.3 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-4.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
8.3 kB (8296 bytes)
Hash
095b57b0e66409276f9705aaadc70e3d
042976d728895fdb70be1864a90e8d9ab691f551
0fe830c3c32ad4f4d33371be2e651ca746c3b2b0c26f372052c48bdf5a077b66

HTTP Headers

GET /img/clients-logo/c-logo-4.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 8296
Last-Modified: Wed, 30 Mar 2022 16:06:08 GMT
Connection: keep-alive
ETag: "62447ff0-2068"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a23c02395db35b23415f9166f0bf1ef7
48493c7a9f3e53bba12610e18b6af6830402d9bf
0fb0e3186d0e703f1c5e85076234c223b186ffca73b97b8fbefccaf15d679081

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 06:03:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/img/logo-2.png

85.214.51.223

200 OK

9.9 kB

URL HTTP/1.1
www.medies.care/img/logo-2.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 245 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9909 bytes)
Hash
d81985ac35f45d1be4c1e8d6728bf395
645d02037b338e8803910f35c011453f47037ada
b69441a8d8888d0a9ae13c818bc80e4629aa041931687bbefda8bb494fbedf5a

HTTP Headers

GET /img/logo-2.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 9909
Last-Modified: Wed, 30 Mar 2022 16:05:49 GMT
Connection: keep-alive
ETag: "62447fdd-26b5"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/fonts/fontawesome-webfont.woff2?v=4.5.0

85.214.51.223

200 OK

72 kB

URL HTTP/1.1
www.medies.care/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.medies.care/css/main_2.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: font/woff2
Content-Length: 71896
Last-Modified: Wed, 30 Mar 2022 16:05:45 GMT
Connection: keep-alive
ETag: "62447fd9-118d8"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/favicon.png

85.214.51.223

200 OK

5.9 kB

URL HTTP/1.1
www.medies.care/img/favicon.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5868 bytes)
Hash
20b83a9a39c6cc973c9083dd039552c1
c1ee9da3853642296d04eb403b8d6310d476f24f
4a7fe8c5e6fc969094da2e122ca315104461f3759af74fc54e5a528cb9e79b03

HTTP Headers

GET /img/favicon.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 06:03:18 GMT
Content-Type: image/png
Content-Length: 5868
Last-Modified: Wed, 30 Mar 2022 16:05:47 GMT
Connection: keep-alive
ETag: "62447fdb-16ec"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12800
Expires: Wed, 22 Feb 2023 09:36:39 GMT
Date: Wed, 22 Feb 2023 06:03:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12800
Expires: Wed, 22 Feb 2023 09:36:39 GMT
Date: Wed, 22 Feb 2023 06:03:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12800
Expires: Wed, 22 Feb 2023 09:36:39 GMT
Date: Wed, 22 Feb 2023 06:03:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12800
Expires: Wed, 22 Feb 2023 09:36:39 GMT
Date: Wed, 22 Feb 2023 06:03:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12800
Expires: Wed, 22 Feb 2023 09:36:39 GMT
Date: Wed, 22 Feb 2023 06:03:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F728bbd7e-231a-403a-b5ab-fe1fb2f394d2.jpeg

34.120.237.76

200 OK

19 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F728bbd7e-231a-403a-b5ab-fe1fb2f394d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
19 kB (19260 bytes)
Hash
0c7874cbc7748925eed57e2c1b770c46
b5f10c1f69b0e4b68f0a8ae292c7077ff154c5d6
ea6629c67f3ab3dcec3725e1caee11fb2194fe68f6c7e476c4b8ec3a482f63a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F728bbd7e-231a-403a-b5ab-fe1fb2f394d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 19260
x-amzn-requestid: d41702e1-189c-41de-ac79-3f37291603cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXaOGLiIAMFy4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5390d-511d11f9102f2fd206b88904;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Rt8iDosXE_bTA058FU_6KdCCtGF-oG-kM6IRDadVuHdHZcPcbp4i8A==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:43 GMT
age: 29556
etag: "b5f10c1f69b0e4b68f0a8ae292c7077ff154c5d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8032 bytes)
Hash
2cd2e85474bc5b6daa19eb8722e81d60
e62a0bf2f9a9b7bdbf45f45278ac89a450075979
bcbe4d59fd3b27549647f51bec45599ba48b386436675f1a64c3d3b96fc13f77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8032
x-amzn-requestid: 4f2da189-b0ad-4f13-a0ca-643bb716e2b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW0FGV4IAMFSxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53819-33884245247d3a1347382b4b;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -uuJJJHFFFjg2ODEALrPgxi10MnWEnyVsWGwKoVNzM6o8gLFLZv2gA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:59:14 GMT
age: 29045
etag: "e62a0bf2f9a9b7bdbf45f45278ac89a450075979"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F233d13ff-ce2a-43de-ab69-4e2865aaa5f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10460 bytes)
Hash
509a469a92f254d56ce73d0e83cf73ff
b8422149c6f54534350e7b848c78defad2608c10
6274ece9c4e7360879f139911b3e62f50127116eca8af78bb0fba3f80f666e3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F233d13ff-ce2a-43de-ab69-4e2865aaa5f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10460
x-amzn-requestid: dd72d742-34a1-47f1-b909-d1580afcbff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AnhrAH3WoAMFVMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f2e312-0be97ec77e3e2e1f17a35809;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 03:03:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9b9ICgRsb-NNQCV1ptEx76oMj4SyKBJOouHGY6q668L5Favr3BY6UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 04:08:24 GMT
age: 6895
etag: "b8422149c6f54534350e7b848c78defad2608c10"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644e40db-f353-42c8-b8f3-a3d61b067916.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7733 bytes)
Hash
81c0d076a45e9141fd7bbca61d5c0cee
989a1ed5045736130244544586ec5ae24b4e77dc
d3d4ecc39dc8ed3086d6d79f17fe4e01b4ba21a3a221f9d0efe31de04a0cb08e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644e40db-f353-42c8-b8f3-a3d61b067916.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7733
x-amzn-requestid: 33d1af39-36ea-4fb8-b451-67dd5a1a6e56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW0oEz-IAMFv7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5381d-3bb7c95c1dafdad70dfd9add;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wl8fHBpXq76Cpk1yrIGZeX9hMS1Z1vrsfDp2GgUNywxyILZ9Uyl9Zg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:38 GMT
age: 29561
etag: "989a1ed5045736130244544586ec5ae24b4e77dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0efa662e-c334-4c53-be4c-81925d55c117.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8959 bytes)
Hash
b55335999a026a3bf5d8c8c920a31562
08259dd5654e530dc29c35ea537bae21aa88fb0a
69b1cb1bb453da683c879daaf2f266f4ac7399e5de90cae879ce2fa19ac182cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0efa662e-c334-4c53-be4c-81925d55c117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8959
x-amzn-requestid: 1c3579bb-647b-499b-afce-f420de41686c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXqyFDSoAMFhAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53977-500bef655fb9e0f744216d05;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qTYasQOed2Yym0WmLEv6OW5yB7EL8U1EmHAWiw7RWlADvNgrvraKOw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 22:17:46 GMT
age: 27933
etag: "08259dd5654e530dc29c35ea537bae21aa88fb0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7734 bytes)
Hash
e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4p_3GsIf-LsYLyJFnNh6FQO9q9kHTViRECnpKSnV1xkkZ_PybwmZeg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:51:45 GMT
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
age: 29494
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e24f1d-de97-4bf8-b910-527022ff1c52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5908 bytes)
Hash
d458049fca94707ad6e921e165fceeb7
fe74bce6179e7e4c969dc90b756da303fa6f7e11
dfa8dbba59b4a1f9ba56083598e02018ee10966c67c637efb0fdea5b50e927e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e24f1d-de97-4bf8-b910-527022ff1c52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5908
x-amzn-requestid: a676c995-5961-407a-bca2-9b79e9866193
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXYfF_UoAMFy7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53902-69008bca79b33828058d2140;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b1Yh5IZiXMcyLmb1lOAZsonHV99AoGg7YTDVjEf7233j1uA7eWCzqg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:50:34 GMT
age: 29572
etag: "fe74bce6179e7e4c969dc90b756da303fa6f7e11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Heebo:300,400,500,700|Roboto:300,400,500,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Heebo:300,400,500,700|Roboto:300,400,500,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Heebo:300,400,500,700|Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 22 Feb 2023 06:03:18 GMT
date: Wed, 22 Feb 2023 06:03:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (63)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type